Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

HyperText Transfer Protocol

None
21 antwoorden
  • Hallo,

    Wie kan mij helpen om zeer vervelende popups tijdens het surfen te verwijderen.

    content.yieldmanager.edgesuite.net/atoms

    ellebo868
  • We gaan eens kijken:

  • Geachte Abraham54,

    Hierbij de logfile, ik hoop dat ik het goed gedaan heb ben niet zo handig op de computer.

    # AdwCleaner v2.004 - Verslag gemaakt op 12/10/2012 om 13:50:39
    # Geactualiseerd op 06/10/2012 door Xplode
    # Besturingssysteem : Windows 7 Ultimate Service Pack 1 (32 bits)
    # Gebruiker : Boudewijn - BOUDEWIJN-PC
    # Opstarten Modus : Normale modus
    # Gelanceerd vanaf : C:\Users\Boudewijn\Desktop\adwcleaner.exe
    # Optie [Verwijderen]


    ***** [Diensten] *****


    ***** [Files / Mappen] *****

    File Verwijdert : C:\Users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\searchplugins\Conduit.xml
    Map Verwijdert : C:\Program Files\Bandoo
    Map Verwijdert : C:\Program Files\Conduit
    Map Verwijdert : C:\Program Files\Ilivid
    Map Verwijdert : C:\ProgramData\Babylon
    Map Verwijdert : C:\Users\BOUDEW~1\AppData\Local\Temp\CT2481029
    Map Verwijdert : C:\Users\Boudewijn\AppData\Local\Babylon
    Map Verwijdert : C:\Users\Boudewijn\AppData\Local\Conduit
    Map Verwijdert : C:\Users\Boudewijn\AppData\Local\Ilivid Player
    Map Verwijdert : C:\Users\Boudewijn\AppData\LocalLow\Bandoo
    Map Verwijdert : C:\Users\Boudewijn\AppData\LocalLow\Conduit
    Map Verwijdert : C:\Users\Boudewijn\AppData\Roaming\Babylon
    Map Verwijdert : C:\Users\Boudewijn\AppData\Roaming\Bandoo
    Map Verwijdert : C:\Users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\ConduitCommon
    Map Verwijdert : C:\Users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\CT2481029
    Map Verwijdert : C:\Users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\extensions\{0734d757-fea6-4637-a7e4-2bd40a7fd8da}
    Map Verwijdert : C:\Users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\extensions\ffxtlbr@babylon.com

    ***** [Register] *****

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit
    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong
    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar
    Sleutel Verwijdert : HKCU\Software\ilivid
    Sleutel Verwijdert : HKCU\Software\IM
    Sleutel Verwijdert : HKCU\Software\ImInstaller
    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Sleutel Verwijdert : HKCU\Software\Softonic
    Sleutel Verwijdert : HKLM\Software\Babylon
    Sleutel Verwijdert : HKLM\Software\Bandoo
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2481029
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT3242338
    Sleutel Verwijdert : HKLM\Software\Conduit
    Sleutel Verwijdert : HKLM\Software\Freeze.com
    Sleutel Verwijdert : HKLM\Software\ImInstaller
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}

    ***** [Browsers] *****

    -\\ Internet Explorer v9.0.8112.16421

    [OK] Het register bevat geen enkele ongeoorloofde invoer.

    -\\ Mozilla Firefox v6.0.2 (nl)

    Profielnaam : default
    File : C:\Users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\prefs.js

    C:\Users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\user.js … Verwijdert !

    Verwijdert : user_pref("CT2481029..clientLogIsEnabled", false);
    Verwijdert : user_pref("CT2481029..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[…]
    Verwijdert : user_pref("CT2481029..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[…]
    Verwijdert : user_pref("CT2481029.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
    Verwijdert : user_pref("CT2481029.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx";);
    Verwijdert : user_pref("CT2481029.BrowserCompStateIsOpen_129469764804250079", true);
    Verwijdert : user_pref("CT2481029.BrowserCompStateIsOpen_129781026659396735", true);
    Verwijdert : user_pref("CT2481029.CTID", "CT2481029";);
    Verwijdert : user_pref("CT2481029.CurrentServerDate", "21-4-2012";);
    Verwijdert : user_pref("CT2481029.DSInstall", true);
    Verwijdert : user_pref("CT2481029.DialogsAlignMode", "LTR";);
    Verwijdert : user_pref("CT2481029.DialogsGetterLastCheckTime", "Sat Apr 21 2012 14:24:03 GMT+0200";);
    Verwijdert : user_pref("CT2481029.DownloadReferralCookieData", "";);
    Verwijdert : user_pref("CT2481029.FirstServerDate", "21-4-2012";);
    Verwijdert : user_pref("CT2481029.FirstTime", true);
    Verwijdert : user_pref("CT2481029.FirstTimeFF3", true);
    Verwijdert : user_pref("CT2481029.FixPageNotFoundErrors", true);
    Verwijdert : user_pref("CT2481029.GroupingServerCheckInterval", 1440);
    Verwijdert : user_pref("CT2481029.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/";);
    Verwijdert : user_pref("CT2481029.HPInstall", true);
    Verwijdert : user_pref("CT2481029.HasUserGlobalKeys", true);
    Verwijdert : user_pref("CT2481029.HomePageProtectorEnabled", true);
    Verwijdert : user_pref("CT2481029.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2481029&SearchSource=[…]
    Verwijdert : user_pref("CT2481029.Initialize", true);
    Verwijdert : user_pref("CT2481029.InitializeCommonPrefs", true);
    Verwijdert : user_pref("CT2481029.InstallationAndCookieDataSentCount", 1);
    Verwijdert : user_pref("CT2481029.InstallationId", "ConduitNSISIntegration";);
    Verwijdert : user_pref("CT2481029.InstallationType", "ConduitXPEIntegration";);
    Verwijdert : user_pref("CT2481029.InstalledDate", "Sat Apr 21 2012 14:24:04 GMT+0200";);
    Verwijdert : user_pref("CT2481029.InvalidateCache", false);
    Verwijdert : user_pref("CT2481029.IsGrouping", false);
    Verwijdert : user_pref("CT2481029.IsInitSetupIni", true);
    Verwijdert : user_pref("CT2481029.IsMulticommunity", false);
    Verwijdert : user_pref("CT2481029.IsOpenThankYouPage", false);
    Verwijdert : user_pref("CT2481029.IsOpenUninstallPage", false);
    Verwijdert : user_pref("CT2481029.IsProtectorsInit", true);
    Verwijdert : user_pref("CT2481029.LanguagePackLastCheckTime", "Sat Apr 21 2012 14:24:07 GMT+0200";);
    Verwijdert : user_pref("CT2481029.LanguagePackReloadIntervalMM", 1440);
    Verwijdert : user_pref("CT2481029.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[…]
    Verwijdert : user_pref("CT2481029.LastLogin_3.10.0.1", "Sat Apr 21 2012 14:24:07 GMT+0200";);
    Verwijdert : user_pref("CT2481029.LatestVersion", "3.12.0.7";);
    Verwijdert : user_pref("CT2481029.Locale", "nl";);
    Verwijdert : user_pref("CT2481029.MCDetectTooltipHeight", "83";);
    Verwijdert : user_pref("CT2481029.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@
    ank/tooltip/?version=1";);
    Verwijdert : user_pref("CT2481029.MCDetectTooltipWidth", "295";);
    Verwijdert : user_pref("CT2481029.MyStuffEnabledAtInstallation", true);
    Verwijdert : user_pref("CT2481029.OriginalFirstVersion", "3.10.0.1";);
    Verwijdert : user_pref("CT2481029.RadioIsPodcast", false);
    Verwijdert : user_pref("CT2481029.RadioLastCheckTime", "Sat Apr 21 2012 14:24:07 GMT+0200";);
    Verwijdert : user_pref("CT2481029.RadioLastUpdateIPServer", "3";);
    Verwijdert : user_pref("CT2481029.RadioLastUpdateServer", "3";);
    Verwijdert : user_pref("CT2481029.RadioMediaID", "9962";);
    Verwijdert : user_pref("CT2481029.RadioMediaType", "Media Player";);
    Verwijdert : user_pref("CT2481029.RadioMenuSelectedID", "EBRadioMenu_CT24810299962";);
    Verwijdert : user_pref("CT2481029.RadioShrinkedFromSetup", false);
    Verwijdert : user_pref("CT2481029.RadioStationName", "California%20Rock";);
    Verwijdert : user_pref("CT2481029.RadioStationURL", "hxxp://feedlive.net/california.asx";);
    Verwijdert : user_pref("CT2481029.SavedHomepage", "hxxp://www.google.nl/ig?rls=ig&hl=nl&source=iglk|hxxp://www.go[…]
    Verwijdert : user_pref("CT2481029.SearchCaption", "Ashampoo NL Customized Web Search";);
    Verwijdert : user_pref("CT2481029.SearchEngineBeforeUnload", "Ashampoo NL Customized Web Search";);
    Verwijdert : user_pref("CT2481029.SearchFromAddressBarIsInit", true);
    Verwijdert : user_pref("CT2481029.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[…]
    Verwijdert : user_pref("CT2481029.SearchInNewTabEnabled", true);
    Verwijdert : user_pref("CT2481029.SearchInNewTabIntervalMM", 1440);
    Verwijdert : user_pref("CT2481029.SearchInNewTabLastCheckTime", "Sat Apr 21 2012 14:24:07 GMT+0200";);
    Verwijdert : user_pref("CT2481029.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[…]
    Verwijdert : user_pref("CT2481029.SearchProtectorEnabled", true);
    Verwijdert : user_pref("CT2481029.SearchProtectorToolbarDisabled", false);
    Verwijdert : user_pref("CT2481029.SendProtectorDataViaLogin", true);
    Verwijdert : user_pref("CT2481029.ServiceMapLastCheckTime", "Sat Apr 21 2012 14:24:02 GMT+0200";);
    Verwijdert : user_pref("CT2481029.SettingsLastCheckTime", "Sat Apr 21 2012 14:24:02 GMT+0200";);
    Verwijdert : user_pref("CT2481029.SettingsLastUpdate", "1334747269";);
    Verwijdert : user_pref("CT2481029.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2481029&SearchSource=13";);
    Verwijdert : user_pref("CT2481029.ThirdPartyComponentsInterval", 504);
    Verwijdert : user_pref("CT2481029.ThirdPartyComponentsLastCheck", "Sat Apr 21 2012 14:24:02 GMT+0200";);
    Verwijdert : user_pref("CT2481029.ThirdPartyComponentsLastUpdate", "1256026239";);
    Verwijdert : user_pref("CT2481029.ToolbarShrinkedFromSetup", false);
    Verwijdert : user_pref("CT2481029.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2481029";);
    Verwijdert : user_pref("CT2481029.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[…]
    Verwijdert : user_pref("CT2481029.UserID", "UN46285832918607843";);
    Verwijdert : user_pref("CT2481029.alertChannelId", "874435";);
    Verwijdert : user_pref("CT2481029.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747374747071747C7A7B242F4B4947[…]
    Verwijdert : user_pref("CT2481029.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[…]
    Verwijdert : user_pref("CT2481029.backendstorage./9b-0?3g>d", "6B6D71416A3E43747A74734975204C754E7D25232350222A28[…]
    Verwijdert : user_pref("CT2481029.backendstorage./9b-0?3g@6:5;", "";);
    Verwijdert : user_pref("CT2481029.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E424[…]
    Verwijdert : user_pref("CT2481029.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576";);
    Verwijdert : user_pref("CT2481029.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484779213F3E484F4E4D464[…]
    Verwijdert : user_pref("CT2481029.backendstorage./9b5ba==9cjag", "6D686C693F3F6E447A707048737C7D774E79502151";);
    Verwijdert : user_pref("CT2481029.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6E6D73737476727670717B";);
    Verwijdert : user_pref("CT2481029.backendstorage./9b90e@8ff=eg", "393F352F3E";);
    Verwijdert : user_pref("CT2481029.backendstorage./9b9643g3/9e", "6A";);
    Verwijdert : user_pref("CT2481029.backendstorage./9b<:222h64<", "393F352F3E";);
    Verwijdert : user_pref("CT2481029.backendstorage./9b=+03eh8h8j?:", "4443";);
    Verwijdert : user_pref("CT2481029.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[…]
    Verwijdert : user_pref("CT2481029.backendstorage./9b?b0d:8aj62<h", "6D";);
    Verwijdert : user_pref("CT2481029.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B";);
    Verwijdert : user_pref("CT2481029.backendstorage.shoppingapp.gk.exipres", "5468752041707220323620323031322031343A[…]
    Verwijdert : user_pref("CT2481029.backendstorage.shoppingapp.gk.geolocation", "6E65746865726C616E6473";);
    Verwijdert : user_pref("CT2481029.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[…]
    Verwijdert : user_pref("CT2481029.globalFirstTimeInfoLastCheckTime", "Sat Apr 21 2012 14:24:03 GMT+0200";);
    Verwijdert : user_pref("CT2481029.homepageProtectorEnableByLogin", true);
    Verwijdert : user_pref("CT2481029.initDone", true);
    Verwijdert : user_pref("CT2481029.isAppTrackingManagerOn", true);
    Verwijdert : user_pref("CT2481029.isFirstRadioInstallation", false);
    Verwijdert : user_pref("CT2481029.myStuffEnabled", true);
    Verwijdert : user_pref("CT2481029.myStuffPublihserMinWidth", 400);
    Verwijdert : user_pref("CT2481029.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[…]
    Verwijdert : user_pref("CT2481029.myStuffServiceIntervalMM", 1440);
    Verwijdert : user_pref("CT2481029.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[…]
    Verwijdert : user_pref("CT2481029.navigateToUrlOnSearch", false);
    Verwijdert : user_pref("CT2481029.revertSettingsEnabled", true);
    Verwijdert : user_pref("CT2481029.searchProtectorDialogDelayInSec", 10);
    Verwijdert : user_pref("CT2481029.searchProtectorEnableByLogin", true);
    Verwijdert : user_pref("CT2481029.testingCtid", "";);
    Verwijdert : user_pref("CT2481029.toolbarAppMetaDataLastCheckTime", "Sat Apr 21 2012 14:24:03 GMT+0200";);
    Verwijdert : user_pref("CT2481029.toolbarContextMenuLastCheckTime", "Sat Apr 21 2012 14:24:07 GMT+0200";);
    Verwijdert : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481029&Search[…]
    Verwijdert : user_pref("CommunityToolbar.ConduitSearchList", "Ashampoo NL Customized Web Search";);
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com
    oot/CT2481029/CT2481029[…]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2481029", […]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[…]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[…]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[…]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[…]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[…]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[…]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2481029",[…]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=nl", "\"d8c[…]
    Verwijdert : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Boudewijn\\AppData\\Roaming\\Mozill[…]
    Verwijdert : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.10.0.1";);
    Verwijdert : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.babylon.com/?babsrc=adbart[…]
    Verwijdert : user_pref("CommunityToolbar.ToolbarsList", "CT2481029";);
    Verwijdert : user_pref("CommunityToolbar.ToolbarsList2", "CT2481029";);
    Verwijdert : user_pref("CommunityToolbar.ToolbarsList4", "CT2481029";);
    Verwijdert : user_pref("CommunityToolbar.globalUserId", "6be9f1a4-43f5-4cac-8ad9-ed5416dd64fd";);
    Verwijdert : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Verwijdert : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Verwijdert : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2481029";);
    Verwijdert : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Apr 21 2012 14:24:0[…]
    Verwijdert : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com";);
    Verwijdert : user_pref("CommunityToolbar.notifications.locale", "en";);
    Verwijdert : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
    Verwijdert : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Apr 21 2012 14:24:02 GMT+0200";);
    Verwijdert : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611";);
    Verwijdert : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
    Verwijdert : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com";);
    Verwijdert : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
    Verwijdert : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
    Verwijdert : user_pref("CommunityToolbar.notifications.userId", "13c86405-556c-41de-9440-511104296327";);
    Verwijdert : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.nl/ig?rls=ig&hl=nl&source=iglk|htt[…]
    Verwijdert : user_pref("CommunityToolbar.originalSearchEngine", "Search the web (Babylon)";);
    Verwijdert : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com";);
    Verwijdert : user_pref("browser.search.defaultenginename", "Search the web (Babylon)";);
    Verwijdert : user_pref("browser.search.defaultthis.engineName", "Ashampoo NL Customized Web Search";);
    Verwijdert : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481029&Sea[…]
    Verwijdert : user_pref("browser.search.order.1", "Search the web (Babylon)";);
    Verwijdert : user_pref("browser.search.selectedEngine", "Ashampoo NL Customized Web Search";);
    Verwijdert : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2481029&SearchSource=13";);
    Verwijdert : user_pref("extensions.BabylonToolbar.aflt", "orgnl";);
    Verwijdert : user_pref("extensions.BabylonToolbar.bbDpng", 21);
    Verwijdert : user_pref("extensions.BabylonToolbar.dfltLng", "nl";);
    Verwijdert : user_pref("extensions.BabylonToolbar.lastDP", 21);
    Verwijdert : user_pref("extensions.BabylonToolbar.lastVrsnTs", "";);
    Verwijdert : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "6.0";);
    Verwijdert : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb";);
    Verwijdert : user_pref("extensions.BabylonToolbar.propectorlck", 73571048);
    Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 1);
    Verwijdert : user_pref("extensions.BabylonToolbar.smplGrp", "free";);
    Verwijdert : user_pref("extensions.enabledAddons", "ffxtlbr@babylon.com:1.1.9,{0734d757-fea6-4637-a7e4-2bd40a7fd8[…]
    Verwijdert : user_pref("keyword.URL", "hxxp://search.babylon.com/?babsrc=adbartrp&affID=19764&mntrId=e8bbb17c0000[…]

    *************************

    AdwCleaner[S1].txt - [21771 octets] - [12/10/2012 13:50:39]

  • Hallo Abraham54,

    Hier het tweede log.

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
    Run by Boudewijn at 14:19:44 on 2012-10-12
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.3326.2388 [GMT 2:00]
    .
    AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
    SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32
    vvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display
    vxdsync.exe
    C:\Windows\system32
    vvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\HiYo\Bin\HiYo.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\DllHost.exe
    C:\Program Files\Nero\Update\NASvc.exe
    C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    C:\Windows\system32\svchost.exe -k WindowsMobile
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/ig
    uURLSearchHooks: H - No File
    uURLSearchHooks: H - No File
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: IEToolbar.BHO: {1d970ed5-3eda-438d-bffd-715931e2775b} - mscoree.dll
    BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
    BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
    TB: MoneyMillionaire Toolbar: {d28c7e56-2cc6-415c-8727-d71334085926} - mscoree.dll
    TB: {0734D757-FEA6-4637-A7E4-2BD40A7FD8DA} - No File
    TB: {37E17185-B07A-47B3-BD86-C675E4E4B89A} - No File
    EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe"
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
    mRun: [Hiyo] c:\program files\hiyo\bin\HiYo.exe /RunFromStartup
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    mPolicies-system: EnableLinkedConnections = 1 (0x1)
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab
    DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} - hxxp://www.smartphoto.nl/ExtraFilmUploader6.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://217.123.26.196/activex/AMC.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{6DD001BA-A2A1-4F28-A144-A537AC82A278} : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{6DD001BA-A2A1-4F28-A144-A537AC82A278}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{6DD001BA-A2A1-4F28-A144-A537AC82A278}\2656C6B696E6E233636683 : DhcpNameServer = 192.168.2.1
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    SEH: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - SABShellExecuteHook Class
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
    Hosts: 74.55.76.230 www.google-analytics.com.
    Hosts: 74.55.76.230 ad-emea.doubleclick.net.
    Hosts: 74.55.76.230 www.statcounter.com.
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\boudewijn\appdata\roaming\mozilla\firefox\profiles\mapr5jej.default\
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: c:\progra~1\common~1
    ero\browse~1
    pBrowserPlugin.dll
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air
    ppdf32.dll
    FF - plugin: c:\program files\canon\mycamera download plugin\NPCIG.dll
    FF - plugin: c:\program files\google\google earth\plugin
    pgeplugin.dll
    FF - plugin: c:\program files\google\picasa3
    pPicasa3.dll
    FF - plugin: c:\program files\google\update\1.3.21.111
    pGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2
    pdeployJava1.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2
    pjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0
    pctrlui.dll
    FF - plugin: c:\program files\televisionfanaticei\installr\1.bin\NP64EISb.dll
    FF - plugin: c:\program files\veetle\plugins
    pVeetle.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\programdata\moneymiljonair+\ffextension20120109162552\plugins
    pdf.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_233.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]
    R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [2011-11-7 56496]
    R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [2011-11-7 12464]
    R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\drivers\tdrpm273.sys [2011-4-2 752128]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
    R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/04/03 12:03:40];c:\program files\cyberlink\powerdvd10
    avfilter\000.fcl [2010-6-28 87536]
    R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]
    R2 afcdpsrv;Acronis Nonstop Backup-service ;c:\program files\common files\acronis\cdp\afcdpsrv.exe [2011-4-2 3246040]
    R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-10-6 399432]
    R2 NAUpdate;Nero Update;c:\program files
    ero\update\NASvc.exe [2011-9-23 641832]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files
    vidia corporation
    vidia updatus\daemonu.exe [2011-8-2 2214504]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2010-5-7 1051976]
    R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [2011-4-2 167968]
    R3 netr28u;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista;c:\windows\system32\drivers
    etr28u.sys [2009-6-10 657408]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 DiscountfinderService;DiscountfinderService;"c:\programdata\moneymiljonair+\dfservice.exe" –> c:\programdata\moneymiljonair+\DFService.exe [?]
    S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-4-1 136176]
    S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-10-6 676936]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-29 250808]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-4-1 136176]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-10-6 22856]
    S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 99272]
    S3 NisSrv;Microsoft Netwerkinspectie;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-4-6 15872]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-4-6 52224]
    S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2011-4-2 1343400]
    .
    =============== Created Last 30 ================
    .
    2012-10-12 11:42:23 6980552 —-a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d50f3960-3670-4e0c-8bb2-eee8c7c97aae}\mpengine.dll
    2012-10-12 08:44:20 ——– d—–w- c:\users\boudewijn\appdata\local\{3FC853AB-3F31-4093-901A-C3D2CEA7B04E}
    2012-10-11 08:43:39 ——– d—–w- c:\users\boudewijn\appdata\local\{0B1D49E1-BAF7-4ABA-A452-C3A0B859E395}
    2012-10-10 09:52:58 6980552 ——w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2012-10-10 09:41:32 ——– d—–w- c:\users\boudewijn\appdata\local\{009F50AE-C443-4CB1-8A77-BE31E5117A52}
    2012-10-09 20:13:34 ——– d—–w- c:\users\boudewijn\appdata\local\{EDF85E04-1F41-45BD-9ACB-9C5091D83B95}
    2012-10-09 08:12:54 ——– d—–w- c:\users\boudewijn\appdata\local\{89DED982-CAA0-4929-B621-4CF77C42D972}
    2012-10-08 12:21:50 ——– d—–w- c:\windows\1C7CC8E2CFCF41E6A8637C7A45CE8A78.TMP
    2012-10-08 11:38:07 ——– d—–w- C:\sh4ldr
    2012-10-08 11:36:28 ——– d—–w- c:\windows\9E897D0FF80441A3966C7BB6EB5B6BE8.TMP
    2012-10-08 09:37:52 2560 —-a-w- c:\windows\_MSRSTRT.EXE
    2012-10-08 08:55:05 ——– d—–w- c:\users\boudewijn\appdata\local\{A6AC49AA-520F-47FD-81F0-0E460A1D7D8F}
    2012-10-07 20:54:07 ——– d—–w- c:\users\boudewijn\appdata\local\{49EF52E3-3891-49FA-B4FD-B67B7546017E}
    2012-10-07 08:53:27 ——– d—–w- c:\users\boudewijn\appdata\local\{0BAC3B99-AF0F-45D5-8160-91763162AE94}
    2012-10-06 19:28:42 ——– d—–w- c:\users\boudewijn\appdata\local\{C9462574-E9C2-4F94-927C-8033C1F630B7}
    2012-10-06 07:45:26 22856 —-a-w- c:\windows\system32\drivers\mbam.sys
    2012-10-06 07:27:39 ——– d—–w- c:\users\boudewijn\appdata\local\{1C343966-CDFB-4DB0-AFCA-A10226634643}
    2012-10-05 08:21:26 740784 ——w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9a48f5a1-5adb-4e1f-911b-a3c37625b00a}\gapaengine.dll
    2012-10-05 08:10:33 ——– d—–w- c:\users\boudewijn\appdata\local\{F7AE42F0-B6CF-44B5-A586-66025F26E3AB}
    2012-10-04 14:32:24 ——– d—–w- c:\program files\Enigma Software Group
    2012-10-04 14:31:36 ——– d—–w- c:\windows\ADAFC0B4FC1545D9BAB3BC7A8829D0C4.TMP
    2012-10-04 14:31:35 ——– d—–w- c:\program files\common files\Wise Installation Wizard
    2012-10-04 09:16:35 ——– d—–w- c:\users\boudewijn\appdata\local\{AF82FDB3-CF68-45E6-B1A9-5EEAC629FC33}
    2012-10-03 10:27:41 245760 —-a-w- c:\windows\system32\OxpsConverter.exe
    2012-10-03 10:19:48 ——– d—–w- c:\users\boudewijn\appdata\local\{C417E9C7-EDE8-409F-8583-F55677BF5C69}
    2012-10-03 09:09:46 ——– d—–w- c:\users\boudewijn\appdata\roaming\Malwarebytes
    2012-10-03 09:09:07 ——– d—–w- c:\programdata\Malwarebytes
    2012-10-03 09:09:06 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2012-10-03 08:17:16 ——– d—–w- c:\users\boudewijn\appdata\local\{43F1FDF3-8BEE-4B92-AD9B-C06B2DEA8795}
    2012-10-02 08:21:43 ——– d—–w- c:\users\boudewijn\appdata\local\{F656761B-3638-45D4-A6BD-CC8F3C7AFB00}
    2012-10-01 06:52:24 ——– d—–w- c:\users\boudewijn\appdata\local\{639C6314-0231-405E-A10D-1022403795D7}
    2012-09-30 09:53:47 ——– d—–w- c:\users\boudewijn\appdata\local\{829A365A-788D-419F-9CE8-2A709E2BCED2}
    2012-09-29 08:04:25 ——– d—–w- c:\users\boudewijn\appdata\local\{1230524C-1557-4CB5-B19E-8141C8DF61BD}
    2012-09-28 07:55:30 ——– d—–w- c:\users\boudewijn\appdata\local\{04BCF117-5DF6-416D-9E1E-2C4D4EFC8901}
    2012-09-27 07:55:52 ——– d—–w- c:\users\boudewijn\appdata\local\{F043416B-D73E-4A36-A034-50088F503370}
    2012-09-26 18:14:47 ——– d—–w- c:\users\boudewijn\appdata\local\{47D0A7FC-56F4-472C-9765-202CE6CE0E99}
    2012-09-26 11:40:32 ——– d—–w- c:\users\boudewijn\appdata\local\{60A00B70-42E4-4EAE-8648-46AA52384C60}
    2012-09-25 11:19:24 ——– d—–w- c:\users\boudewijn\appdata\local\{DCAD03A4-8602-4B1D-91A2-9CC6EEFD84F6}
    2012-09-24 19:26:10 ——– d—–w- c:\users\boudewijn\appdata\local\{7B6CD00F-451E-4EAE-A8FA-41C4265EBC90}
    2012-09-24 07:25:30 ——– d—–w- c:\users\boudewijn\appdata\local\{17340331-40C1-4A30-84D4-3C2A86ED3CDD}
    2012-09-23 08:42:30 ——– d—–w- c:\users\boudewijn\appdata\local\{26CB1B12-C053-4F06-8983-9FE2F8FAFB6C}
    2012-09-22 09:28:03 2382848 —-a-w- c:\windows\system32\mshtml.tlb
    2012-09-22 09:28:03 140936 —-a-w- c:\program files\internet explorer\sqmapi.dll
    2012-09-22 09:28:02 420864 —-a-w- c:\windows\system32\vbscript.dll
    2012-09-22 09:28:02 194048 —-a-w- c:\program files\internet explorer\IEShims.dll
    2012-09-22 09:28:01 142848 —-a-w- c:\windows\system32\ieUnatt.exe
    2012-09-22 09:28:00 194560 —-a-w- c:\program files\internet explorer\ieproxy.dll
    2012-09-22 09:28:00 1129472 —-a-w- c:\windows\system32\wininet.dll
    2012-09-22 09:27:59 748680 —-a-w- c:\program files\internet explorer\iexplore.exe
    2012-09-22 09:27:59 1800704 —-a-w- c:\windows\system32\jscript9.dll
    2012-09-22 09:27:58 678912 —-a-w- c:\program files\internet explorer\iedvtool.dll
    2012-09-22 09:27:58 387584 —-a-w- c:\program files\internet explorer\jsdbgui.dll
    2012-09-22 09:27:57 1427968 —-a-w- c:\windows\system32\inetcpl.cpl
    2012-09-22 09:05:21 ——– d—–w- c:\users\boudewijn\appdata\local\{80AE856B-21F7-44A0-BB36-3B30BC346FB3}
    2012-09-21 07:52:43 ——– d—–w- c:\users\boudewijn\appdata\local\{8964A724-75A8-4220-8EB6-437076946016}
    2012-09-20 08:22:53 ——– d—–w- c:\users\boudewijn\appdata\local\{9E67F89D-01FC-44A8-8D73-3894D4D6E4E6}
    2012-09-19 09:57:40 ——– d—–w- c:\users\boudewijn\appdata\local\{320FC38A-0A34-4C77-9C13-15BD6C28B6BD}
    2012-09-18 09:13:26 ——– d—–w- c:\users\boudewijn\appdata\local\{88204BC5-12A5-4F86-B5EA-4CC6F009DE8A}
    2012-09-17 08:18:56 ——– d—–w- c:\users\boudewijn\appdata\local\{EF6FBC17-7AE2-47B4-BF29-F3A32DC25C84}
    2012-09-16 08:39:27 ——– d—–w- c:\users\boudewijn\appdata\local\{F510A86D-7421-4FA8-80B3-7C853FD69722}
    2012-09-15 09:35:39 ——– d—–w- c:\users\boudewijn\appdata\local\{63ABDCEE-D8B1-4BB1-8AD1-EB4A0A61F2D0}
    2012-09-14 07:38:31 ——– d—–w- c:\users\boudewijn\appdata\local\{139CAE2C-4445-475F-9427-6B23112472CA}
    2012-09-13 09:08:31 ——– d—–w- c:\users\boudewijn\appdata\local\{48E5FE15-EE75-4515-A0EF-5C66973D5918}
    2012-09-12 14:04:40 712048 —-a-w- c:\windows\system32\drivers
    dis.sys
    2012-09-12 14:04:40 33280 —-a-w- c:\windows\system32\drivers\RNDISMP.sys
    2012-09-12 14:04:39 240496 —-a-w- c:\windows\system32\drivers
    etio.sys
    2012-09-12 14:04:39 187760 —-a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
    2012-09-12 14:04:39 1292144 —-a-w- c:\windows\system32\drivers\tcpip.sys
    2012-09-12 14:04:38 490496 —-a-w- c:\windows\system32\d3d10level9.dll
    .
    ==================== Find3M ====================
    .
    2012-10-09 17:15:20 73656 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-10-09 17:15:20 696760 —-a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-09-14 18:28:53 2048 —-a-w- c:\windows\system32\tzres.dll
    2012-09-03 08:27:00 93672 —-a-w- c:\windows\system32\WindowsAccessBridge.dll
    2012-09-03 08:26:58 821736 —-a-w- c:\windows\system32
    pdeployJava1.dll
    2012-09-03 08:26:58 746984 —-a-w- c:\windows\system32\deployJava1.dll
    2012-08-31 17:18:09 1211760 —-a-w- c:\windows\system32\drivers
    tfs.sys
    2012-08-30 20:03:50 99272 —-a-w- c:\windows\system32\drivers\NisDrvWFP.sys
    2012-08-30 20:03:50 193552 —-a-w- c:\windows\system32\drivers\MpFilter.sys
    2012-08-30 17:12:02 3968880 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2012-08-30 17:12:02 3914096 —-a-w- c:\windows\system32
    toskrnl.exe
    2012-08-24 16:57:48 172544 —-a-w- c:\windows\system32\wintrust.dll
    2012-08-20 17:40:31 169984 —-a-w- c:\windows\system32\winsrv.dll
    2012-08-20 17:40:01 293376 —-a-w- c:\windows\system32\KernelBase.dll
    2012-08-20 17:37:58 271360 —-a-w- c:\windows\system32\conhost.exe
    2012-08-20 15:33:28 6144 —ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2012-08-20 15:33:28 4608 —ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2012-08-20 15:33:28 3584 —ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2012-08-20 15:33:28 3072 —ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2012-08-10 23:56:14 542208 —-a-w- c:\windows\system32\kerberos.dll
    2012-07-18 17:47:53 2345984 —-a-w- c:\windows\system32\win32k.sys
    .
    ============= FINISH: 14:20:50,09 ===============
























  • We gaan naar de volgende stap:

    [b:452949fb6a]Welk programma[/b:452949fb6a]:
  • Geachte Abraham54,

    Hierbij de log ComboFix.

    ComboFix 12-10-12.01 - Boudewijn 12-10-2012 15:51:47.1.2 - x86
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.3326.2281 [GMT 2:00]
    Gestart vanuit: c:\users\Boudewijn\Desktop\ComboFix.exe
    AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
    SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Nieuw herstelpunt werd aangemaakt
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files\proscan
    c:\program files\TelevisionFanaticEI
    c:\program files\TelevisionFanaticEI\Installr\1.bin\64EIPlug.dll
    c:\program files\TelevisionFanaticEI\Installr\1.bin\64EZSETP.dll
    c:\program files\TelevisionFanaticEI\Installr\1.bin\NP64EISb.dll
    D:\setup.exe
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-09-12 to 2012-10-12 ))))))))))))))))))))))))))))))
    .
    .
    2012-10-12 12:24 . 2012-08-30 08:17 6980552 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4556F536-B8E8-4156-A13F-6CC535A83D19}\mpengine.dll
    2012-10-10 09:52 . 2012-08-30 08:17 6980552 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2012-10-08 12:21 . 2012-10-08 12:48 ——– d—–w- c:\windows\1C7CC8E2CFCF41E6A8637C7A45CE8A78.TMP
    2012-10-08 11:38 . 2012-10-08 12:48 ——– d—–w- C:\sh4ldr
    2012-10-03 10:27 . 2012-08-21 20:12 245760 —-a-w- c:\windows\system32\OxpsConverter.exe
    2012-10-03 09:09 . 2012-10-03 09:09 ——– d—–w- c:\users\Boudewijn\AppData\Roaming\Malwarebytes
    2012-10-03 09:09 . 2012-10-03 09:09 ——– d—–w- c:\programdata\Malwarebytes
    2012-10-03 09:09 . 2012-10-06 07:45 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2012-09-22 09:28 . 2012-08-24 07:34 140936 —-a-w- c:\program files\Internet Explorer\sqmapi.dll
    2012-09-22 09:28 . 2012-08-24 06:43 2382848 —-a-w- c:\windows\system32\mshtml.tlb
    2012-09-22 09:28 . 2012-08-24 06:48 194048 —-a-w- c:\program files\Internet Explorer\IEShims.dll
    2012-09-22 09:28 . 2012-08-24 06:47 420864 —-a-w- c:\windows\system32\vbscript.dll
    2012-09-22 09:28 . 2012-08-24 06:47 142848 —-a-w- c:\windows\system32\ieUnatt.exe
    2012-09-22 09:28 . 2012-08-24 06:51 1129472 —-a-w- c:\windows\system32\wininet.dll
    2012-09-22 09:28 . 2012-08-24 06:49 194560 —-a-w- c:\program files\Internet Explorer\ieproxy.dll
    2012-09-22 09:27 . 2012-08-24 07:34 748680 —-a-w- c:\program files\Internet Explorer\iexplore.exe
    2012-09-22 09:27 . 2012-08-24 06:59 1800704 —-a-w- c:\windows\system32\jscript9.dll
    2012-09-22 09:27 . 2012-08-24 06:53 678912 —-a-w- c:\program files\Internet Explorer\iedvtool.dll
    2012-09-22 09:27 . 2012-08-24 06:52 387584 —-a-w- c:\program files\Internet Explorer\jsdbgui.dll
    2012-09-22 09:27 . 2012-08-24 06:51 1427968 —-a-w- c:\windows\system32\inetcpl.cpl
    2012-09-12 14:04 . 2012-08-22 17:16 712048 —-a-w- c:\windows\system32\drivers
    dis.sys
    2012-09-12 14:04 . 2012-07-04 19:45 33280 —-a-w- c:\windows\system32\drivers\RNDISMP.sys
    2012-09-12 14:04 . 2012-08-22 17:16 1292144 —-a-w- c:\windows\system32\drivers\tcpip.sys
    2012-09-12 14:04 . 2012-08-22 17:16 240496 —-a-w- c:\windows\system32\drivers
    etio.sys
    2012-09-12 14:04 . 2012-08-22 17:16 187760 —-a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
    2012-09-12 14:04 . 2012-08-02 16:57 490496 —-a-w- c:\windows\system32\d3d10level9.dll
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-10-09 17:15 . 2012-03-29 09:12 696760 —-a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-10-09 17:15 . 2011-05-20 10:29 73656 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-09-03 08:27 . 2012-09-03 08:27 93672 —-a-w- c:\windows\system32\WindowsAccessBridge.dll
    2012-09-03 08:26 . 2012-06-18 13:22 821736 —-a-w- c:\windows\system32
    pdeployJava1.dll
    2012-09-03 08:26 . 2011-04-03 17:37 746984 —-a-w- c:\windows\system32\deployJava1.dll
    2012-08-30 20:03 . 2012-08-30 20:03 193552 —-a-w- c:\windows\system32\drivers\MpFilter.sys
    2012-08-30 20:03 . 2010-10-24 19:25 99272 —-a-w- c:\windows\system32\drivers\NisDrvWFP.sys
    2012-07-18 17:47 . 2012-08-16 07:56 2345984 —-a-w- c:\windows\system32\win32k.sys
    2011-09-09 19:21 . 2011-08-20 19:02 134104 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{d28c7e56-2cc6-415c-8727-d71334085926}"= "mscoree.dll" [2010-11-05 297808]
    .
    [HKEY_CLASSES_ROOT\clsid\{d28c7e56-2cc6-415c-8727-d71334085926}]
    [HKEY_CLASSES_ROOT\IEToolbar.Toolbar]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
    "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2565520]
    "Hiyo"="c:\program files\HiYo\bin\HiYo.exe" [2011-04-02 238960]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 0 (0x0)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux1"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "IncrediMail"=c:\program files\IncrediMail\bin\IncMail.exe /c
    "DriverScanner"="c:\progra~1\Uniblue\DRIVER~1\launcher.exe" delay 20000
    "Xvid"=c:\program files\Xvid\CheckUpdate.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    "Acronis Scheduler2Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe"
    "CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
    "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
    "RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe"
    "USBToolTip"=c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
    "SAOB Monitor"=c:\program files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
    "TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe"
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    "BDRegion"=c:\program files\Cyberlink\Shared files\brs.exe
    "Windows Mobile Device Center"=%windir%\WindowsMobile\wmdc.exe
    "NBAgent"="c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
    "CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" /s
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
    "CanonSolutionMenuEx"=c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    .
    R2 DiscountfinderService;DiscountfinderService;c:\programdata\MoneyMiljonair+\DFService.exe [x]
    R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
    R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
    R3 ALSysIO;ALSysIO;c:\users\BOUDEW~1\AppData\Local\Temp\ALSysIO.sys [x]
    R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
    R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
    R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [x]
    R3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\NPF.sys [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
    R3 uxddrv;Dynamically loaded UxdDrv;D:\uxddrv86.sys [x]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x]
    S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x]
    S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/04/03 12:03];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [x]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
    S2 afcdpsrv;Acronis Nonstop Backup-service ;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [x]
    S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
    S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
    S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [x]
    S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [x]
    S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]
    S3 netr28u;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS
    etr28u.sys [x]
    S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [x]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2009-06-17 10:11 451872 —-a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-10-12 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 17:15]
    .
    2011-12-09 c:\windows\Tasks\DriverScanner.job
    - c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2011-12-08 13:43]
    .
    2012-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2011-04-01 15:53]
    .
    2012-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2011-04-01 15:53]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.com/ig
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.2.1
    DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://217.123.26.196/activex/AMC.cab
    FF - ProfilePath - c:\users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    URLSearchHooks-{0734d757-fea6-4637-a7e4-2bd40a7fd8da} - (no file)
    URLSearchHooks-{37e17185-b07a-47b3-bd86-c675e4e4b89a} - (no file)
    WebBrowser-{0734D757-FEA6-4637-A7E4-2BD40A7FD8DA} - (no file)
    WebBrowser-{37E17185-B07A-47B3-BD86-C675E4E4B89A} - (no file)
    ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
    "ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_USERS\S-1-5-21-2409496061-4137906875-955605994-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2012-10-12 16:06:00
    ComboFix-quarantined-files.txt 2012-10-12 14:05
    .
    Pre-Run: 816.113.950.720 bytes beschikbaar
    Post-Run: 827.918.303.232 bytes beschikbaar
    .
    - - End Of File - - BDFE9A89E154FF8771FBF894BF9E92FB



  • Geachte Abraham54,

    Ik heb geen popups meer, De computer draait super.

    Ik wil u heel hartelijk danken voor uw hulp om dit probleem op te lossen

    SUPER bedankt.

    Boudewijn
  • Hallo Boudewijn, klaar zijn we nog niet, want er zit een nog erg vieze toolbar in IE en verder zit er ook nog een virusbestand in Windows.

    Daarom nu het volgende:

    [b:545555c43f]Welk programma[/b:545555c43f]:
  • Goedenmorgen Abraham54,

    Fijn dat u mij wil helpen om ook het restant op te ruimen.

    OTL logfile created on: 13-10-2012 11:56:05 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Boudewijn\Desktop
    Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    3,25 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 72,16% Memory free
    6,49 Gb Paging File | 5,57 Gb Available in Paging File | 85,81% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 911,51 Gb Total Space | 770,64 Gb Free Space | 84,55% Space Free | Partition Type: NTFS
    Drive D: | 931,51 Gb Total Space | 318,71 Gb Free Space | 34,21% Space Free | Partition Type: NTFS
    Drive E: | 20,00 Gb Total Space | 19,51 Gb Free Space | 97,52% Space Free | Partition Type: NTFS

    Computer Name: BOUDEWIJN-PC | User Name: Boudewijn | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

  • Hierbij het Extras.txt

    OTL Extras logfile created on: 13-10-2012 11:56:05 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Boudewijn\Desktop
    Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    3,25 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 72,16% Memory free
    6,49 Gb Paging File | 5,57 Gb Available in Paging File | 85,81% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 911,51 Gb Total Space | 770,64 Gb Free Space | 84,55% Space Free | Partition Type: NTFS
    Drive D: | 931,51 Gb Total Space | 318,71 Gb Free Space | 34,21% Space Free | Partition Type: NTFS
    Drive E: | 20,00 Gb Total Space | 19,51 Gb Free Space | 97,52% Space Free | Partition Type: NTFS

    Computer Name: BOUDEWIJN-PC | User Name: Boudewijn | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

  • [b:59a965831e]Sluit voordat
  • Geachte Abraham54,

    Hierbij de OTO-scanlog

    All processes killed
    ========== OTL ==========
    Registry key HKEY_USERS\S-1-5-21-2409496061-4137906875-955605994-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AC20671B-8013-45A8-8B9F-B3212A5DECD2}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC20671B-8013-45A8-8B9F-B3212A5DECD2}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ei.TelevisionFanatic.com/Plugin\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@MoneyMillionaire/npdf\ deleted successfully.
    C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552\plugins
    pdf.dll moved successfully.
    Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\discountfinder@moneymillionaire.com deleted successfully.
    C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552\skin folder moved successfully.
    C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552\plugins folder moved successfully.
    C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552\defaults folder moved successfully.
    C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552\components folder moved successfully.
    C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552\chrome\content folder moved successfully.
    C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552\chrome folder moved successfully.
    C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552 folder moved successfully.
    Registry value HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components deleted successfully.
    C:\Program Files\Mozilla Firefox\components folder moved successfully.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========

  • Is jouw PC inderdaad opnieuw opgestart en hoe gaat het nu?
  • Geachte Abraham54,

    Ik krijg een bericht dat Windows niet als legitiem kan worden gevalideerd,
    Dit is een bericht van Microsoft Security Essentials.
    Als u Security Essentials wilt blijven gebruiken, klikt u op Het probleem online oplossen en maakt u Windows legitiem.
    Ik heb een Windows versie van een ROC.
  • Een Windows van het ROC????

    Sinds wanneer kan je via het ROC dan Windows kopen of gaat dat dan via een MSDN site?
  • Geachte Abraham54,

    De zoon van een vriend heeft de oem versie van de ROC aan mij gegeven al een 2 jaar terug en die werkte perfect tot nu toe.

    Groet Boudewijn
  • En heb je daar ook de bijbehorende licentie bij gekregen?
  • Helaas is de code zoekgeraakt, is het een oplossing om de backup van afgelopen zondag terug te zetten?

    Sorry voor de problemen, het ging zo super.

    Groet Boudewijn
  • Weet u of het mogelijk is om op de dvd in een map of iets dergelijks de code te achterhalen is

    Groet Boudewijn
  • Kijk hier maar: http://www.magicaljellybean.com/keyfinder/

    Gewoon de gratis versie nemen!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.