Hallo,
Een paar dagen heb ik dit probleem als ik op het rode kruisje klik,sluit de pagina erg traag van boven naar beneden.
Ook loopt de pc vaak vast,ik heb avast verwijderd en een andere anti virus programa er op gedaan.
Ik heb avanced systeem care dat is een goed programa ,maar nog heb ik deze problemen.
Wat kan ik er zelf aan doen zodat mijn pc weer normaal loopt?
Hallo,
Voer het stappenplan uit en plaats dan de 3 verkregen logjes zodat we je verder kunnen helpen.
Link: http://antivirus.startpagina.nl/prikbord/4625317/voer-dit-eerst-uit-(vernieuwd-per-25-02-2013)-voordat-je-de-logjes-plaatst!!#msg-4625317
avanced systeem care haalt wel eens meer weg dan je lief is, is niet onze keus.
Gr.Ben
Hallo Ben ,dank je wel voor je raad ,hier de logs
Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2013.07.01.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Admin :: FAMILIE
Bescherming: Ingeschakeld
1-7-2013 10:31:34
MBAM-log-2013-07-01 (10-47-13).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 205097
Verstreken tijd: 11 minuut/minuten, 17 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Geen actie ondernomen.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Geen actie ondernomen.
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
# AdwCleaner v2.303 - Verslag gemaakt op 01/07/2013 om 10:23:27
# Geactualiseerd op 08/06/2013 door Xplode
# Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)
# Gebruiker : Admin - FAMILIE
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\RVY2SCU8\adwcleaner.exe
# Optie
***** *****
***** *****
File Aanwezig : C:\user.js
Map Aanwezig : C:\Documents and Settings\Admin\Application Data\Babylon
Map Aanwezig : C:\Documents and Settings\Admin\Application Data\DriverCure
Map Aanwezig : C:\Documents and Settings\Admin\Application Data\eType
Map Aanwezig : C:\Documents and Settings\Admin\Application Data\PerformerSoft
Map Aanwezig : C:\Documents and Settings\Admin\Local Settings\Application Data\Conduit
Map Aanwezig : C:\Documents and Settings\Admin\Local Settings\Application Data\PackageAware
Map Aanwezig : C:\Documents and Settings\All Users\Application Data\Babylon
Map Aanwezig : C:\Documents and Settings\All Users\Application Data\DriverCure
Map Aanwezig : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Map Aanwezig : C:\Program Files\Common Files\spigot
***** *****
Sleutel Aanwezig : HKCU\Software\1ClickDownload
Sleutel Aanwezig : HKCU\Software\5dedfdab03de448
Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\Search Settings
Sleutel Aanwezig : HKCU\Software\AutoLyrics
Sleutel Aanwezig : HKCU\Software\Conduit
Sleutel Aanwezig : HKCU\Software\ConduitSearchScopes
Sleutel Aanwezig : HKCU\Software\DataMngr
Sleutel Aanwezig : HKCU\Software\DataMngr_Toolbar
Sleutel Aanwezig : HKCU\Software\DSNR Labs
Sleutel Aanwezig : HKCU\Software\IM
Sleutel Aanwezig : HKCU\Software\ImInstaller
Sleutel Aanwezig : HKCU\Software\InstallCore
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5CB02877-EFBC-4317-B608-9E24B11BAB40}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F001652-AF51-45C6-B029-86E0265A1851}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DAEB9E85-4694-4F9B-85CB-2F28987872D7}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5CB02877-EFBC-4317-B608-9E24B11BAB40}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F001652-AF51-45C6-B029-86E0265A1851}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DAEB9E85-4694-4F9B-85CB-2F28987872D7}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Sleutel Aanwezig : HKCU\Software\PriceGong
Sleutel Aanwezig : HKCU\Software\SmartBar
Sleutel Aanwezig : HKCU\Software\Softonic
Sleutel Aanwezig : HKCU\Software\Vuze_Remote
Sleutel Aanwezig : HKCU\Software\YahooPartnerToolbar
Sleutel Aanwezig : HKLM\SOFTWARE\5dedfdab03de448
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Sleutel Aanwezig : HKLM\Software\Conduit
Sleutel Aanwezig : HKLM\Software\DataMngr
Sleutel Aanwezig : HKLM\Software\Iminent
Sleutel Aanwezig : HKLM\Software\ImInstaller
Sleutel Aanwezig : HKLM\Software\Messenger Plus!\OpenCandy
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{824F0F1C-7395-48F4-953F-192006547DD2}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Sleutel Aanwezig : HKLM\Software\SoftwareUpdater
Sleutel Aanwezig : HKLM\Software\Tarma Installer
Sleutel Aanwezig : HKLM\Software\Vuze_Remote
Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
***** *****
-\\ Internet Explorer v8.0.6001.18702
Het register bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner.txt - ##########
Hallo,
Het is jammer genoeg niet helemaal goed gegaan:
Voor XP: Gewoon dubbelklikken op AdwCleaner.
Klik vervolgens op Verwijderen. (dit had je niet gedaan doe het als nog)
Plaats daarna het logje.
Wanneer de scan voltooid is, klik op OK, daarna “Bekijk Resultaten” om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde. (hier had je ook niet op verwijderen gedrukt doe dat nog als nog)
P;laats daarna het llogje.
En ik mis het RSIT logje.
Gr.Ben
Hallo Ben ,Sorry !
# AdwCleaner v2.303 - Verslag gemaakt op 01/07/2013 om 17:27:58
# Geactualiseerd op 08/06/2013 door Xplode
# Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)
# Gebruiker : Admin - FAMILIE
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\RVY2SCU8\adwcleaner.exe
# Optie
***** *****
***** *****
File Verwijderd : C:\user.js
Map Verwijderd : C:\Documents and Settings\Admin\Application Data\Babylon
Map Verwijderd : C:\Documents and Settings\Admin\Application Data\DriverCure
Map Verwijderd : C:\Documents and Settings\Admin\Application Data\eType
Map Verwijderd : C:\Documents and Settings\Admin\Application Data\PerformerSoft
Map Verwijderd : C:\Documents and Settings\Admin\Local Settings\Application Data\Conduit
Map Verwijderd : C:\Documents and Settings\Admin\Local Settings\Application Data\PackageAware
Map Verwijderd : C:\Documents and Settings\All Users\Application Data\Babylon
Map Verwijderd : C:\Documents and Settings\All Users\Application Data\DriverCure
Map Verwijderd : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Map Verwijderd : C:\Program Files\Common Files\spigot
***** *****
Sleutel Verwijderd : HKCU\Software\1ClickDownload
Sleutel Verwijderd : HKCU\Software\5dedfdab03de448
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Search Settings
Sleutel Verwijderd : HKCU\Software\AutoLyrics
Sleutel Verwijderd : HKCU\Software\Conduit
Sleutel Verwijderd : HKCU\Software\ConduitSearchScopes
Sleutel Verwijderd : HKCU\Software\DataMngr
Sleutel Verwijderd : HKCU\Software\DataMngr_Toolbar
Sleutel Verwijderd : HKCU\Software\DSNR Labs
Sleutel Verwijderd : HKCU\Software\IM
Sleutel Verwijderd : HKCU\Software\ImInstaller
Sleutel Verwijderd : HKCU\Software\InstallCore
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5CB02877-EFBC-4317-B608-9E24B11BAB40}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F001652-AF51-45C6-B029-86E0265A1851}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DAEB9E85-4694-4F9B-85CB-2F28987872D7}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5CB02877-EFBC-4317-B608-9E24B11BAB40}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F001652-AF51-45C6-B029-86E0265A1851}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DAEB9E85-4694-4F9B-85CB-2F28987872D7}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Sleutel Verwijderd : HKCU\Software\PriceGong
Sleutel Verwijderd : HKCU\Software\SmartBar
Sleutel Verwijderd : HKCU\Software\Softonic
Sleutel Verwijderd : HKCU\Software\Vuze_Remote
Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar
Sleutel Verwijderd : HKLM\SOFTWARE\5dedfdab03de448
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Sleutel Verwijderd : HKLM\Software\Conduit
Sleutel Verwijderd : HKLM\Software\DataMngr
Sleutel Verwijderd : HKLM\Software\Iminent
Sleutel Verwijderd : HKLM\Software\ImInstaller
Sleutel Verwijderd : HKLM\Software\Messenger Plus!\OpenCandy
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{824F0F1C-7395-48F4-953F-192006547DD2}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Sleutel Verwijderd : HKLM\Software\SoftwareUpdater
Sleutel Verwijderd : HKLM\Software\Tarma Installer
Sleutel Verwijderd : HKLM\Software\Vuze_Remote
Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
***** *****
-\\ Internet Explorer v8.0.6001.18702
Het register bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner.txt - ##########
Sorry ben hier is het alsnog
Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2013-07-01 17:42:50
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 19 GB (51%) free of 38 GB
Total RAM: 1014 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:43:02, on 1-7-2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\EU18HDCR\RSIT.exe
C:\Program Files\trend micro\Admin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~3\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: “C:\Program Files\IObit\IObit Malware Fighter\IMF.exe” /autostart
O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui
O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Lokale service’)
O4 - HKUS\S-1-5-20\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Netwerkservice’)
O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O15 - Trusted Zone: *.dell.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
–
End of file - 6016 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\ConfigExec.job
C:\WINDOWS\tasks\DataUpload.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\SmartDefrag.job
======Registry dump======
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\ADVANC~3\BROWER~1\ASCPLU~1.DLL
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
“IObit Malware Fighter”=C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
“avast”=C:\Program Files\AVAST Software\Avast\avastUI.exe
“ctfmon.exe”=C:\WINDOWS\system32\ctfmon.exe
c:\program files\belgium identity card\beid certprop\beidsccertprop.exe
c:\program files\canon\myprinter\bjmyprt.exe
c:\program files\ahead\incd\incd.exe
c:\program files\messenger\msmsgs.exe
c:\windows\system32\nerocheck.exe
c:\program files\common files\java\java update\jusched.exe
c:\program files\tomtom home 2\tomtomhomerunner.exe
“Nero BackItUp Scheduler 4.0”=2
“WMPNetworkSvc”=3
“JavaQuickStarterService”=2
C:\WINDOWS\system32\igfxdev.dll
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“NoDriveTypeAutoRun”=145
“NoInstrumentation”=1
“HonorAutoRunSetting”=1
“NoResolveSearch”=1
“%windir%\Network Diagnostic\xpnetdiag.exe”=“%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000”
“%windir%\system32\sessmgr.exe”=“%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019”
“C:\WINDOWS\system32\mmc.exe”=“C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console”
“C:\Program Files\Internet Explorer\iexplore.exe”="C:\Program Files\Internet Explorer\iexplore.exe:*
isabled:Internet Explorer"
“C:\Program Files\Messenger\msmsgs.exe”=“C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger”
“C:\Program Files\Veetle\Player\VeetleNet.exe”=“C:\Program Files\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet”
“C:\Program Files\TeamViewer\Version8\TeamViewer.exe”=“C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application”
“C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe”=“C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service”
“C:\Program Files\Skype\Phone\Skype.exe”=“C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype”
“%windir%\Network Diagnostic\xpnetdiag.exe”=“%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000”
“%windir%\system32\sessmgr.exe”=“%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019”
“C:\Program Files\BearShare Applications\BearShare\BearShare.exe”=“C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare”
“C:\Program Files\Veetle\Player\VeetleNet.exe”=“C:\Program Files\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet”
“midimapper”=midimap.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msadpcm”=msadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.trspch”=tssoft32.acm
“vidc.cvid”=iccvid.dll
“VIDC.I420”=msh263.drv
“vidc.iv31”=ir32_32.dll
“vidc.iv32”=ir32_32.dll
“vidc.iv41”=ir41_32.ax
“VIDC.IYUV”=iyuv_32.dll
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“VIDC.UYVY”=msyuv.dll
“VIDC.YUY2”=msyuv.dll
“VIDC.YVU9”=tsbyuv.dll
“VIDC.YVYU”=msyuv.dll
“wavemapper”=msacm32.drv
“msacm.msg723”=msg723.acm
“vidc.M263”=msh263.drv
“vidc.M261”=msh261.drv
“msacm.msaudio1”=msaud32.acm
“msacm.sl_anet”=sl_anet.acm
“msacm.iac2”=C:\WINDOWS\system32\iac25_32.ax
“vidc.iv50”=ir50_32.dll
“msacm.l3acm”=C:\WINDOWS\system32\l3codeca.acm
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“MSVideo8”=VfWWDM32.dll
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“aux”=wdmaud.drv
======List of files/folders created in the last 1 month======
2013-07-01 17:42:52 —-D—- C:\Program Files\trend micro
2013-07-01 17:42:50 —-D—- C:\rsit
2013-07-01 17:27:58 —-A—- C:\AdwCleaner.txt
2013-07-01 17:27:28 —-A—- C:\AdwCleaner.txt
2013-07-01 17:18:10 —-A—- C:\WINDOWS\SchedLgU.Txt
2013-07-01 10:51:47 —-A—- C:\WINDOWS\system32\drivers\aswSP.sys
2013-07-01 10:51:47 —-A—- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2013-07-01 10:51:45 —-A—- C:\WINDOWS\system32\drivers\aswRdr.sys
2013-07-01 10:51:44 —-A—- C:\WINDOWS\system32\drivers\aswTdi.sys
2013-07-01 10:51:43 —-A—- C:\WINDOWS\system32\drivers\aswSnx.sys
2013-07-01 10:51:42 —-A—- C:\WINDOWS\system32\drivers\aswVmm.sys
2013-07-01 10:51:41 —-A—- C:\WINDOWS\system32\drivers\aswRvrt.sys
2013-07-01 10:51:39 —-A—- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2013-07-01 10:50:40 —-D—- C:\Program Files\ESET
2013-07-01 10:50:16 —-A—- C:\WINDOWS\avastSS.scr
2013-07-01 10:25:46 —-D—- C:\Documents and Settings\Admin\Application Data\Malwarebytes
2013-07-01 10:25:30 —-D—- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-07-01 10:25:29 —-D—- C:\Program Files\Malwarebytes' Anti-Malware
2013-07-01 10:25:29 —-A—- C:\WINDOWS\system32\drivers\mbam.sys
2013-07-01 10:23:27 —-A—- C:\AdwCleaner.txt
2013-06-26 11:27:30 —-D—- C:\Documents and Settings\Admin\Application Data\Avira
2013-06-24 14:03:12 —-D—- C:\Program Files\Common Files\Skype
2013-06-24 14:03:08 —-RD—- C:\Program Files\Skype
2013-06-24 10:58:19 —-D—- C:\Program Files\Microsoft Download Manager
2013-06-21 15:50:38 —-A—- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys
2013-06-20 16:16:04 —-D—- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2013-06-20 15:09:08 —-D—- C:\Program Files\Enigma Software Group
2013-06-20 15:08:12 —-D—- C:\WINDOWS\E89498D814304A2BA76A4A71326981E9.TMP
2013-06-20 15:07:56 —-D—- C:\Program Files\Common Files\Wise Installation Wizard
2013-06-14 10:21:51 —-HDC—- C:\WINDOWS\$NtUninstallKB2808679$
2013-06-12 18:22:02 —-HDC—- C:\WINDOWS\$NtUninstallKB2839229$
======List of files/folders modified in the last 1 month======
2084-03-09 10:57:00 —-AC—- C:\WINDOWS\system32\npDeployJava1.dll
2084-03-09 10:57:00 —-AC—- C:\WINDOWS\system32\deployJava1.dll
2013-07-01 17:42:57 —-D—- C:\WINDOWS\Prefetch
2013-07-01 17:42:52 —-D—- C:\Program Files
2013-07-01 17:39:01 —-D—- C:\WINDOWS\Temp
2013-07-01 17:28:03 —-D—- C:\Program Files\Common Files
2013-07-01 17:18:55 —-D—- C:\WINDOWS
2013-07-01 17:17:52 —-D—- C:\WINDOWS\Debug
2013-07-01 13:12:57 —-D—- C:\WINDOWS\system32\CatRoot2
2013-07-01 13:12:07 —-D—- C:\WINDOWS\system32\drivers
2013-07-01 10:51:42 —-SD—- C:\WINDOWS\Tasks
2013-07-01 10:51:14 —-SHD—- C:\WINDOWS\Installer
2013-07-01 10:51:14 —-D—- C:\Config.Msi
2013-07-01 10:51:13 —-D—- C:\WINDOWS\WinSxS
2013-07-01 10:51:02 —-SD—- C:\WINDOWS\Downloaded Program Files
2013-07-01 10:49:02 —-D—- C:\Program Files\AVAST Software
2013-07-01 10:49:02 —-D—- C:\Documents and Settings\All Users\Application Data\AVAST Software
2013-07-01 10:08:24 —-D—- C:\WINDOWS\system32\config
2013-06-30 22:16:29 —-D—- C:\Documents and Settings\Admin\Application Data\Skype
2013-06-27 09:45:36 —-D—- C:\WINDOWS\system32
2013-06-26 11:15:10 —-SD—- C:\WINDOWS\system32\Microsoft
2013-06-26 11:09:54 —-D—- C:\Documents and Settings\Admin\Application Data\Adobe
2013-06-26 11:09:51 —-D—- C:\Program Files\Common Files\Adobe
2013-06-26 11:09:51 —-D—- C:\Program Files\Adobe
2013-06-24 14:03:32 —-D—- C:\Documents and Settings\All Users\Application Data\Skype
2013-06-24 11:06:16 —-SD—- C:\Documents and Settings\Admin\Application Data\Microsoft
2013-06-24 11:01:04 —-D—- C:\Program Files\Microsoft Office
2013-06-24 11:00:55 —-D—- C:\Program Files\Common Files\Microsoft Shared
2013-06-20 16:23:24 —-AC—- C:\WINDOWS\wininit.ini
2013-06-20 16:23:22 —-SD—- C:\Documents and Settings\All Users\Application Data\Microsoft
2013-06-20 15:09:29 —-HD—- C:\WINDOWS\inf
2013-06-14 11:42:50 —-D—- C:\WINDOWS\Microsoft.NET
2013-06-14 11:42:49 —-RSD—- C:\WINDOWS\assembly
2013-06-14 10:32:58 —-AC—- C:\WINDOWS\system32\PerfStringBackup.INI
2013-06-14 10:22:27 —-RSHDC—- C:\WINDOWS\system32\dllcache
2013-06-12 20:06:26 —-AC—- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-06-12 18:37:17 —-D—- C:\Program Files\Internet Explorer
2013-06-12 18:16:25 —-AC—- C:\WINDOWS\system32\MRT.exe
2013-06-12 18:15:47 —-D—- C:\WINDOWS\ie8updates
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys
R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys
R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys
R3 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys
R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys
R3 QCDonner;Logitech QuickCam Express; C:\WINDOWS\system32\DRIVERS\OVCD.sys
R3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys
R3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys
R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys
R3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys
S1 MpKslf3c47e4b;MpKslf3c47e4b; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{59E42ABA-243A-4B65-BCBD-7B79BB14B092}\MpKslf3c47e4b.sys
S3 AR5523;Gigaset USB Adapter 108; C:\WINDOWS\system32\DRIVERS\ar5523.sys
S3 CBTNDIS5;CBTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\CBTNDIS5.SYS
S3 CCDECODE;Closed Caption-decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
S3 cxbu0wdm;OMNIKEY 3x21; C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\WINDOWS\system32\drivers\MSTEE.sys
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
S3 NdisIP;Microsoft TV/Video-verbinding; C:\WINDOWS\system32\DRIVERS\NdisIP.sys
S3 odysseyIM4;Odyssey Network Agent Miniport; C:\WINDOWS\system32\DRIVERS\odysseyIM4.sys
S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys
S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys
S3 usbser;Nokia USB Serial Port Driver ; C:\WINDOWS\system32\drivers\usbser.sys
S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys
S3 WSTCODEC;World Standard Teletext-codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys
S4 WS2IFSL;Windows Socket 2.0 Non-IFS-omgeving voor serviceproviderondersteuning; C:\WINDOWS\System32\drivers\ws2ifsl.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 aspnet_state;ASP.NET-statusservice; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
S3 MatSvc;Microsoft Automated Troubleshooting Service; C:\Program Files\Microsoft Fix it Center\Matsvc.exe
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
S4 NetTcpPortSharing;Net.Tcp service voor het delen van poorten; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
S4 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe
Hallo,
>>>Hallo Ben ,Sorry !<<<
Geeft niet hoor 
Download zoek.exe naar het bureaublad.
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
* Dubbelklik op Zoek.exe om de tool te starten.
* Kopieer nu het onderstaande vet gedrukte code en plak die in het grote invulvenster:
* Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
firefoxlook;
chromelook;
{18DF081C-E8AD-4283-A596-FA578C2EBDC3};c
{9030D464-4C02-4ABF-8ECC-5164760863C6};c
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081};c
standardsearch;
filesrcm;
autoclean;
startupall;
*Klik nu op de knop "Run script".
* Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
* Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
* Post nu de inhoud van het geopende logje in het volgende bericht.
Gr.Ben
Hier de log Ben en dank je wel voor je hulp.
Zoek.exe Version 4.0.0.3 Updated 27-June-2013
Tool run by Admin on ma 01-07-2013 at 21:39:45,90.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
==== Older Logs ======================
C:\zoek-results01-07-2013-2138.log 394 bytes
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1229272821-2147023445-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} deleted successfully
HKEY_USERS\S-1-5-21-1229272821-2147023445-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-1229272821-2147023445-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\EU18HDCR\zoek.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k imgsvc
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
“C:\Documents and Settings\Admin\Application Data\desktop.ini” deleted
“C:\found.000” deleted
“C:\WINDOWS\System32\searchplugins” deleted
“C:\WINDOWS\System32\Extensions” deleted
==== System Specs ======================
Windows: Windows XP Home Edition Service Pack 3 (Build 2600)
Memory (RAM): 1015 MB
CPU Info: Intel(R) Pentium(R) 4 CPU 2.80GHz
CPU Speed: 2772,8 MHz
Sound Card: SoundMAX Digital Audio |
Display Adapters: Intel(R) 82915G/GV/910GL Express Chipset Family | Intel(R) 82915G/GV/910GL Express Chipset Family | NetMeeting driver | RDPDD Chained DD
Monitors: 1x; Plug en Play-monitor | Plug en Play-monitor |
Screen Resolution: 1024 X 768 - 32 bit
Network: Network Present
Network Adapters: Broadcom NetXtreme 57xx Gigabit Controller - Pakketplanner-minipoort
CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GSA-4160B
Ports: COM1 LPT1
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C: 37,2GB
Hard Disks - Free: C: 18,9GB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE | 02/09/05 | DELL - 7
Time Zone: West-Europa (standaardtijd)
Motherboard *: Dell Inc. 0U4100
Internet Explorer Version: 8.0.6001.18702
Sun Java version: 1.7.0_21
Country: Nederland
Language: NLD
==== Files Recently Created / Modified ======================
====== C:\WINDOWS ====
2013-07-01 15:18:10 3294F199AA45ADAB31097822810A6221 8932 —-a-w- C:\WINDOWS\SchedLgU.Txt
2013-07-01 08:50:16 E9C8673674ECF840EE59ED805DBE9966 41664 —-a-w- C:\WINDOWS\avastSS.scr
====== C:\DOCUME~1\Admin\LOCALS~1\Temp ====
====== C:\WINDOWS\system32 =====
====== C:\WINDOWS\system32\drivers =====
2013-07-01 08:52:09 FAF091AA45A6A6CF3CF94FE065950956 175 —-a-w- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
2013-07-01 08:52:09 3FFBEE694566CADB0A64D8A1ACD7DBCE 175 —-a-w- C:\WINDOWS\System32\drivers\aswSP.sys.sum
2013-07-01 08:52:09 22EA82FFE8CA4965C1994F24C35DC202 175 —-a-w- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
2013-07-01 08:51:47 937300BC7C4CDF7576BCCE44E19BBB9D 369584 —-a-w- C:\WINDOWS\System32\drivers\aswSP.sys
2013-07-01 08:51:47 4AF5F360BA1E8794D32B366E45A64A0A 29816 —-a-w- C:\WINDOWS\System32\drivers\aswFsBlk.sys
2013-07-01 08:51:45 7B43265F92257A21CBFD88E7A651044C 49760 —-a-w- C:\WINDOWS\System32\drivers\aswRdr.sys
2013-07-01 08:51:44 1F71F170D90E42EFDE9633D81D5E12DC 56080 —-a-w- C:\WINDOWS\System32\drivers\aswTdi.sys
2013-07-01 08:51:43 CCD565A8A72AF7D45F9A242013870926 770344 —-a-w- C:\WINDOWS\System32\drivers\aswSnx.sys
2013-07-01 08:51:42 8CFAA2B965773A653F48F1207A9CB9C4 175176 —-a-w- C:\WINDOWS\System32\drivers\aswVmm.sys
2013-07-01 08:51:41 B680134BA1813B78B47FDD1DFF223CA5 49376 —-a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys
2013-07-01 08:51:39 1F7094D4268D46F718C51286DC189791 66336 —-a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys
2013-07-01 08:25:29 4470E3C1E0C3378E4CAB137893C12C3A 22856 —-a-w- C:\WINDOWS\System32\drivers\mbam.sys
2013-06-21 13:50:38 14BB60A4F1C5291217A05D5728C403E6 14776 —-a-w- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
====== C:\WINDOWS\Tasks ======
2013-07-01 08:51:42 9E8398DC8B0B83F81C0C89B6842568FB 362 —ha-w- C:\WINDOWS\Tasks\avast! Emergency Update.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2013-07-01 15:42:52 ——– d—–w- C:\Program Files\trend micro
2013-07-01 08:50:40 ——– d—–w- C:\Program Files\ESET
2013-06-24 12:03:12 ——– d—–w- C:\Program Files\Common Files\Skype
2013-06-24 12:03:08 ——– d—–r- C:\Program Files\Skype
2013-06-24 08:58:19 ——– d—–w- C:\Program Files\Microsoft Download Manager
2013-06-20 13:09:08 ——– d—–w- C:\Program Files\Enigma Software Group
2013-06-20 13:07:56 ——– d—–w- C:\Program Files\Common Files\Wise Installation Wizard
======= C: =====
2013-07-01 15:27:58 CDC08BE755596B9D7B25DF11F5A2E476 9350 —-a-w- C:\AdwCleaner.txt
2013-07-01 15:27:28 C460E5FD13DDB6709B5E49F081A3BAF4 9476 —-a-w- C:\AdwCleaner.txt
2013-07-01 08:23:27 FEC7F76DA771145E0ECE6B881F1BB3DF 9416 —-a-w- C:\AdwCleaner.txt
====== C:\Documents and Settings\Admin\Application Data ======
2013-07-01 08:51:48 ——– d—–w- C:\Documents and Settings\All Users\Menu Start\Programma's\avast! Free Antivirus
2013-06-26 09:27:30 ——– d—–w- C:\Documents and Settings\Admin\Application Data\Avira
2013-06-24 12:03:14 ——– d—–w- C:\Documents and Settings\All Users\Menu Start\Programma's\Skype
2013-06-24 08:58:20 ——– d—–w- C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Download Manager
2013-06-20 14:16:04 ——– d—–w- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
====== C:\Documents and Settings\Admin ======
2013-06-27 07:42:07 ——– d–h–r- C:\Documents and Settings\Admin\Onlangs geopend
====== C: exe-files ==
2013-07-01 15:42:53 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files\trend micro\Admin.exe
2013-07-01 08:50:43 6D4ED8A5C071F29730A6F0B943FEEA3A 122584 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2013-07-01 08:50:42 CE0D0B11986FD2C0247AE88A59B36A6E 579904 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2013-07-01 08:50:42 BDB7D97012F9B3102DB72AA76A24942A 546944 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
2013-07-01 08:50:42 7ABF8849E76732C357F419B1AF5668F2 546944 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2013-07-01 08:50:41 7C9EEC809FB9CDA26EFC245C001EA980 2347384 —-a-w- C:\Program Files\ESET\ESET Online Scanner\ESETSmartInstaller.exe
=== C: other files ==
2013-07-01 08:51:47 937300BC7C4CDF7576BCCE44E19BBB9D 369584 —-a-w- C:\WINDOWS\system32\drivers\aswSP.sys
2013-07-01 08:51:47 4AF5F360BA1E8794D32B366E45A64A0A 29816 —-a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2013-07-01 08:51:45 7B43265F92257A21CBFD88E7A651044C 49760 —-a-w- C:\WINDOWS\system32\drivers\aswRdr.sys
2013-07-01 08:51:44 1F71F170D90E42EFDE9633D81D5E12DC 56080 —-a-w- C:\WINDOWS\system32\drivers\aswTdi.sys
2013-07-01 08:51:43 CCD565A8A72AF7D45F9A242013870926 770344 —-a-w- C:\WINDOWS\system32\drivers\aswSnx.sys
2013-07-01 08:51:42 8CFAA2B965773A653F48F1207A9CB9C4 175176 —-a-w- C:\WINDOWS\system32\drivers\aswVmm.sys
2013-07-01 08:51:41 B680134BA1813B78B47FDD1DFF223CA5 49376 —-a-w- C:\WINDOWS\system32\drivers\aswRvrt.sys
2013-07-01 08:51:39 1F7094D4268D46F718C51286DC189791 66336 —-a-w- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2013-07-01 08:25:29 4470E3C1E0C3378E4CAB137893C12C3A 22856 —-a-w- C:\WINDOWS\system32\drivers\mbam.sys
==== Startup Registry Enabled ======================
“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE”
“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE”
“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE”
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe”
“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE”
“IObit Malware Fighter”=“C:\Program Files\IObit\IObit Malware Fighter\IMF.exe /autostart”
“avast”=“C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui”
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe”
==== Startup Registry Disabled ======================
“command”=“c:\\program files\\belgium identity card\\beid certprop\\beidsccertprop.exe”
“hkey”=“HKLM”
“item”=“beidsccertprop”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“c:\\program files\\canon\\myprinter\\bjmyprt.exe /logon”
“hkey”=“HKLM”
“item”=“CanonMyPrinter”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“c:\\program files\\ahead\\incd\\incd.exe”
“hkey”=“HKLM”
“item”=“InCD”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“\”c:\\program files\\messenger\\msmsgs.exe\“ /background”
“hkey”=“HKCU”
“item”=“MSMSGS”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“c:\\windows\\system32\\nerocheck.exe”
“hkey”=“HKLM”
“item”=“NeroFilterCheck”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“c:\\program files\\common files\\java\\java update\\jusched.exe”
“hkey”=“HKLM”
“item”=“SunJavaUpdateSched”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“c:\\program files\\tomtom home 2\\tomtomhomerunner.exe”
“hkey”=“HKCU”
“item”=“TomTomHOME.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
==== Task Scheduler Jobs ======================
C:\WINDOWS\tasks\Adobe Flash Player Updater.job –a–c— C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\avast\Undetermined Task.exe
C:\WINDOWS\tasks\ConfigExec.job –ah-c— C:\WINDOWS\system32\rundll32SC:\Program Files\Microsoft Fix it Center\MatsApi.dll
C:\WINDOWS\tasks\DataUpload.job –ah-c— C:\WINDOWS\system32\rundll32GC:\Program Files\Microsoft Fix itC:enter\MatsApi.dll
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job –a–c— C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job –a–c— C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\tasks\SmartDefrag.job –a–c— C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
==== Firefox Extensions ======================
ProfilePath: C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\0
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Online HD TV - %ProfilePath%\extensions\onlinehdtv@onlinehd.tv.xpi
==== Firefox Plugins ======================
==== Deleting Files \ Folders ======================
“C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\0\extensions\onlinehdtv@onlinehd.tv.xpi” deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dkinklhnkmkhkhofcnapakaoehijaoih - C:\Program Files\OnlineHD.TV\onhd11.crx
hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx
icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx
mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx
pfndaklgolladniicklehhancnlgocpp - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.startpagina.nl/”
New Values:
“Start Page”=“http://www.startpagina.nl/”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
“DefaultScope”=“{B6288F44-94F0-4E88-BEC7-3FAECE5E74B1}”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
{B6288F44-94F0-4E88-BEC7-3FAECE5E74B1} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_nlBE454”
{EABA152D-45C7-4F31-ACB8-1C4DA4850CFE} Yahoo//search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}"
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1229272821-2147023445-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-1229272821-2147023445-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully
==== HijackThis Entries ======================
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: “C:\Program Files\IObit\IObit Malware Fighter\IMF.exe” /autostart
O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui
O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Lokale service’)
O4 - HKUS\S-1-5-20\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Netwerkservice’)
O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O15 - Trusted Zone: *.dell.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
==== Empty IE Cache ======================
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\EU18HDCR will be deleted at reboot
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Admin\LOCALS~1\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\RECYCLER successfully emptied
==== Deleting Files / Folders ======================
“C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat” not deleted
“C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat” not deleted
“C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\EU18HDCR” not found
==== EOF on ma 01-07-2013 at 22:02:05,67 ======================
Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's