Ga naar inhoud

internet werkt niet


 Delen

Aanbevolen berichten

Goedeavond,

Sinds enige tijd kan ik niet meer op internet. Geen enkele pagina wordt meer geladen, ook met andere browsers niet. Ik kan wel op het internet in de veilige modus. Het programma HiJackThis heb ik gedownload en ik heb een scan gedaan. De uitslag van deze scan zet ik hieronder:

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 21:53:16, on 29-5-2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

FIREFOX: 21.0 (nl)

Boot mode: Safe mode with network support

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Barbie\Mijn documenten\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: hp psc 1000 series.lnk.disabled

O4 - Global Startup: hpoddt01.exe.lnk.disabled

O4 - Global Startup: ICIDU 11n USB Wireless LAN Utility.lnk = C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe

O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Thomson\TG122n\WlanCU.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351283024296

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340821704281

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O20 - Winlogon Notify: TPSvc - TPSvc.dll (file missing)

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe

O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE

O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

O23 - Service: WLSVC - Unknown owner - C:\Program Files\Thomson\TG122n\WLSVC.exe

--

End of file - 8088 bytes

Kunt u kijken wat er bij mijn computer fout is.

Met vriendelijke groet

D. Bank

Link naar reactie
Delen op andere sites


Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)

O4 - Global Startup: hp psc 1000 series.lnk.disabled

O4 - Global Startup: hpoddt01.exe.lnk.disabled

O20 - Winlogon Notify: TPSvc - TPSvc.dll (file missing)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download 51a5bf3d99e8a-ComboFixlogo16.pngComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel alle antivirus- en antispywareprogramma's uit, want deze kunnen namelijk conflicteren met ComboFix.

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

  • Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  • Bij Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Actieve internet verbinding is hier een vereiste).
  • Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok"
  • Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  • Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  • Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm zie u de voortgang van de systeemscan die wordt uitgevoerd.
  • Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  • Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  • Wanneer ComboFix gereed is, zal het het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart da de computer

  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Illegal operation attempted on a registry key that has been marked for deletion.

Hang dan het logje van Combofix en een nieuw logje van HijackThis in je volgende bericht.

Link naar reactie
Delen op andere sites


Goedeavond,

Sinds enige tijd kan ik niet meer op internet. Geen enkele pagina wordt meer geladen, ook met andere browsers niet. Ik kan wel op het internet in de veilige modus. Het programma HiJackThis heb ik gedownload en ik heb een scan gedaan. De uitslag van deze scan zet ik hieronder:

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 12:55:23, on 30-5-2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

FIREFOX: 21.0 (nl)

Boot mode: Safe mode with network support

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Outlook Express\msimn.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\Barbie\Mijn documenten\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: ICIDU 11n USB Wireless LAN Utility.lnk = C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe

O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Thomson\TG122n\WlanCU.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351283024296

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340821704281

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe

O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE

O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

O23 - Service: WLSVC - Unknown owner - C:\Program Files\Thomson\TG122n\WLSVC.exe

--

End of file - 7921 bytes

Dit is het 2e verslagje van hijackthis, gisteren heb ik de 1e gestuurd. Combofix is geinstalleerd op het bureaublad.Hieronder komt het verslag van combofix:

ComboFix 13-05-31.02 - Barbie 30-05-2013 12:35:18.2.2 - x86 NETWORK

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1015.617 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Barbie\Mijn documenten\Downloads\ComboFix.exe

AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: avast! Internet Security *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-04-28 to 2013-05-30 ))))))))))))))))))))))))))))))

.

.

2013-05-29 21:38 . 2013-05-29 21:38 -------- d-----w- c:\program files\Koffix Blocker

2013-05-29 21:27 . 2013-05-29 21:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Licenses

2013-05-29 21:27 . 2013-05-29 21:32 -------- d-----w- c:\program files\SpywareBlaster

2013-05-29 21:17 . 2013-05-29 21:17 -------- d-----w- c:\program files\Common Files\McAfee

2013-05-29 21:16 . 2013-05-29 21:16 -------- d-----w- c:\program files\McAfee

2013-05-29 21:16 . 2013-05-29 21:16 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee

2013-05-28 19:42 . 2013-05-28 19:42 -------- d-----w- c:\documents and settings\Barbie\Local Settings\Application Data\Opera

2013-05-28 19:42 . 2013-05-28 19:42 -------- d-----w- c:\program files\Opera

2013-05-28 19:32 . 2013-05-28 19:32 -------- d-----w- c:\program files\WinRescue XP

2013-05-28 17:39 . 2013-05-28 17:39 -------- d-----w- c:\windows\system32\wbem\Repository

2013-05-10 07:57 . 2013-05-10 07:57 187456 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll

2013-05-08 19:44 . 2013-05-15 12:31 -------- d-----w- c:\documents and settings\All Users\Application Data\YTD Video Downloader

2013-05-08 17:50 . 2013-05-08 17:51 -------- d-----w- c:\documents and settings\Barbie\Application Data\DVDVideoSoft

2013-04-30 19:02 . 2013-04-30 19:04 -------- d-----w- c:\windows\CD27142034CF47DC80B7C409B6CD0DD8.TMP

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-31 16:11 . 2013-02-04 20:26 9216 ----a-w- c:\windows\system32\Native.exe

2013-05-15 18:25 . 2012-11-01 19:51 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-15 18:25 . 2012-11-01 19:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-09 08:59 . 2013-03-02 13:26 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-05-09 08:59 . 2013-03-02 13:26 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2013-05-09 08:59 . 2011-02-05 11:16 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys

2013-05-09 08:59 . 2011-02-05 11:16 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-05-09 08:59 . 2011-02-05 11:16 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2013-05-09 08:59 . 2013-03-02 13:26 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-05-09 08:59 . 2012-02-24 19:16 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys

2013-05-09 08:59 . 2011-02-05 11:54 204784 ----a-w- c:\windows\system32\drivers\aswNdis2.sys

2013-05-09 08:59 . 2011-02-05 11:16 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2013-05-09 08:59 . 2011-02-05 11:54 104752 ----a-w- c:\windows\system32\drivers\aswFW.sys

2013-05-09 08:59 . 2011-02-05 11:16 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2013-05-09 08:58 . 2011-02-05 11:53 41664 ----a-w- c:\windows\avastSS.scr

2013-05-09 08:58 . 2011-02-05 11:15 229648 ----a-w- c:\windows\system32\aswBoot.exe

2013-04-25 20:19 . 2013-04-25 20:19 110080 ----a-r- c:\documents and settings\Barbie\Application Data\Microsoft\Installer\{D8167CA8-236B-4334-B77D-F388F494EE18}\IconF7A21AF7.exe

2013-04-25 20:19 . 2013-04-25 20:19 110080 ----a-r- c:\documents and settings\Barbie\Application Data\Microsoft\Installer\{D8167CA8-236B-4334-B77D-F388F494EE18}\IconD7F16134.exe

2013-04-25 20:19 . 2013-04-25 20:19 110080 ----a-r- c:\documents and settings\Barbie\Application Data\Microsoft\Installer\{D8167CA8-236B-4334-B77D-F388F494EE18}\IconCF33A0CE.exe

2013-04-16 22:26 . 2004-08-03 23:03 920064 ----a-w- c:\windows\system32\wininet.dll

2013-04-16 22:26 . 2004-08-03 23:03 43520 ------w- c:\windows\system32\licmgr10.dll

2013-04-16 22:26 . 2004-08-03 23:03 1469440 ------w- c:\windows\system32\inetcpl.cpl

2013-04-12 23:30 . 2004-08-03 22:55 385024 ------w- c:\windows\system32\html.iec

2013-04-12 14:01 . 2004-08-03 22:56 1876480 ------w- c:\windows\system32\win32k.sys

2013-04-04 12:50 . 2013-03-02 15:37 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-04-04 03:35 . 2013-04-23 17:44 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-03-23 01:09 . 2013-03-23 01:09 354656 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl

2013-03-21 17:07 . 2012-10-21 20:15 861088 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-03-21 17:07 . 2010-11-17 19:49 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-03-08 08:36 . 2004-08-03 23:03 293888 ----a-w- c:\windows\system32\winsrv.dll

2013-03-07 15:56 . 2004-08-03 22:58 2154496 ------w- c:\windows\system32\ntoskrnl.exe

2013-03-07 15:56 . 2004-08-04 00:58 2033152 ------w- c:\windows\system32\ntkrnlpa.exe

2013-03-05 17:18 . 2013-03-05 17:18 44424 ----a-w- c:\windows\system32\sbbd.exe

2013-03-05 17:18 . 2013-02-28 20:24 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys

2013-03-02 13:43 . 2013-03-02 13:43 0 ----a-w- c:\windows\system32\REN9.tmp

2013-03-02 13:43 . 2013-03-02 13:43 0 ----a-w- c:\windows\system32\REN8.tmp

2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll

2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll

2008-03-16 13:30 216064 --sh--r- c:\windows\system32\nbDX.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-05-09 08:58 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2010-05-27 31072]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-05-09 4858968]

"Smart File Advisor"="c:\program files\Smart File Advisor\sfa.exe" [2011-04-04 280824]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

ICIDU 11n USB Wireless LAN Utility.lnk - c:\program files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe [2012-9-22 1015808]

Wireless Configuration Utility.lnk - c:\program files\Thomson\TG122n\WlanCU.exe [2010-12-7 380928]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^Barbie^Menu Start^Programma's^Opstarten^LimeWire On Startup.lnk]

path=c:\documents and settings\Barbie\Menu Start\Programma's\Opstarten\LimeWire On Startup.lnk

backup=c:\windows\pss\LimeWire On Startup.lnkStartup

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" -s

"uTorrent"="e:\muziek en programma's\uTorrent\uTorrent.exe" /MINIMIZED

"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe

"AROReminder"=c:\program files\ARO 2013\ARO.exe -rem

"ccleaner"="c:\program files\CCleaner\ccleaner.exe" /AUTO

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"DivXMediaServer"=c:\program files\DivX\DivX Media Server\DivXMediaServer.exe

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\msiexec.exe"=

"c:\\Program Files\\DownloadManager\\jre\\bin\\javaw.exe"=

"f:\\Muziek en programma's\\VLC\\vlc.exe"=

"c:\\Program Files\\ICIDU\\ICIDU 11n USB Wireless LAN\\RtWLan.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\Program Files\\Opera\\opera.exe"=

"f:\\Muziek en programma's\\uTorrent\\uTorrent.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"50005:TCP"= 50005:TCP:utorrent 3.0

"50005:UDP"= 50005:UDP:utorrent 3.0

"1542:TCP"= 1542:TCP:Realtek WPS TCP Prot

"1542:UDP"= 1542:UDP:Realtek WPS UDP Prot

"53:UDP"= 53:UDP:Realtek AP UDP Prot

"2987:TCP"= 2987:TCP:Connectify File Sharing

"16765:TCP"= 16765:TCP:BitComet 16765 TCP

"16765:UDP"= 16765:UDP:BitComet 16765 UDP

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

.

R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [24-2-2012 21:16 21576]

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [5-2-2011 13:53 12112]

R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [5-2-2011 13:54 204784]

R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [28-2-2013 22:24 13560]

R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]

R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [5-2-2011 13:54 104752]

S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2-3-2013 15:26 49376]

S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2-3-2013 15:26 174664]

S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [5-2-2011 13:16 765736]

S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [5-2-2011 13:16 368944]

S1 jdbkjbbn;jdbkjbbn;\??\c:\windows\system32\drivers\jdbkjbbn.sys --> c:\windows\system32\drivers\jdbkjbbn.sys [?]

S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5-2-2011 13:16 29816]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2-3-2013 15:26 66336]

S2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [5-2-2011 13:53 137960]

S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [5-1-2012 17:42 75624]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2-3-2013 17:38 418376]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2-3-2013 17:38 701512]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [29-5-2013 23:16 101552]

S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [14-1-2013 21:33 769920]

S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [29-5-2012 17:27 1528672]

S2 WLNdis50;Wireless Lan NDIS Protocol I/O Control;c:\windows\system32\drivers\WLNdis50.sys [7-12-2010 19:27 20480]

S2 WLSVC;WLSVC;c:\program files\Thomson\TG122n\WLSVC.exe [7-12-2010 19:27 167936]

S3 cnnctfy2MP;cnnctfy2MP;c:\windows\system32\DRIVERS\cnnctfy2.sys --> c:\windows\system32\DRIVERS\cnnctfy2.sys [?]

S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [6-5-2011 15:57 13904]

S3 EsgScanner;EsgScanner;c:\windows\system32\drivers\EsgScanner.sys [22-6-2012 11:01 19984]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2-3-2013 17:37 22856]

S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [7-12-2010 19:27 588032]

S3 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [23-1-2012 6:43 92592]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [3-5-2012 10:43 10064]

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-04-11 06:25 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-05-29 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-01 18:26]

.

2013-05-30 c:\windows\Tasks\avast! Emergency Update.job

- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-01 08:58]

.

2013-05-30 c:\windows\Tasks\dsmonitor.job

- c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2013-04-07 12:47]

.

2011-01-27 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8287433359.job

- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]

.

2013-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-13 20:59]

.

2013-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-13 20:59]

.

2013-05-30 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]

.

2013-05-31 c:\windows\Tasks\Reimage ScanAgent.job

- c:\program files\Reimage\Reimage Repair\REI_ScanAgent.exe [2013-04-09 10:56]

.

2013-05-30 c:\windows\Tasks\User_Feed_Synchronization-{E7254A12-7898-484D-8A27-4FAE8FBBFA12}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.bing.com

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Free YouTube Download - c:\program files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

IE: Free YouTube to MP3 Converter - c:\program files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

TCP: DhcpNameServer = 213.46.228.196 62.179.104.196

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab

FF - ProfilePath - c:\documents and settings\Barbie\Application Data\Mozilla\Firefox\Profiles\fn2bqsrr.mozilla firefox\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=

FF - prefs.js: network.proxy.type - 0

FF - ExtSQL: 2013-05-14 18:05; wrc@avast.com; c:\program files\Alwil Software\Avast5\WebRep\FF

FF - ExtSQL: 2013-05-17 18:56; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF - ExtSQL: 2013-05-28 20:57; newtabgoogle@graememcc.co.uk; c:\documents and settings\Barbie\Application Data\Mozilla\Firefox\Profiles\fn2bqsrr.mozilla firefox\extensions\newtabgoogle@graememcc.co.uk.xpi

FF - ExtSQL: 2013-05-28 21:00; foxyproxy@eric.h.jung; c:\documents and settings\Barbie\Application Data\Mozilla\Firefox\Profiles\fn2bqsrr.mozilla firefox\extensions\foxyproxy@eric.h.jung

FF - ExtSQL: 2013-05-28 21:02; googlebookmarks_incsearch@enjoyxstudy.com; c:\documents and settings\Barbie\Application Data\Mozilla\Firefox\Profiles\fn2bqsrr.mozilla firefox\extensions\googlebookmarks_incsearch@enjoyxstudy.com.xpi

FF - ExtSQL: 2013-05-28 22:07; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\Barbie\Application Data\Mozilla\Firefox\Profiles\fn2bqsrr.mozilla firefox\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF - ExtSQL: 2013-05-29 23:17; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; c:\program files\McAfee\SiteAdvisor

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2013-05-30 12:41

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

Voltooingstijd: 2013-05-30 12:43:54

ComboFix-quarantined-files.txt 2013-05-30 10:43

ComboFix2.txt 2013-05-30 10:01

.

Pre-Run: 15.558.746.112 bytes beschikbaar

Post-Run: 15.543.975.936 bytes beschikbaar

.

WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptOut

.

- - End Of File - - 23B50DEE3BF90EE15F7F737B9F1D4C63

Ik heb vandaag geprobeerd in de normale modus internet pagina's te laden maar dat lukt nog steeds niet.

Kunt u alstublieft nog een keer kijken wat er fout is.

Mvg,

Didier Bank

Link naar reactie
Delen op andere sites


Download 51a612a8b27e2-Zoek.pngzoek.exe naar het bureaublad.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op de knop "Options" en vink nu de onderstaande opties aan.



    • Recently Created
    • Installed Programs
    • Firefox Look
    • Chrome Look
    • Firefox Defaults
    • Reset Chrome
    • Reset IE proxy
    • Shortcut Fix
    • IE Defaults
    • Auto Clean

    [*] Klik nu op de knop "Run script".

    [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

    [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

    [*] Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoals gevraagd stuur ik jullie hierbij het logje van zoek exe.

Zoek.exe Version 4.0.0.2 Updated 03-June-2013

Tool run by Barbie on do 06-06-2013 at 19:04:37,01.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Safe Mode NETWORK Internet Access Detected

==== Older Logs ======================

C:\zoek-results06-06-2013-1902.log 288 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.7) - Nederlands

Adobe Shockwave Player 12.0

ARO 2013

avast Internet Security

Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127-v2)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB961260)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB963027)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB969897)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB972260)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2829530)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2847204)

Beveiligingsupdate voor Windows XP (KB923789)

Broadcom NetXtreme Ethernet Controller

CCleaner

Content Transfer

DivX Setup

Driver Whiz

DriverScanner

FileASSASSIN

Free YouTube Download version 3.2.0.128

Free YouTube to MP3 Converter version 3.11.34.1015

Google Chrome

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP-software voor foto- en beeldbewerking 2.0 - All-in-One

HP-software voor foto- en beeldbewerking 2.0 - All-in-One stuurprogramma

HP-software voor foto- en beeldbewerking 2.0 - HP psc 1200

HP Memories Disc

hp psc 1200 series

ICIDU Wireless LAN Driver and Utility

Intel® Graphics Media Accelerator Driver

Java 7 Update 21

Java Auto Updater

Java 6 Update 22

JDownloader 0.9

jZip

Koffix Blocker

Leawo Video Editor

Malwarebytes Anti-Malware versie 1.75.0.1300

McAfee SiteAdvisor

MemTurbo 4

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile NLD Language Pack

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Extended NLD Language Pack

Microsoft Application Error Reporting

Microsoft Office File Validation Add-In

Microsoft Office Professional Editie 2003

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 21.0 (x86 nl)

Mozilla Maintenance Service

OGA Notifier 2.0.0048.0

Opera 12.15

RegCure Pro

Reimage Repair

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)

Smart File Advisor 1.1.1

Spybot - Search & Destroy

SpyHunter

SpywareBlaster 5.0

swMSM

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

Taalpakket voor Microsoft .NET Framework 4 Extended - NLD

Thomson TG122n USB Wireless Adapter

TomTom HOME 2.8.3.2499

TomTom HOME Visual Studio Merge Modules

TuneUp Utilities 2012

TuneUp Utilities Language Pack (nl-NL)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

VC80CRTRedist - 8.0.50727.6195

VLC media player 2.0.6

WebFldrs XP

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

WinRescue XP

Xilisoft DVD Ripper Ultimate 6

Xvid 1.2.2 final uninstall

==== FireFox Fix ======================

Deleted from C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0\prefs.js:

Added to C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046\prefs.js:

Added to C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\extensions\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\fn2bqsrr.mozilla firefox\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.newtab.url", "http://www.google.com/firefox");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?ie=UTF-8&oe=utf-8&q=");

Added to C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\fn2bqsrr.mozilla firefox\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968\prefs.js:

user_pref("browser.startup.homepage", "www.google.com");

Added to C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0

user.js not found

---- Lines enabledAddons" removed from prefs.js ----

---- Lines enabledAddons" modified from prefs.js ----

---- Lines Downloader.com removed from prefs.js ----

---- Lines Downloader.com modified from prefs.js ----

---- Lines mybrowserbar removed from prefs.js ----

---- Lines mybrowserbar modified from prefs.js ----

---- Lines OneClickDownload removed from prefs.js ----

---- Lines OneClickDownload modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046

user.js not found

---- Lines enabledAddons" removed from prefs.js ----

---- Lines enabledAddons" modified from prefs.js ----

---- Lines Downloader.com removed from prefs.js ----

---- Lines Downloader.com modified from prefs.js ----

---- Lines mybrowserbar removed from prefs.js ----

---- Lines mybrowserbar modified from prefs.js ----

---- Lines OneClickDownload removed from prefs.js ----

---- Lines OneClickDownload modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\extensions

user.js not found

---- Lines enabledAddons" removed from prefs.js ----

---- Lines enabledAddons" modified from prefs.js ----

---- Lines Downloader.com removed from prefs.js ----

---- Lines Downloader.com modified from prefs.js ----

---- Lines mybrowserbar removed from prefs.js ----

---- Lines mybrowserbar modified from prefs.js ----

---- Lines OneClickDownload removed from prefs.js ----

---- Lines OneClickDownload modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\fn2bqsrr.mozilla firefox

user.js not found

---- Lines enabledAddons" removed from prefs.js ----

---- Lines enabledAddons" modified from prefs.js ----

user_pref("extensions.enabledAddons", "%7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0,wrc%40avast.com:8.0.1489,%7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.172,newtabgoogle%40graememcc.co.uk:1.0.2,foxyproxy%40eric.h.jung:4.1.4,googlebookmarks_incsearch%40enjoyxstudy.com:1.6.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0");

---- Lines Downloader.com removed from prefs.js ----

---- Lines Downloader.com modified from prefs.js ----

---- Lines mybrowserbar removed from prefs.js ----

---- Lines mybrowserbar modified from prefs.js ----

---- Lines OneClickDownload removed from prefs.js ----

---- Lines OneClickDownload modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_06-06-2013_1911_.backup

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968

user.js not found

---- Lines enabledAddons" removed from prefs.js ----

---- Lines enabledAddons" modified from prefs.js ----

user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0");

---- Lines Downloader.com removed from prefs.js ----

---- Lines Downloader.com modified from prefs.js ----

---- Lines mybrowserbar removed from prefs.js ----

---- Lines mybrowserbar modified from prefs.js ----

---- Lines OneClickDownload removed from prefs.js ----

---- Lines OneClickDownload modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_06-06-2013_1911_.backup

==== Deleting Files \ Folders ======================

"C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0\extensions\OneClickDownloader@OneClickDownloader.com.xpi" deleted

"C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0\extensions\wtxpcom@mybrowserbar.com" deleted

"C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0\extensions\ytd@mybrowserbar.com" deleted

"C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0\extensions\OneClickDownloader@OneClickDownloader.com.xpi" deleted

"C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\extensions\extensions\wtxpcom@mybrowserbar.com" deleted

"C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\extensions\extensions\ytd@mybrowserbar.com" deleted

"C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk" deleted

"C:\prefs.js" deleted

"C:\WINDOWS\System32\REN8.tmp" deleted

"C:\WINDOWS\System32\REN9.tmp" deleted

"C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0\extensions\OneClickDownloader@OneClickDownloader.com.xpi" deleted

"C:\Program Files\Common Files\DVDVideoSoft\bin" deleted

"C:\Program Files\GoforFiles" deleted

"C:\Documents and Settings\Barbie\Application Data\GoforFiles" deleted

"C:\Documents and Settings\Barbie\Application Data\Systweak" deleted

"C:\WINDOWS\System32\searchplugins" deleted

"C:\WINDOWS\System32\Extensions" deleted

"C:\Documents and Settings\All Users\Application Data\~Browser Manager" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2013-05-30 09:39:44 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe

2013-05-30 09:39:44 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe

2013-05-30 09:39:44 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe

2013-05-30 09:39:44 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe

2013-05-30 09:39:44 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe

====== C:\DOCUME~1\Barbie\LOCALS~1\Temp ====

====== C:\WINDOWS\system32 =====

2013-06-02 21:49:39 C293A65F984D78224C9D7991F4C55CE1 29024 ----a-w- C:\WINDOWS\System32\uxtuneup.dll

====== C:\WINDOWS\system32\drivers =====

====== C:\WINDOWS\Tasks ======

2013-06-03 11:53:37 19FDA79DD597EB5BF77FEFCD94C7E743 388 ----a-w- C:\WINDOWS\Tasks\RegCure Pro.job

2013-05-31 16:01:49 A38AFC4A5AF8244F14F2F3996AE42F3C 370 ----a-w- C:\WINDOWS\Tasks\Reimage ScanAgent.job

2013-05-27 17:45:06 D9932BC2762ECE85EB38D83EDFD41D42 424 ---ha-w- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E7254A12-7898-484D-8A27-4FAE8FBBFA12}.job

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-05-29 21:38:24 -------- d-----w- C:\Program Files\Koffix Blocker

2013-05-29 21:27:39 -------- d-----w- C:\Program Files\SpywareBlaster

2013-05-28 19:42:44 -------- d-----w- C:\Program Files\Opera

2013-05-28 19:32:50 -------- d-----w- C:\Program Files\WinRescue XP

======= C: =====

2013-06-03 13:55:17 D8BC46288EDD82D5D1EBC7EABD1F245D 3320 ----a-w- C:\AdwCleaner[R32].txt

2013-06-02 19:18:22 9A58EA22EF79CEA5F094F782BFF7871D 2913 ----a-w- C:\AdwCleaner[R31].txt

2013-06-02 18:40:35 9078D2DB5FFCC7C3C78AE5DEAE466B25 2865 ----a-w- C:\AdwCleaner[R30].txt

2013-06-02 18:36:51 0806FCF5F60228663C5E48658F028AE8 415 ----a-w- C:\AdwCleaner[s17].txt

2013-06-02 18:19:46 3AE99AA6E0F80A5D8975FC562866A405 2747 ----a-w- C:\AdwCleaner[R29].txt

2013-05-30 10:32:51 21541E270D6BBBC60CA6DB6F58CCC04B 212 ----a-w- C:\Boot.bak

2013-05-30 10:32:48 271E9B6A3AEC7BCA63D9231A4B3575C0 261936 --sha-r- C:\cmldr

2013-05-29 21:41:40 58FF4BF759AA1C97BF7FCD615AA20454 2686 ----a-w- C:\AdwCleaner[R28].txt

2013-05-29 17:01:28 2C2C075A46F0475EB03D5A487A0C8CF3 2790 ----a-w- C:\AdwCleaner[s16].txt

2013-05-29 16:55:33 3E602370243A65FDC78BDB941E69E498 2564 ----a-w- C:\AdwCleaner[R27].txt

2013-05-29 16:40:46 AF5C6EF1E1256213CCA7A51089730F9D 2485 ----a-w- C:\AdwCleaner[R26].txt

2013-05-28 19:32:54 BC2BA863D07CD8363BC064821784D105 47 ----a-w- C:\rsqXPdir.ini

2013-05-22 17:15:59 A8019490B38216F651D4B6CEB5D414F8 2867 ----a-w- C:\AdwCleaner[s15].txt

2013-05-22 17:14:35 10D513384A8541A47AFE8ED01FA44C68 2621 ----a-w- C:\AdwCleaner[R23].txt

2013-05-21 19:11:45 63A129A2EA99B12E583E7B16B5A433E5 2550 ----a-w- C:\AdwCleaner[R22].txt

2013-05-13 19:53:47 8112C7B09E49C43EB2AFD500E08CDEC5 1784 ----a-w- C:\AdwCleaner[R21].txt

2013-05-08 12:30:09 A30747F9B1E60735FD1F746E381044E8 4471 ----a-w- C:\AdwCleaner[s14].txt

2013-05-08 12:29:01 584AF94089543B0E46AD192109E47F2C 4527 ----a-w- C:\AdwCleaner[R20].txt

2013-05-08 12:02:51 C04BD7A5296EF7336C11B519123597AD 4466 ----a-w- C:\AdwCleaner[R19].txt

2013-05-08 12:01:42 B0A76643DAE77BB7099D728524ACED68 4405 ----a-w- C:\AdwCleaner[R18].txt

====== C:\Documents and Settings\Barbie\Application Data ======

2013-05-30 13:42:28 -------- d---a-w- C:\Documents and Settings\All Users\Application Data\TEMP

2013-05-29 21:27:51 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Licenses

2013-05-29 21:27:41 -------- d-----w- C:\Documents and Settings\All Users\Menu Start\Programma's\SpywareBlaster

2013-05-28 19:42:52 -------- d-----w- C:\Documents and Settings\Barbie\Local Settings\Application Data\Opera

2013-05-28 19:42:52 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\Opera

2013-05-08 19:44:45 -------- d-----w- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader

2013-05-08 19:44:36 -------- d-----w- C:\Documents and Settings\All Users\Menu Start\Programma's\YTD Video Downloader

2013-05-08 17:50:57 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\DVDVideoSoft

====== C:\Documents and Settings\Barbie ======

2013-06-06 16:46:21 -------- d--h--r- C:\Documents and Settings\Barbie\Onlangs geopend

2013-05-30 14:27:46 -------- d-sh--w- C:\Documents and Settings\LocalService\Cookies

2013-05-30 14:27:16 -------- d-sh--w- C:\Documents and Settings\NetworkService\Cookies

====== C: exe-files ==

2013-06-03 20:30:39 3B16B1BBFA9411532C73F62FC219EBC3 916928 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\Downloads\RegHunter_Web_Setup.exe.exe

2013-06-03 14:26:47 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2829530-IE8\spuninst\spuninst.exe

2013-06-03 14:26:43 670709F5BC284AABF4E1B603FA1B3095 173056 -c----w- C:\WINDOWS\ie8updates\KB2829530-IE8\ie4uinit.exe

2013-06-03 11:56:20 63C3C419200755087C7496933C298F8F 5162600 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Repair-tool(3).exe

2013-06-02 22:17:12 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2847204-IE8\spuninst\spuninst.exe

2013-06-02 20:45:12 46306F5693C221F6F383649D7FC74026 765304 -c----w- C:\WINDOWS\ie8updates\KB2510531-IE8\update.exe

2013-06-02 20:45:12 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe

2013-06-02 20:45:12 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst.exe

2013-06-02 18:46:26 832D56961FAFF9D2328995FAD430874D 101832 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\SASUNINST.EXE

2013-06-02 18:31:41 0A90C8A3F94564E7EAF541981EAFA52A 632031 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\adwcleaner.exe

2013-06-01 20:06:24 79B68AA7ECABBAAE5BAD85F24740CC72 235040 -c----w- C:\WINDOWS\ie8\spuninst\spuninst.exe

2013-06-01 20:04:42 A251B726EED494F2FD9E5C6B1205BDB0 206336 -c----w- C:\WINDOWS\ie8\winfxdocobj.exe

2013-06-01 20:04:41 2152542C06731D48EF55E8697D3490C3 12288 -c----w- C:\WINDOWS\ie8\msfeedssync.exe

2013-06-01 20:04:34 2667B412F7453B8C39197D3C550536CD 45568 -c----w- C:\WINDOWS\ie8\mshta.exe

2013-06-01 20:04:33 3CFC56F73D494FC1AA2B6E981DF15ACD 634632 -c----w- C:\WINDOWS\ie8\iexplore.exe

2013-06-01 20:04:32 B52F86FA5ADBA222DA7CFCB196D4D0FE 70656 -c----w- C:\WINDOWS\ie8\ie4uinit.exe

2013-06-01 20:04:28 39FB27710A0FFE67B3BFD9B0F6C96C52 216800 -c----w- C:\WINDOWS\ie8\spuninst.exe

2013-06-01 19:49:59 08EEB38F01A901E37E9BA047BB08800D 16976752 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\IE8-WindowsXP-x86-NLD.exe

2013-05-31 16:11:22 F301316058FCC7E9EFFD264A4D947FA2 5168520 ----a-w- C:\ReimageUndo\REI_UndoUtility.exe

=== C: other files ==

2013-06-03 19:59:30 8549F58539EE039583FC22B541A4C593 10357101 ----a-w- C:\rei\Results\EXE1.6.3.8\RUN20130603_2101\After\RegDump.zip

2013-06-03 19:46:01 DC3CA07958B7C6E116BBBA3174E12EB5 10356150 ----a-w- C:\rei\Results\EXE1.6.3.8\RUN20130603_2101\Before\RegDump.zip

2013-05-31 16:10:57 461396A7C04A45BB78BC2F762952C756 9809522 ----a-w- C:\rei\Results\EXE1.6.3.8\RUN20130531_1802\Before\RegDump.zip

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046

- Undetermined - %ProfilePath%\extensions\jid1-yZwVFzbsyfMrqQ@jetpack

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\fn2bqsrr.mozilla firefox

- Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

- avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF

- DivX Plus Web Player HTML5 lt;videogt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

- FoxyProxy Basic - %ProfilePath%\extensions\foxyproxy@eric.h.jung

- Google Bookmarks IncSearch - %ProfilePath%\extensions\googlebookmarks_incsearch@enjoyxstudy.com.xpi

- Add Google Search To New Tab Page - %ProfilePath%\extensions\newtabgoogle@graememcc.co.uk.xpi

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Undetermined - %AppDir%\extensions\staged

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\fn2bqsrr.mozilla firefox

3D928B3FE97C403A33F803B3D1A260C9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll - Google Update

7ABE33792F2787D599B6963E71B9E8CD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll - Shockwave Flash

F833DD5D8F959819F44BC98F47B1B6BB - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

65D09D8BC91D74C8800725EB33D1EE1B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

55F213A61B82B6174B02881562FE20A0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player

8F24103AB984847AA2939F58F19CCC98 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U21

66640A55AEFF3819C94E0A8D40D7E0AD - C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director

0DB58BCC1E3A4EC251CF0F15DE6F5732 - C:\Program Files\McAfee\SiteAdvisor\NPMcFFPlg32.dll - McAfee SiteAdvisor

A5C14075B571AF1C9592595BE724D9D2 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In

B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

2AA3703D87E1327A2290C9D416D89A28 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight

Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968

3D928B3FE97C403A33F803B3D1A260C9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll - Google Update

7ABE33792F2787D599B6963E71B9E8CD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll - Shockwave Flash

F833DD5D8F959819F44BC98F47B1B6BB - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

65D09D8BC91D74C8800725EB33D1EE1B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

55F213A61B82B6174B02881562FE20A0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player

8F24103AB984847AA2939F58F19CCC98 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U21

66640A55AEFF3819C94E0A8D40D7E0AD - C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director

A5C14075B571AF1C9592595BE724D9D2 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In

B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

2AA3703D87E1327A2290C9D416D89A28 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bcjagnifjocnddgeknajocbkkhlgibem - C:\Program Files\Chrome\surfcanyon.crx[19-06-2012 17:11]

cjofdnhdkbflacojpfpkchgafjahijbb - C:\DOCUME~1\Barbie\LOCALS~1\Temp\crx254.tmp[]

dkinklhnkmkhkhofcnapakaoehijaoih - C:\Program Files\OnlineHD.TV\onhd11.crx[]

eoccbpoodnckjdnackiffhjfkogfhnhh - C:\Program Files\VDownloader\Addons\Chrome.crx[]

fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[22-03-2013 11:02]

jcpbbbapaiahneeinklkepfjemkkhhhj - C:\Documents and Settings\All Users\Application Data\Bcool\jcpbbbapaiahneeinklkepfjemkkhhhj.crx[]

kiplfnciaokpcennlkldkdaeaaomamof - C:\Documents and Settings\Barbie\Local Settings\Application Data\Torch\Plugins\TorchPlugin.crx[]

lfffjahnfbocnaooecgijfnbpcfekoik - C:\Documents and Settings\All Users\Application Data\adawaretb\shortcuts\chrome\adawaretb.crx[]

nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[06-05-2013 10:12]

YouTube - Barbie - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Barbie - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

avast WebRep - Barbie - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

DivX Plus Web Player HTML5 \u003Cvideo\u003E - Barbie - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm

Gmail - Barbie - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jcpbbbapaiahneeinklkepfjemkkhhhj_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

"Use Search Asst"="yes"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://www.google.com"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://www.google.com"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

"Use Search Asst"="no"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Documents and Settings\Barbie\Bureaublad\Snelkoppeling naar adwcleaner.lnk - C:\Documents and Settings\Barbie\Mijn documenten\Downloads\adwcleaner.exe

C:\Documents and Settings\Barbie\Bureaublad\Snelkoppeling naar aswMBR.lnk - C:\Documents and Settings\Barbie\Mijn documenten\Downloads\aswMBR.exe

C:\Documents and Settings\Barbie\Bureaublad\Snelkoppeling naar ComboFix.lnk - C:\Documents and Settings\Barbie\Mijn documenten\Downloads\ComboFix.exe

C:\Documents and Settings\Barbie\Bureaublad\Snelkoppeling naar HijackThis.lnk - C:\Documents and Settings\Barbie\Mijn documenten\Downloads\HijackThis.exe

C:\Documents and Settings\Barbie\Bureaublad\Snelkoppeling naar zoek.lnk - C:\Documents and Settings\Barbie\Mijn documenten\Downloads\zoek.exe

C:\Documents and Settings\Barbie\Bureaublad\Systeemherstel.lnk - C:\WINDOWS\system32\restore\rstrui.exe

==== shortcuts in Users Start Menu ======================

C:\Documents and Settings\Barbie\Menu Start\Programma's\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Barbie\Menu Start\Programma's\jZip.lnk - C:\Program Files\jZip\jZip.exe

C:\Documents and Settings\Barbie\Menu Start\Programma's\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff

C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Hulp op afstand.lnk - C:\WINDOWS\system32\rcimlby.exe -LaunchRA

C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Kladblok.lnk - C:\WINDOWS\system32\notepad.exe

C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\koffix.lnk - C:\Program Files\Koffix Blocker\koffix.exe

C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Opdrachtprompt.lnk - C:\WINDOWS\system32\cmd.exe

C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Rondleiding door Windows XP.lnk - C:\WINDOWS\system32\tourstart.exe

C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Synchroniseren.lnk - C:\WINDOWS\system32\mobsync.exe

C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Uninstall.lnk - C:\Program Files\Koffix Blocker\Uninstall.exe

C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Windows Verkenner.lnk - C:\WINDOWS\explorer.exe

C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Systeembeheer\Internet Explorer (zonder invoegtoepassingen).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff

C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Hulpprogrammabeheer.lnk - C:\WINDOWS\system32\utilman.exe /start

C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Schermtoetsenbord.lnk - C:\WINDOWS\system32\osk.exe

C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Vergrootglas.lnk - C:\WINDOWS\system32\magnify.exe

C:\Documents and Settings\Barbie\Menu Start\Programma's\SpyHunter\SpyHunter Emergency Startup.lnk - C:\WINDOWS\explorer.exe "C:\Program Files\Enigma Software Group\SpyHunter\SH4.com"

C:\Documents and Settings\Barbie\Menu Start\Programma's\SpyHunter\SpyHunter.lnk - C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

C:\Documents and Settings\Barbie\Menu Start\Programma's\SpyHunter\Uninstall SpyHunter.lnk - C:\WINDOWS\system32\msiexec.exe /X {D8167CA8-236B-4334-B77D-F388F494EE18}

C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Opdrachtprompt.lnk - C:\WINDOWS\system32\cmd.exe

==== shortcuts in All Users Start Menu ======================

C:\Documents and Settings\All Users\Menu Start\Programma's\Adobe Reader X .lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1043-7B44-AA1000000001}\SC_Reader.ico

C:\Documents and Settings\All Users\Menu Start\Programma's\Opera.lnk - C:\Program Files\Opera\opera.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\AnvSoft\Any Video Converter 5 Beta\Any Video Converter 5 Beta.lnk - F:\Muziek en programma's\Any Video Converter 5 Beta\AVCFree.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\ARO 2013\ARO 2013.lnk - C:\Program Files\ARO 2013\ARO.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\avast Internet Security.lnk -

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Paint.lnk - C:\WINDOWS\system32\mspaint.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Programmatoegang en -instellingen.lnk - C:\WINDOWS\system32\control.exe appwiz.cpl,,3

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Rekenmachine.lnk - C:\WINDOWS\system32\calc.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Verbinding met extern bureaublad.lnk - C:\WINDOWS\system32\mstsc.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Windows Update.lnk - C:\WINDOWS\system32\wupdmgr.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Communicatie\Netwerkverbindingen.lnk - C:\WINDOWS\explorer.exe ::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{21EC2020-3AEA-1069-A2DD-08002B30309D}\::{7007acc7-3202-11d1-aad2-00805fc1270e}

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Communicatie\Wizard Draadloos netwerk instellen.lnk - C:\WINDOWS\system32\rundll32.exe shell32.dll,Control_RunDLL NetSetup.cpl,@0,WNSW

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Communicatie\Wizard Netwerk instellen.lnk - C:\WINDOWS\system32\rundll32.exe hnetwiz.dll,HomeNetWizardRunDll

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Communicatie\Wizard Nieuwe verbinding.lnk - C:\WINDOWS\system32\rundll32.exe netshell.dll,StartNCW

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Entertainment\Geluidsrecorder.lnk - C:\WINDOWS\system32\sndrec32.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Entertainment\Volumeregeling.lnk - C:\WINDOWS\system32\sndvol32.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Back-up.lnk - C:\WINDOWS\system32\ntbackup.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Beveiligingscentrum.lnk - C:\WINDOWS\system32\wscui.cpl

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Geplande taken.lnk - C:\WINDOWS\explorer.exe ::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{21EC2020-3AEA-1069-A2DD-08002B30309D}\::{D6277990-4C6A-11CF-8D87-00AA0060F5BF}

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Schijfdefragmentatie.lnk - C:\WINDOWS\system32\dfrg.msc

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Schijfopruiming.lnk - C:\WINDOWS\system32\cleanmgr.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Speciale tekens.lnk - C:\WINDOWS\system32\charmap.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Systeemherstel.lnk - C:\WINDOWS\system32\restore\rstrui.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Wizard Bestanden en instellingen overzetten.lnk - C:\WINDOWS\system32\usmt\migwiz.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Wizard Toegankelijkheid.lnk - C:\WINDOWS\system32\accwiz.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\DivX Plus\DivX Plus Converter.lnk - C:\Program Files\DivX\DivX Plus Converter\DivXConverterLauncher.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\DivX Plus\DivX Plus Player.lnk - C:\Program Files\DivX\DivX Plus Player\DivX Plus Player.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\DivX Plus\DivX Support.lnk -

C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\Backgammon op het Internet.lnk - C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\Dammen op het Internet.lnk - C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\FreeCell.lnk - C:\WINDOWS\system32\freecell.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\Hartenjagen op het Internet.lnk - C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\Hartenjagen.lnk - C:\WINDOWS\system32\mshearts.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\Mijnenveger.lnk - C:\WINDOWS\system32\winmine.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\Patience.lnk - C:\WINDOWS\system32\sol.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\Reversi op het Internet.lnk - C:\Program Files\MSN Gaming Zone\Windows\Rvsezm.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\Spades op het Internet.lnk - C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\Spider Solitaire.lnk - C:\WINDOWS\system32\spider.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Reimage Repair\Reimage Repair.lnk - C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Reimage Repair\Run in safe mode.lnk - C:\Program Files\Reimage\Reimage Repair\ReimageSafeMode.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Reimage Repair\Uninstall.lnk - C:\Program Files\Reimage\Reimage Repair\uninst.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Reimage Repair\Website.lnk - C:\Program Files\Reimage\Reimage Repair\Reimage Repair.url

C:\Documents and Settings\All Users\Menu Start\Programma's\SpywareBlaster\SpywareBlaster Help.lnk - C:\Program Files\SpywareBlaster\sbhelp.chm

C:\Documents and Settings\All Users\Menu Start\Programma's\SpywareBlaster\SpywareBlaster.lnk - C:\Program Files\SpywareBlaster\spywareblaster.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Computerbeheer.lnk - C:\WINDOWS\system32\compmgmt.msc /s

C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Gegevensbronnen (ODBC).lnk - C:\WINDOWS\system32\odbcad32.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Logboeken.lnk - C:\WINDOWS\system32\eventvwr.msc /s

C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Lokaal beveiligingsbeleid.lnk - C:\WINDOWS\system32\secpol.msc /s

C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Prestaties.lnk - C:\WINDOWS\system32\perfmon.msc /s

C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Services.lnk - C:\WINDOWS\system32\services.msc /s

C:\Documents and Settings\All Users\Menu Start\Programma's\VideoLAN\Release Notes.lnk - F:\Muziek en programma's\VLC\NEWS.txt

==== shortcuts in Quick Launch ======================

C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\Check PC For Errors.lnk - C:\Program Files\ARO 2013\ARO.exe

C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\DriverScanner.lnk - C:\Program Files\Uniblue\DriverScanner\driverscanner.exe

C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\jZip.lnk - C:\Program Files\jZip\jZip.exe

C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\MemTurbo - PC Optimizer.lnk - C:\Program Files\MemTurbo 4\MemTurbo.exe

C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk - C:\Program Files\Opera\opera.exe

C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk - C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe /advancedmode

==== Reset IE Proxy ======================

Value(s) before fix:

"ProxyEnable"=dword:00000000

Value(s) after fix:

"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eoccbpoodnckjdnackiffhjfkogfhnhh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jcpbbbapaiahneeinklkepfjemkkhhhj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\8gjesupv.default-1362239606375\Cache emptied successfully

C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\fn2bqsrr.mozilla firefox\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\Barbie\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on do 06-06-2013 at 21:19:37,42 ======================

Met vriendelijke groet,

D. Bank

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen

×
×
  • Nieuwe aanmaken...