johnnykaty
-
Items
132 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door johnnykaty
-
-
-
Logje zou in de bijlage moeten zitten.
-
Jammer maar helaas,
Ik heb beide uitgevoerd en dan terug proberen om de update uit te voeren maar het is niet gelukt.
Ik krijg nog steeds,
code 80073712
code 800B0100 als foutmelding.
KB957310 heeft zelfs een logje geplaatst en zelfs dat kan ik niet openen.(ben niet gemachtigd om dit te openen)
-
Hallo,
Graag zou ik ook van windows 7 naar windows 10 gaan, maar als ik de update wil uitvoeren krijg ik steeds 2 foutmeldingen.
Code 80073712
Code 800B0100
Weten jullie hoe ik dit kan oplossen?
Alvast dank op voorhand.
Mvg.
Johnny
-
Hier is de bijlage die gevraagd is.
-
Hier is de bijlage die gevraagd is.
-
Beste,
Graag zou ik nog eens gebruik willen maken van jullie deskundige hulp.
Mijn laptop heeft ontzettend veel last van pop-ups, is precies veel trager geworden en sluit geregeld uit zich zelf webpaginas af.
Graag had ik de laptop eens grondig willen opkuisen. Kunnen jullie mij hier aub mee helpen?
-
ok ik heb dit alles gedaan en kan je nu nog maar enkel bedanken voor de geboden hulp, thanks
-
ik heb mijn website gecontroleerd en het blijkt allemaal weg te zijn.
thanks
-
hier volgt het logbestand van AdwCleaner.
# AdwCleaner v3.007 - Report created 10/10/2013 at 16:29:32
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : johnny - THUIS-F8288AC5C
# Running from : C:\Documents and Settings\johnny\Bureaublad\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Documents and Settings\johnny\Local Settings\Application Data\AVG Nation toolbar
Folder Deleted : C:\Documents and Settings\johnny\Application Data\AVG Nation toolbar
Folder Deleted : C:\Documents and Settings\johnny\Application Data\goforfiles
Folder Deleted : C:\Documents and Settings\johnny\Application Data\Systweak
[!] Folder Deleted : C:\Documents and Settings\johnny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hphibigbodkkohoglgfkddblldpfohjl
File Deleted : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\0t1a57fy.default\user.js
File Deleted : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\1woa8qus.Standaardgebruiker\user.js
File Deleted : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\5dkd64lc.firefox\user.js
File Deleted : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\fsirrm82.default\user.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hphibigbodkkohoglgfkddblldpfohjl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\simplytech
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Uniblue\DriverScanner
Key Deleted : HKLM\Software\Vittalia
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Protected Search_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdater
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v24.0 (nl)
[ File : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\0t1a57fy.default\prefs.js ]
[ File : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\1woa8qus.Standaardgebruiker\prefs.js ]
[ File : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\5dkd64lc.firefox\prefs.js ]
[ File : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\fsirrm82.default\prefs.js ]
-\\ Google Chrome v30.0.1599.69
[ File : C:\Documents and Settings\johnny\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [6264 octets] - [10/10/2013 16:28:46]
AdwCleaner[s0].txt - [6319 octets] - [10/10/2013 16:29:32]
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6379 octets] ##########
-
Hier de gevraagde log.
Zoek.exe Version 4.0.0.5 Updated 07-October-2013
Tool run by johnny on wo 09/10/2013 at 16:59:57,17.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\DOCUME~1\JOHNNY\MIJNDO~1\DOWNLO~1\ZOEK.COM [script inserted] [Checkboxes used]
==== System Restore Info ======================
9/10/2013 17:01:44 Zoek.exe System Restore Point Created Succesfully.
==== Possible Rootkit Infection ======================
\system32\services.exe Possible Infected!
==== Empty Folders Check ======================
C:\PROGRA~1\dumps
C:\PROGRA~1\MSXML 4.0
C:\PROGRA~1\MyFree Codec
C:\PROGRA~1\Uninstall Information
C:\PROGRA~1\WindowsUpdate
C:\PROGRA~1\Xenocode
C:\Documents and Settings\All Users\Application Data\AVAST Software
C:\Documents and Settings\All Users\Application Data\Big Fish Games
C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{A0C6B9D3-BA62-4C33-8BC3-B4BB65505E59} deleted successfully
HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully
HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
ProfilePath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\0t1a57fy.default
---- Lines delta removed from prefs.js ----
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "orgnl");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "nl");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.id", "9cfb4fef000000000000001cc060ac6e");
user_pref("extensions.delta.instlDay", "15974");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.24.6");
user_pref("extensions.delta.vrsnTs", "1.8.24.60:44:30");
user_pref("extensions.delta.vrsni", "1.8.24.6");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=5006");
user_pref("extensions.delta_i.srcExt", "ss");
---- Lines delta modified from prefs.js ----
---- Lines delta removed from user.js ----
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.id", "9cfb4fef000000000000001cc060ac6e");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.instlDay", "15974");
user_pref("extensions.delta.vrsn", "1.8.24.6");
user_pref("extensions.delta.vrsni", "1.8.24.6");
user_pref("extensions.delta.vrsnTs", "1.8.24.60:44:30");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.aflt", "orgnl");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.dfltLng", "nl");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta_i.babTrack", ""affID=66899&tsp=5017" srcExt=def");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.srcExt", "");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.newTab", false);
---- Lines incredibar removed from prefs.js ----
---- Lines incredibar modified from prefs.js ----
---- Lines incredibar removed from user.js ----
---- Lines babylon removed from prefs.js ----
---- Lines babylon modified from prefs.js ----
---- Lines babylon removed from user.js ----
---- Lines Web Search removed from prefs.js ----
---- Lines Web Search modified from prefs.js ----
---- Lines Web Search removed from user.js ----
---- Lines defaulttab removed from prefs.js ----
---- Lines defaulttab modified from prefs.js ----
---- Lines defaulttab removed from user.js ----
---- Lines OneClickDownload removed from prefs.js ----
---- Lines OneClickDownload modified from prefs.js ----
---- Lines OneClickDownload removed from user.js ----
---- Lines browser.startup.page removed from prefs.js ----
---- Lines browser.startup.page modified from prefs.js ----
---- Lines browser.startup.page removed from user.js ----
---- FireFox user.js and prefs.js backups ----
user_20130910_1706_.backup
prefs_20130910_1706_.backup
ProfilePath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\1woa8qus.Standaardgebruiker
---- Lines delta removed from prefs.js ----
---- Lines delta modified from prefs.js ----
---- Lines delta removed from user.js ----
---- Lines incredibar removed from prefs.js ----
---- Lines incredibar modified from prefs.js ----
---- Lines incredibar removed from user.js ----
---- Lines babylon removed from prefs.js ----
---- Lines babylon modified from prefs.js ----
---- Lines babylon removed from user.js ----
---- Lines Web Search removed from prefs.js ----
user_pref("browser.search.defaultengine", "Web Search");
user_pref("browser.search.defaultenginename", "Web Search");
user_pref("browser.search.order.1", "Web Search");
---- Lines Web Search modified from prefs.js ----
---- Lines Web Search removed from user.js ----
---- Lines defaulttab removed from prefs.js ----
---- Lines defaulttab modified from prefs.js ----
---- Lines defaulttab removed from user.js ----
---- Lines OneClickDownload removed from prefs.js ----
---- Lines OneClickDownload modified from prefs.js ----
---- Lines OneClickDownload removed from user.js ----
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- Lines browser.startup.page modified from prefs.js ----
---- Lines browser.startup.page removed from user.js ----
---- FireFox user.js and prefs.js backups ----
user_20130910_1706_.backup
prefs_20130910_1706_.backup
ProfilePath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\5dkd64lc.firefox
---- Lines delta removed from prefs.js ----
---- Lines delta modified from prefs.js ----
---- Lines delta removed from user.js ----
---- Lines incredibar removed from prefs.js ----
---- Lines incredibar modified from prefs.js ----
---- Lines incredibar removed from user.js ----
---- Lines babylon removed from prefs.js ----
---- Lines babylon modified from prefs.js ----
---- Lines babylon removed from user.js ----
---- Lines Web Search removed from prefs.js ----
user_pref("browser.search.defaultengine", "Web Search");
user_pref("browser.search.defaultenginename", "Web Search");
user_pref("browser.search.order.1", "Web Search");
---- Lines Web Search modified from prefs.js ----
---- Lines Web Search removed from user.js ----
---- Lines defaulttab removed from prefs.js ----
---- Lines defaulttab modified from prefs.js ----
---- Lines defaulttab removed from user.js ----
---- Lines OneClickDownload removed from prefs.js ----
---- Lines OneClickDownload modified from prefs.js ----
---- Lines OneClickDownload removed from user.js ----
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- Lines browser.startup.page modified from prefs.js ----
---- Lines browser.startup.page removed from user.js ----
---- FireFox user.js and prefs.js backups ----
user_20130910_1706_.backup
prefs_20130910_1706_.backup
ProfilePath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\fsirrm82.default
---- Lines delta removed from prefs.js ----
---- Lines delta modified from prefs.js ----
---- Lines delta removed from user.js ----
---- Lines incredibar removed from prefs.js ----
---- Lines incredibar modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn2\",\"mtime\":1347752794625},\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\WINDOWS\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"mtime\":1347892790718},\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\Program Files\\\\IB Updater\\\\Firefox\",\"mtime\":1348069001843}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1348399321375}}},{\"name\":\"winreg-app-user\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn2\",\"mtime\":1347752794625},\"{b64982b1-d112-42b5-b1e4-d3867c4533f8}\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\All Users\\\\Application Data\\\\Browser Manager\\\\2.2.643.41\\\\{16cdff19-861d-48e3-a751-d99a27784753}\\\\FirefoxExtension\",\"mtime\":1348400266468}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@babylon.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\johnny\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\fsirrm82.default\\\\extensions\\\\ffxtlbr@babylon.com\",\"mtime\":1348401924687},\"ffxtlbr@incredibar.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\johnny\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\fsirrm82.default\\\\extensions\\\\ffxtlbr@incredibar.com\",\"mtime\":1348069012562},\"OneClickDownload@OneClickDownload.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\johnny\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\fsirrm82.default\\\\extensions\\\\OneClickDownload@OneClickDownload.com\",\"mtime\":1348072255343}}}]");
---- Lines incredibar removed from user.js ----
---- Lines babylon removed from prefs.js ----
---- Lines babylon modified from prefs.js ----
---- Lines babylon removed from user.js ----
---- Lines Web Search removed from prefs.js ----
user_pref("browser.search.defaultengine", "Web Search");
user_pref("browser.search.defaultenginename", "Web Search");
user_pref("browser.search.order.1", "Web Search");
---- Lines Web Search modified from prefs.js ----
---- Lines Web Search removed from user.js ----
---- Lines defaulttab removed from prefs.js ----
---- Lines defaulttab modified from prefs.js ----
---- Lines defaulttab removed from user.js ----
---- Lines OneClickDownload removed from prefs.js ----
user_pref("extensions.bootstrappedAddons", "{\"OneClickDownload@OneClickDownload.com\":{\"version\":\"1.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Documents and Settings\\\\johnny\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\fsirrm82.default\\\\extensions\\\\OneClickDownload@OneClickDownload.com\"}}");
user_pref("extensions.OneClickDownload.filter", "filter:1,3");
---- Lines OneClickDownload modified from prefs.js ----
---- Lines OneClickDownload removed from user.js ----
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- Lines browser.startup.page modified from prefs.js ----
---- Lines browser.startup.page removed from user.js ----
---- FireFox user.js and prefs.js backups ----
user_20130910_1706_.backup
prefs_20130910_1706_.backup
==== Deleting Files \ Folders ======================
"C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\fsirrm82.default\extensions\ffxtlbr@incredibar.com" not found
"C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\fsirrm82.default\extensions\ffxtlbr@babylon.com" not found
"C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\0t1a57fy.default\searchplugins\conduit-search.xml" deleted
"C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\0t1a57fy.default\searchplugins\nation-secure-search.xml" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\1woa8qus.Standaardgebruiker\searchplugins\Web Search.xml" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\5dkd64lc.firefox\searchplugins\Web Search.xml" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\fsirrm82.default\searchplugins\Web Search.xml" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\0t1a57fy.default\searchplugins\conduit-search.xml" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\0t1a57fy.default\searchplugins\nation-secure-search.xml" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\0t1a57fy.default\Invalidprefs.js" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\0t1a57fy.default\bProtector_extensions.rdf" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\1woa8qus.Standaardgebruiker\searchplugins\nation-secure-search.xml" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\1woa8qus.Standaardgebruiker\searchplugins\Web Search.xml" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\5dkd64lc.firefox\searchplugins\nation-secure-search.xml" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\5dkd64lc.firefox\searchplugins\Web Search.xml" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\fsirrm82.default\searchplugins\nation-secure-search.xml" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\fsirrm82.default\searchplugins\Web Search.xml" deleted
"C:\Program Files\AVG Nation toolbar\vprot.exe" deleted
"C:\PROGRA~1\AVG Nation toolbar\vprot.exe" deleted
"C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com" deleted
"C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults" deleted
"C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults\preferences" deleted
"C:\Documents and Settings\All Users\Application Data\AVG Nation toolbar" deleted
"C:\Program Files\AVG Nation toolbar" not deleted
"C:\Documents and Settings\johnny\Application Data\DefaultTab" deleted
"C:\PROGRA~1\Mozilla Firefox\extensions\ffxtlbr@babylon.com" deleted
"C:\PROGRA~1\AVG Nation toolbar" not deleted
"C:\PROGRA~1\TorrentHandler" deleted
"C:\PROGRA~1\MyFree Codec" deleted
"C:\DOCUME~1\johnny\Mijn documenten\Mijn muziek\Qtrax Media Library" deleted
"C:\Documents and Settings\All Users\Application Data\APN" deleted
"C:\Documents and Settings\All Users\Application Data\Registry Helper" deleted
"C:\Documents and Settings\All Users\Application Data\AVG Nation toolbar" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\1woa8qus.Standaardgebruiker\extensions\addon@defaulttab.com" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\5dkd64lc.firefox\extensions\addon@defaulttab.com" deleted
"C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\fsirrm82.default\extensions\addon@defaulttab.com" deleted
"C:\PROGRA~1\Mozilla Firefox\extensions\ffxtlbr@babylon.com" deleted
==== Files Recently Created / Modified ======================
====== ====
====== C:\WINDOWS\TEMP ====
====== \system32 =====
====== \system32\drivers =====
====== \Tasks ======
====== \Temp ======
======= C:\PROGRA~1 =====
2013-10-06 18:17:09 -------- d-----w- C:\PROGRA~1\COMMON~1\AVG Secure Search
2013-10-06 18:17:08 -------- d-----w- C:\PROGRA~1\AVG Nation toolbar
2013-10-06 18:15:53 -------- d-----w- C:\PROGRA~1\AVG
2013-09-16 15:07:51 -------- d-----w- C:\PROGRA~1\Mozilla Maintenance Service
======= C: =====
====== C:\DOCUME~1\johnny\APPLIC~1 ======
====== C:\DOCUME~1\johnny ======
2013-10-09 14:58:51 -------- d--h--w- C:\\WINDOWS\PIF
2013-10-08 20:37:12 6454C3ECA49FD90F5E2A6ED293E1FD34 35576 ----a-w- C:\\rsit\info.txt
2013-10-08 20:21:43 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\\Program Files\Trend Micro\johnny.exe
2013-10-08 19:31:34 -------- d-sh--w- C:\\RECYCLER\S-1-5-21-1214440339-162531612-839522115-1004
2013-10-08 19:28:52 A584128BC1AD6B532AEA47BD0448081B 13560 ----a-w- C:\\Qoobox\Add-Remove Programs.txt
2013-10-08 19:18:39 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\\WINDOWS\PEV.exe
2013-10-08 19:18:39 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\\WINDOWS\grep.exe
2013-10-08 19:18:39 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\\WINDOWS\zip.exe
2013-10-08 19:18:39 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\\WINDOWS\SWSC.exe
2013-10-08 19:18:39 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\\WINDOWS\MBR.exe
2013-10-08 19:18:34 -------- d-----w- C:\\Qoobox\BackEnv
2013-10-08 19:17:50 -------- d-----w- C:\\Qoobox\Quarantine
2013-10-08 17:43:12 1EF451DEA3ABB0D2B3AC408A9CA05B6A 17813896 ----a-w- C:\\WINDOWS\system32\FlashPlayerInstaller.exe
2013-10-06 18:17:08 -------- d-----w- C:\\Program Files\AVG Nation toolbar
2013-10-06 18:16:09 -------- d-----w- C:\\$AVG\$VAULT
2013-10-06 18:16:09 -------- d-----w- C:\\$AVG\$CHJW
2013-10-06 18:15:53 -------- d-----w- C:\\Program Files\AVG
2013-09-16 15:07:51 -------- d-----w- C:\\Program Files\Mozilla Maintenance Service
2013-09-16 15:03:24 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\\WINDOWS\nsreg.dat
2013-09-12 22:34:47 A7710B9272133082B6C0DF84D69B11B7 1374 ----a-w- C:\\WINDOWS\imsins.BAK
====== C: exe-files ==
2013-10-08 20:29:38 8C7FB9078A63B7E5E899E7A2DBB0DB53 1114624 ----a-w- C:\Documents and Settings\johnny\Local Settings\temp\3263765.Uninstall\uninstaller.exe
2013-10-08 20:21:43 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\johnny.exe
2013-10-08 20:21:00 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\johnny\Mijn documenten\Downloads\RSIT.exe
2013-10-08 20:17:33 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateBroker.exe
2013-10-08 20:17:33 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe
2013-10-08 20:17:33 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateSetup.exe
2013-10-08 20:17:30 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
2013-10-08 20:17:30 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdate.exe
2013-10-08 20:17:30 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
2013-10-08 20:17:24 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe
2013-10-08 19:18:39 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe
2013-10-08 19:18:39 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe
2013-10-08 19:18:39 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe
2013-10-08 19:18:39 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe
2013-10-08 19:18:39 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe
2013-10-08 18:41:09 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Documents and Settings\johnny\Mijn documenten\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-08 17:43:12 1EF451DEA3ABB0D2B3AC408A9CA05B6A 17813896 ----a-w- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-10-06 18:52:33 CFE80B8F9933444E1DA99708DCA23900 3756320 ----a-w- C:\Documents and Settings\johnny\Bureaublad\Nieuwe map\nieuwe downloads\businesscards-mx-4-89-nederlands\BusinessCardsMX\BusinessCardsMX.exe
2013-10-06 18:52:20 85539F3EEC23B2B3B80E5221CF6EF927 570584 ----a-w- C:\Documents and Settings\johnny\Bureaublad\Nieuwe map\nieuwe downloads\businesscards-mx-4-89-nederlands\BusinessCardsMX\tificc.exe
2013-10-06 18:52:19 DFB5F3307FC3FE0AC6C247A5EE0C3BC2 408792 ----a-w- C:\Documents and Settings\johnny\Bureaublad\Nieuwe map\nieuwe downloads\businesscards-mx-4-89-nederlands\BusinessCardsMX\jpgicc.exe
2013-10-06 18:52:19 172631099341733634FC4CE4A2459F80 1176864 ----a-w- C:\Documents and Settings\johnny\Bureaublad\Nieuwe map\nieuwe downloads\businesscards-mx-4-89-nederlands\BusinessCardsMX\unins000.exe
2013-10-06 18:17:13 834418EBF22E0EF249B98D9A4E865EC6 641352 ----a-w- C:\Program Files\Common Files\AVG Secure Search\DriverInstaller\17.0.12\DriverInstaller.exe
2013-10-06 18:17:11 6C7E1955C35950B7E9258B6AE2A65717 2372936 ----a-w- C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\17.0.12\ScriptHelper.exe
2013-10-06 18:17:09 D07FB49A3D7C51A782B659B716CDF661 1733448 ----a-w- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
2013-10-06 18:16:01 4D7FB9493EBE8B9210DA9D9F3FD0B4E8 253488 ----a-w- C:\Program Files\AVG\AVG2014\avgndisx.exe
2013-10-06 18:10:33 3E3012073E57617ADD02EAE944C7F71C 2029734 ----a-w- C:\Documents and Settings\johnny\Bureaublad\Nieuwe map\nieuwe downloads\License Keys For all Antivirus Latest.exe
2013-10-06 17:37:09 57D55FA00710E94798F14AEF3CCBBF8F 251904 ----a-r- C:\Documents and Settings\johnny\Bureaublad\Nieuwe map\nieuwe downloads\AVG Anti-Virus 2014 Build 4116a6613 - x86 & x64 Incl Working Keygen\Keygen.exe
2013-10-06 17:26:04 9B97DA1AEBFA54315877BF8C9737104F 91235864 ----a-r- C:\Documents and Settings\johnny\Bureaublad\Nieuwe map\nieuwe downloads\businesscards-mx-4-89-nederlands\BusinessCardsMX-setup.exe
2013-10-04 20:17:30 ACBC9FB1394434F8F21E7DD0CA9A616B 8420704 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\30.0.1599.69\30.0.1599.69_29.0.1547.76_chrome_updater.exe
=== C: other files ==
2013-10-08 18:41:40 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2013-10-08 18:22:31 B749B05D5A7AD704E47D4565B4894D99 48728 ----a-w- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2013-10-06 18:17:13 15ACA2AD17ACECA4814F249783E63AD3 37664 ----a-w- C:\WINDOWS\system32\drivers\avgtpx86.sys
==== Startup Registry Enabled ======================
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
[HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run]
"D98A654CBC3DD4B1587618D1760AD0F8DBCB39FC._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service"
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY"
"vProt"="C:\Program Files\AVG Nation toolbar\vprot.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"D98A654CBC3DD4B1587618D1760AD0F8DBCB39FC._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service"
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
==== Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\beidsccertprop]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="beidsccertprop"
"hkey"="HKLM"
"command"="C:\\Program Files\\Belgium Identity Card\\BeID Certprop\\beidsccertprop.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HP Software Update"
"hkey"="HKLM"
"command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Registry Repair Wizard Scheduler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Registry Repair Wizard Scheduler"
"hkey"="HKCU"
"command"="\"K:\\downloads\\Registry Repair Wizard\\RCHelper.exe\" /startup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]
"item"="HP Digital Imaging Monitor"
"path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\HP Digital Imaging Monitor.lnk"
"backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup"
"command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe"
==== Firefox Extensions ======================
ProfilePath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\0t1a57fy.default
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
ProfilePath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\fsirrm82.default
- Undetermined - C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\fsirrm82.default\extensions\ffxtlbr@incredibar.com
- Undetermined - C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\fsirrm82.default\extensions\ffxtlbr@babylon.com
- Undetermined - C:\Documents and Settings\All Users\Application Data\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
==== Firefox Plugins ======================
Profilepath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\0t1a57fy.default
CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update
4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash
6B26A1F48CB569E5CAB324B68E44A469 - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\npsitesafety.dll - AVG SiteSafety plugin
148727EBD947CBC168C42A227D56DAB0 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
9B4D431459A9B935FB117F4EDDA236E8 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25
D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
F045DF7AF127DC4BCC53421850114E15 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In
270EE43CC00609B9937AAF94E1E970D4 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
66640A55AEFF3819C94E0A8D40D7E0AD - C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director
1C8124B6A03A620EB0CBCA615666D2AE - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery
7ABA2EAB736F7E9EB0E03ACAA42CCB51 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox
AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
7D28153B7D586330678AD522B71D89CB - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight
3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows®
Profilepath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\5dkd64lc.firefox
3F9F8E0F93D6FA7B7552077A3DF171DE - K:\downloads\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
Profilepath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\fsirrm82.default
3F9F8E0F93D6FA7B7552077A3DF171DE - K:\downloads\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ggkfikfcbnpfoicfjammigpnakpogebh - \K:\downloads\FVD Suite\addons\chrome\fvdext.crx\[]
hphibigbodkkohoglgfkddblldpfohjl - C:\Program Files\TorrentHandler\TorrentHandler.crx[]
kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files\DefaultTab\DefaultTab.crx[]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=42348&st=bs&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si=42348&st=bs&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=42348&st=bs&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si=42348&st=bs&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=42348&st=bs&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si=42348&st=bs&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1"
"Default_Search_URL"="http://search.certified-toolbar.com?si=42348&st=chrome&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q="
"Search Bar"="http://search.certified-toolbar.com?si=42348&st=chrome&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q="
"Search Page"="http://search.certified-toolbar.com?si=42348&st=chrome&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1"
"Default_Search_URL"="http://www.google.com/"
"Search Bar"="http://search.certified-toolbar.com?si=42348&st=chrome&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q="
"Search Page"="http://search.certified-toolbar.com?si=42348&st=chrome&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q="
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1"
"Default_Search_URL"="http://www.google.com/"
"Search Bar"="http://search.certified-toolbar.com?si=42348&st=chrome&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q="
"Search Page"="http://search.certified-toolbar.com?si=42348&st=chrome&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q="
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Empty IE Cache ======================
C:\\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\\Documents and Settings\johnny\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\johnny\LOCALS~1\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\RECYCLER successfully emptied
==== Deleting Files / Folders ======================
"C:\\Documents and Settings\johnny\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Program Files\AVG Nation toolbar" not found
"C:\PROGRA~1\AVG Nation toolbar" not found
==== EOF on wo 09/10/2013 at 17:13:35,96 ======================
-
ik heb een probleempje. als ik mijn website open heb ik op sommige pagina's last van reclame waar ik helemaal niet om gevraagd heb.
kan er iemand van jullie mij daar afhelpen aub?
hieronder het log bestand van RSIT.
Logfile of random's system information tool 1.09 (written by random/random)
Run by johnny at 2013-10-08 22:37:06
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 462 GB (97%) free of 477 GB
Total RAM: 3053 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:37:11, on 8/10/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\AVG Nation toolbar\vprot.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\johnny\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2014\avgfws.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
K:\downloads\Registry Repair Wizard\RCHelper.exe
C:\Documents and Settings\johnny\Mijn documenten\Downloads\RSIT.exe
C:\Program Files\trend micro\johnny.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search-Gol
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Nation toolbar\vprot.exe"
O4 - HKCU\..\Run: [D98A654CBC3DD4B1587618D1760AD0F8DBCB39FC._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\johnny\Application Data\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: PokerStars.be - {878AC5FC-BE78-4bae-896C-7F75B790A71E} - K:\downloads\poker\PokerStarsUpdate.exe (HKCU)
O15 - Trusted IP range: http://192.168.1.1
O15 - ESC Trusted IP range: http://192.168.1.1
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1356552191484
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: vToolbarUpdater17.0.12 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
--
End of file - 8867 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{F9C4DAAE-187A-43C9-AC20-60F6213B6A8A}.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\0t1a57fy.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"belgiumeid@eid.belgium.be"=C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
"avg@toolbar"=C:\Documents and Settings\All Users\Application Data\AVG Nation toolbar\FireFoxExt\17.0.1.12
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\0t1a57fy.default\searchplugins\
conduit-search.xml
nation-secure-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2008-10-16 322864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-22 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-22 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-10-16 505136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-09-07 19573352]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-05-31 152392]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-09-15 4851760]
"vProt"=C:\Program Files\AVG Nation toolbar\vprot.exe [2013-10-07 2403144]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"D98A654CBC3DD4B1587618D1760AD0F8DBCB39FC._service_run"=C:\Program Files\Google\Chrome\Application\chrome.exe [2013-10-03 844752]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beidsccertprop]
C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe [2012-02-21 31768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2011-05-10 49208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Registry Repair Wizard Scheduler]
K:\downloads\Registry Repair Wizard\RCHelper.exe [2012-03-06 1540480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2008-10-16 214360]
C:\Documents and Settings\johnny\Menu Start\Programma's\Opstarten
Dropbox.lnk - C:\Documents and Settings\johnny\Application Data\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\devolo\informer\devinf.exe"="C:\Program Files\devolo\informer\devinf.exe:*:Enabled:devolo Informer"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"K:\downloads\JDownloader\jre\bin\javaw.exe"="K:\downloads\JDownloader\jre\bin\javaw.exe:*:Enabled:Java Platform SE binary"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java Platform SE binary"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Documents and Settings\johnny\Application Data\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\johnny\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\johnny\Application Data\BitTorrent\BitTorrent.exe"="C:\Documents and Settings\johnny\Application Data\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield"
"C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Installer voor AVG"
"C:\Program Files\AVG\AVG2014\avgemcx.exe"="C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Persoonlijke e-mailscanner"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\Simple Port Forwarding\spf.exe"="C:\Program Files\Simple Port Forwarding\spf.exe:*:Enabled:Simple Port Forwarding By PcWinTech.com"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.xvid"=xvidvfw.dll
"vidc.lags"=lagarith.dll
"msacm.ac3filter"=ac3filter.acm
"msacm.siren"=sirenacm.dll
"VIDC.FPS1"=frapsvid.dll
======List of files/folders created in the last 1 month======
2013-10-08 22:32:39 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2013-10-08 22:21:41 ----D---- C:\rsit
2013-10-08 21:31:34 ----SHD---- C:\RECYCLER
2013-10-08 21:29:20 ----A---- C:\ComboFix.txt
2013-10-08 21:18:39 ----A---- C:\WINDOWS\zip.exe
2013-10-08 21:18:39 ----A---- C:\WINDOWS\SWXCACLS.exe
2013-10-08 21:18:39 ----A---- C:\WINDOWS\SWSC.exe
2013-10-08 21:18:39 ----A---- C:\WINDOWS\SWREG.exe
2013-10-08 21:18:39 ----A---- C:\WINDOWS\sed.exe
2013-10-08 21:18:39 ----A---- C:\WINDOWS\PEV.exe
2013-10-08 21:18:39 ----A---- C:\WINDOWS\MBR.exe
2013-10-08 21:18:39 ----A---- C:\WINDOWS\grep.exe
2013-10-08 21:17:50 ----D---- C:\Qoobox
2013-10-08 21:04:42 ----D---- C:\Documents and Settings\johnny\Application Data\Systweak
2013-10-08 20:41:46 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2013-10-08 20:41:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-10-08 20:41:40 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2013-10-08 20:22:31 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2013-10-08 19:43:12 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-10-06 20:52:19 ----D---- C:\Documents and Settings\johnny\Application Data\mojosoft
2013-10-06 20:18:09 ----D---- C:\Documents and Settings\johnny\Application Data\AVG2014
2013-10-06 20:17:25 ----D---- C:\Documents and Settings\johnny\Application Data\TuneUp Software
2013-10-06 20:17:17 ----D---- C:\Documents and Settings\johnny\Application Data\AVG Nation toolbar
2013-10-06 20:17:13 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys
2013-10-06 20:17:09 ----D---- C:\Program Files\Common Files\AVG Secure Search
2013-10-06 20:17:09 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Nation toolbar
2013-10-06 20:17:08 ----D---- C:\Program Files\AVG Nation toolbar
2013-10-06 20:16:09 ----D---- C:\Documents and Settings\All Users\Application Data\AVG2014
2013-10-06 20:16:09 ----D---- C:\$AVG
2013-10-06 20:15:53 ----D---- C:\Program Files\AVG
2013-10-06 20:12:00 ----D---- C:\Documents and Settings\All Users\Application Data\Registry Helper
2013-10-06 20:09:19 ----HD---- C:\Documents and Settings\All Users\Application Data\Common Files
2013-10-06 20:09:19 ----D---- C:\Documents and Settings\All Users\Application Data\MFAData
2013-09-26 17:44:19 ----D---- C:\Documents and Settings\johnny\Application Data\OmegaT
2013-09-18 21:11:42 ----D---- C:\Program Files\Mozilla Firefox
2013-09-16 17:07:51 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-09-16 17:03:24 ----A---- C:\WINDOWS\nsreg.dat
2013-09-16 17:03:23 ----D---- C:\Documents and Settings\johnny\Application Data\DefaultTab
2013-09-13 00:34:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2876315$
2013-09-13 00:34:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$
2013-09-13 00:34:47 ----A---- C:\WINDOWS\imsins.BAK
2013-09-13 00:34:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$
2013-09-10 22:11:44 ----A---- C:\WINDOWS\system32\drivers\avgidsshimx.sys
======List of files/folders modified in the last 1 month======
2013-10-08 22:37:09 ----D---- C:\WINDOWS\Temp
2013-10-08 22:37:09 ----D---- C:\Program Files\Trend Micro
2013-10-08 22:30:41 ----RD---- C:\Program Files
2013-10-08 22:26:49 ----D---- C:\Documents and Settings\johnny\Application Data\HPAppData
2013-10-08 22:22:05 ----SHD---- C:\WINDOWS\Installer
2013-10-08 22:17:26 ----D---- C:\WINDOWS\system32\CatRoot2
2013-10-08 21:54:10 ----D---- C:\WINDOWS\system32
2013-10-08 21:37:02 ----D---- C:\Documents and Settings\johnny\Application Data\Dropbox
2013-10-08 21:31:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-10-08 21:29:38 ----D---- C:\WINDOWS
2013-10-08 21:29:28 ----D---- C:\WINDOWS\system32\drivers
2013-10-08 21:28:46 ----SD---- C:\WINDOWS\Tasks
2013-10-08 21:26:03 ----A---- C:\WINDOWS\system.ini
2013-10-08 21:25:51 ----SHD---- C:\System Volume Information
2013-10-08 21:25:51 ----D---- C:\WINDOWS\system32\Restore
2013-10-08 21:25:39 ----D---- C:\WINDOWS\system32\drivers\etc
2013-10-08 21:23:45 ----D---- C:\WINDOWS\system32\config
2013-10-08 21:23:35 ----D---- C:\WINDOWS\erdnt
2013-10-08 21:21:18 ----D---- C:\WINDOWS\AppPatch
2013-10-08 21:21:17 ----D---- C:\Program Files\Common Files
2013-10-08 21:17:55 ----D---- C:\WINDOWS\Prefetch
2013-10-08 21:09:15 ----D---- C:\Documents and Settings\johnny\Application Data\BitTorrent
2013-10-08 19:43:14 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-06 20:49:26 ----D---- C:\Documents and Settings\johnny\Application Data\vlc
2013-10-06 20:18:01 ----D---- C:\Config.Msi
2013-10-06 20:16:40 ----HD---- C:\WINDOWS\inf
2013-10-06 20:11:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-10-06 20:01:44 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2013-09-26 17:59:11 ----D---- C:\Documents and Settings\johnny\Application Data\PhotoScape
2013-09-26 00:56:29 ----D---- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2013-09-16 17:04:52 ----D---- C:\Documents and Settings\johnny\Application Data\Mozilla
2013-09-15 23:20:32 ----D---- C:\Program Files\Garmin
2013-09-15 23:20:15 ----DC---- C:\WINDOWS\system32\DRVSTORE
2013-09-15 22:30:01 ----D---- C:\Program Files\BitTorrent
2013-09-15 16:33:31 ----D---- C:\Documents and Settings\johnny\Application Data\Vso
2013-09-13 00:36:03 ----D---- C:\Program Files\Internet Explorer
2013-09-13 00:33:58 ----A---- C:\WINDOWS\win.ini
2013-09-13 00:33:06 ----D---- C:\WINDOWS\system32\MRT
2013-09-13 00:31:41 ----D---- C:\WINDOWS\Debug
2013-09-13 00:31:36 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2013-09-02 145720]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2013-09-02 223032]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2013-08-01 120120]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2013-09-02 176952]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2010-04-28 54760]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2012-09-15 15781]
R2 NPF_devolo;NetGroup Packet Filter Driver (devolo); C:\WINDOWS\system32\drivers\npf_devolo.sys [2009-07-13 35840]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944]
R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2010-03-26 243928]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-07-09 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-07-09 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-07-09 21568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-09-07 6141544]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12288]
R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 usbstor;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 ACSSCR;ACR38 Smart Card Reader; C:\WINDOWS\system32\DRIVERS\a38usb.sys [2012-09-20 33536]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2013-04-03 32064]
S3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944]
S3 BthEnum;Stuurprogramma voor Bluetooth-aanvraagblok; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth-apparaat (PAN - Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Poortstuurprogramma voor Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272640]
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio's; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpudrv;cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys []
S3 cpuz134;cpuz134; \??\C:\DOCUME~1\johnny\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys []
S3 cpuz135;cpuz135; \??\K:\pc spellen\Nieuwe map\PC Wizard 2012\pcwiz_x32.sys []
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys []
S3 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2013-02-12 47360]
S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 RT2500USB;ASUS USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2004-08-13 140544]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2013-04-03 136904]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2013-04-03 17864]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2013-04-03 153672]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2014\avgfws.exe [2013-09-22 1358944]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-09-03 3538480]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-22 301152]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-06-22 182184]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [2013-10-06 1733448]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 553288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-04 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;De service Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-04 116648]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-18 118680]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-16 755880]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
alvast dank
johnny
-
Dat zal ik zeker doen
-
Ja ik ook wel, toch bedankt voor het meedenken
-
Dit heb ik net geprobeerd maar deze komt dan meteen zeggen dat ik een disk moet inbrengen.
De disk zat er dus voor alle duidelijkheid wel in.
-
Het gaat om een desktop, en ik vrees dat het wegbrengen mijn enigste keuze zal zijn.
-
Deze cd wil hij ook niet starten, en werpt die er ook steeds uit.
-
Ik ga de lensreiniger eens proberen, als ik die hier nog ergens heb liggen.
-
Ik heb het eens geprobeerd in veilige modus en dan komt die zeggen:
Plaats een schijf of een ander geschikt medium in CD station E.
ik heb er al een paar verschillende cd's en dvd's ingestoken maar niets werkt!
-
Dat veranderd niets aan het probleem, hij blijft altijd maar hetzelfde doen.
-
De snelkoppeling die gebruikt wordt is om een spelletje (sims)op te starten, de dochters spelen dat graag. Maar hij doet het met alles wat we willen bekijken via DVD.
-
Ik heb gedaan wat je vroeg om te doen maar helaas dit heeft niet gewerkt. Hij is opnieuw geínstalleerd maar het probleem blijft hetzelfde. Schuifje blijft opengaan als ik de DVD wil opstarten via deze computer, en als ik het wil opstarten via de snelkoppeling op het bureaublad dan geeft die aan dat ik er een DVD (disk) moet insteken.
-
hallo,
ik heb het volgende probleem. Als ik een DVD in mijn computer steek en die vervolgens wil opstarten, dan werpt die de DVD er altijd uit ( schuifje gaat dan altijd open ). Wat kan het probleem zijn, en wat kan ik hieraan doen om het op te lossen?
Alvast dank
johnny
-
helaas maar ik zie daar niets van conduit tussen staan
- - - Updated - - -
is firefox verwijderen en opnieuw installeren een optie?
Update error
in Archief Windows 10
Geplaatst:
Ik doe dit al enkele dagen op deze manier en telkens krijg ik te zien wat er hieronder op de printscreen staat.