Vraag & Antwoord
HyperText Transfer Protocol
21 antwoorden
- Hallo,
Wie kan mij helpen om zeer vervelende popups tijdens het surfen te verwijderen.
content.yieldmanager.edgesuite.net/atoms
ellebo868 - We gaan eens kijken:
- Geachte Abraham54,
Hierbij de logfile, ik hoop dat ik het goed gedaan heb ben niet zo handig op de computer.
# AdwCleaner v2.004 - Verslag gemaakt op 12/10/2012 om 13:50:39
# Geactualiseerd op 06/10/2012 door Xplode
# Besturingssysteem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Gebruiker : Boudewijn - BOUDEWIJN-PC
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Boudewijn\Desktop\adwcleaner.exe
# Optie [Verwijderen]
***** [Diensten] *****
***** [Files / Mappen] *****
File Verwijdert : C:\Users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\searchplugins\Conduit.xml
Map Verwijdert : C:\Program Files\Bandoo
Map Verwijdert : C:\Program Files\Conduit
Map Verwijdert : C:\Program Files\Ilivid
Map Verwijdert : C:\ProgramData\Babylon
Map Verwijdert : C:\Users\BOUDEW~1\AppData\Local\Temp\CT2481029
Map Verwijdert : C:\Users\Boudewijn\AppData\Local\Babylon
Map Verwijdert : C:\Users\Boudewijn\AppData\Local\Conduit
Map Verwijdert : C:\Users\Boudewijn\AppData\Local\Ilivid Player
Map Verwijdert : C:\Users\Boudewijn\AppData\LocalLow\Bandoo
Map Verwijdert : C:\Users\Boudewijn\AppData\LocalLow\Conduit
Map Verwijdert : C:\Users\Boudewijn\AppData\Roaming\Babylon
Map Verwijdert : C:\Users\Boudewijn\AppData\Roaming\Bandoo
Map Verwijdert : C:\Users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\ConduitCommon
Map Verwijdert : C:\Users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\CT2481029
Map Verwijdert : C:\Users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\extensions\{0734d757-fea6-4637-a7e4-2bd40a7fd8da}
Map Verwijdert : C:\Users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\extensions\ffxtlbr@babylon.com
***** [Register] *****
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar
Sleutel Verwijdert : HKCU\Software\ilivid
Sleutel Verwijdert : HKCU\Software\IM
Sleutel Verwijdert : HKCU\Software\ImInstaller
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Sleutel Verwijdert : HKCU\Software\Softonic
Sleutel Verwijdert : HKLM\Software\Babylon
Sleutel Verwijdert : HKLM\Software\Bandoo
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2481029
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT3242338
Sleutel Verwijdert : HKLM\Software\Conduit
Sleutel Verwijdert : HKLM\Software\Freeze.com
Sleutel Verwijdert : HKLM\Software\ImInstaller
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
***** [Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Het register bevat geen enkele ongeoorloofde invoer.
-\\ Mozilla Firefox v6.0.2 (nl)
Profielnaam : default
File : C:\Users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\prefs.js
C:\Users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\user.js … Verwijdert !
Verwijdert : user_pref("CT2481029..clientLogIsEnabled", false);
Verwijdert : user_pref("CT2481029..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[…]
Verwijdert : user_pref("CT2481029..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[…]
Verwijdert : user_pref("CT2481029.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Verwijdert : user_pref("CT2481029.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"
;
Verwijdert : user_pref("CT2481029.BrowserCompStateIsOpen_129469764804250079", true);
Verwijdert : user_pref("CT2481029.BrowserCompStateIsOpen_129781026659396735", true);
Verwijdert : user_pref("CT2481029.CTID", "CT2481029";
Verwijdert : user_pref("CT2481029.CurrentServerDate", "21-4-2012";
Verwijdert : user_pref("CT2481029.DSInstall", true);
Verwijdert : user_pref("CT2481029.DialogsAlignMode", "LTR";
Verwijdert : user_pref("CT2481029.DialogsGetterLastCheckTime", "Sat Apr 21 2012 14:24:03 GMT+0200";
Verwijdert : user_pref("CT2481029.DownloadReferralCookieData", "";
Verwijdert : user_pref("CT2481029.FirstServerDate", "21-4-2012";
Verwijdert : user_pref("CT2481029.FirstTime", true);
Verwijdert : user_pref("CT2481029.FirstTimeFF3", true);
Verwijdert : user_pref("CT2481029.FixPageNotFoundErrors", true);
Verwijdert : user_pref("CT2481029.GroupingServerCheckInterval", 1440);
Verwijdert : user_pref("CT2481029.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/";
Verwijdert : user_pref("CT2481029.HPInstall", true);
Verwijdert : user_pref("CT2481029.HasUserGlobalKeys", true);
Verwijdert : user_pref("CT2481029.HomePageProtectorEnabled", true);
Verwijdert : user_pref("CT2481029.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2481029&SearchSource=[…]
Verwijdert : user_pref("CT2481029.Initialize", true);
Verwijdert : user_pref("CT2481029.InitializeCommonPrefs", true);
Verwijdert : user_pref("CT2481029.InstallationAndCookieDataSentCount", 1);
Verwijdert : user_pref("CT2481029.InstallationId", "ConduitNSISIntegration";
Verwijdert : user_pref("CT2481029.InstallationType", "ConduitXPEIntegration";
Verwijdert : user_pref("CT2481029.InstalledDate", "Sat Apr 21 2012 14:24:04 GMT+0200";
Verwijdert : user_pref("CT2481029.InvalidateCache", false);
Verwijdert : user_pref("CT2481029.IsGrouping", false);
Verwijdert : user_pref("CT2481029.IsInitSetupIni", true);
Verwijdert : user_pref("CT2481029.IsMulticommunity", false);
Verwijdert : user_pref("CT2481029.IsOpenThankYouPage", false);
Verwijdert : user_pref("CT2481029.IsOpenUninstallPage", false);
Verwijdert : user_pref("CT2481029.IsProtectorsInit", true);
Verwijdert : user_pref("CT2481029.LanguagePackLastCheckTime", "Sat Apr 21 2012 14:24:07 GMT+0200";
Verwijdert : user_pref("CT2481029.LanguagePackReloadIntervalMM", 1440);
Verwijdert : user_pref("CT2481029.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[…]
Verwijdert : user_pref("CT2481029.LastLogin_3.10.0.1", "Sat Apr 21 2012 14:24:07 GMT+0200";
Verwijdert : user_pref("CT2481029.LatestVersion", "3.12.0.7";
Verwijdert : user_pref("CT2481029.Locale", "nl";
Verwijdert : user_pref("CT2481029.MCDetectTooltipHeight", "83";
Verwijdert : user_pref("CT2481029.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1";
Verwijdert : user_pref("CT2481029.MCDetectTooltipWidth", "295";
Verwijdert : user_pref("CT2481029.MyStuffEnabledAtInstallation", true);
Verwijdert : user_pref("CT2481029.OriginalFirstVersion", "3.10.0.1";
Verwijdert : user_pref("CT2481029.RadioIsPodcast", false);
Verwijdert : user_pref("CT2481029.RadioLastCheckTime", "Sat Apr 21 2012 14:24:07 GMT+0200";
Verwijdert : user_pref("CT2481029.RadioLastUpdateIPServer", "3";
Verwijdert : user_pref("CT2481029.RadioLastUpdateServer", "3";
Verwijdert : user_pref("CT2481029.RadioMediaID", "9962";
Verwijdert : user_pref("CT2481029.RadioMediaType", "Media Player";
Verwijdert : user_pref("CT2481029.RadioMenuSelectedID", "EBRadioMenu_CT24810299962";
Verwijdert : user_pref("CT2481029.RadioShrinkedFromSetup", false);
Verwijdert : user_pref("CT2481029.RadioStationName", "California%20Rock";
Verwijdert : user_pref("CT2481029.RadioStationURL", "hxxp://feedlive.net/california.asx";
Verwijdert : user_pref("CT2481029.SavedHomepage", "hxxp://www.google.nl/ig?rls=ig&hl=nl&source=iglk|hxxp://www.go[…]
Verwijdert : user_pref("CT2481029.SearchCaption", "Ashampoo NL Customized Web Search";
Verwijdert : user_pref("CT2481029.SearchEngineBeforeUnload", "Ashampoo NL Customized Web Search";
Verwijdert : user_pref("CT2481029.SearchFromAddressBarIsInit", true);
Verwijdert : user_pref("CT2481029.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[…]
Verwijdert : user_pref("CT2481029.SearchInNewTabEnabled", true);
Verwijdert : user_pref("CT2481029.SearchInNewTabIntervalMM", 1440);
Verwijdert : user_pref("CT2481029.SearchInNewTabLastCheckTime", "Sat Apr 21 2012 14:24:07 GMT+0200";
Verwijdert : user_pref("CT2481029.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[…]
Verwijdert : user_pref("CT2481029.SearchProtectorEnabled", true);
Verwijdert : user_pref("CT2481029.SearchProtectorToolbarDisabled", false);
Verwijdert : user_pref("CT2481029.SendProtectorDataViaLogin", true);
Verwijdert : user_pref("CT2481029.ServiceMapLastCheckTime", "Sat Apr 21 2012 14:24:02 GMT+0200";
Verwijdert : user_pref("CT2481029.SettingsLastCheckTime", "Sat Apr 21 2012 14:24:02 GMT+0200";
Verwijdert : user_pref("CT2481029.SettingsLastUpdate", "1334747269";
Verwijdert : user_pref("CT2481029.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2481029&SearchSource=13";
Verwijdert : user_pref("CT2481029.ThirdPartyComponentsInterval", 504);
Verwijdert : user_pref("CT2481029.ThirdPartyComponentsLastCheck", "Sat Apr 21 2012 14:24:02 GMT+0200";
Verwijdert : user_pref("CT2481029.ThirdPartyComponentsLastUpdate", "1256026239";
Verwijdert : user_pref("CT2481029.ToolbarShrinkedFromSetup", false);
Verwijdert : user_pref("CT2481029.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2481029";
Verwijdert : user_pref("CT2481029.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[…]
Verwijdert : user_pref("CT2481029.UserID", "UN46285832918607843";
Verwijdert : user_pref("CT2481029.alertChannelId", "874435";
Verwijdert : user_pref("CT2481029.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747374747071747C7A7B242F4B4947[…]
Verwijdert : user_pref("CT2481029.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[…]
Verwijdert : user_pref("CT2481029.backendstorage./9b-0?3g>d", "6B6D71416A3E43747A74734975204C754E7D25232350222A28[…]
Verwijdert : user_pref("CT2481029.backendstorage./9b-0?3g@6:5;", "";
Verwijdert : user_pref("CT2481029.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E424[…]
Verwijdert : user_pref("CT2481029.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576";
Verwijdert : user_pref("CT2481029.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484779213F3E484F4E4D464[…]
Verwijdert : user_pref("CT2481029.backendstorage./9b5ba==9cjag", "6D686C693F3F6E447A707048737C7D774E79502151";
Verwijdert : user_pref("CT2481029.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6E6D73737476727670717B";
Verwijdert : user_pref("CT2481029.backendstorage./9b90e@8ff=eg", "393F352F3E";
Verwijdert : user_pref("CT2481029.backendstorage./9b9643g3/9e", "6A";
Verwijdert : user_pref("CT2481029.backendstorage./9b<:222h64<", "393F352F3E";
Verwijdert : user_pref("CT2481029.backendstorage./9b=+03eh8h8j?:", "4443";
Verwijdert : user_pref("CT2481029.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[…]
Verwijdert : user_pref("CT2481029.backendstorage./9b?b0d:8aj62<h", "6D";
Verwijdert : user_pref("CT2481029.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B";
Verwijdert : user_pref("CT2481029.backendstorage.shoppingapp.gk.exipres", "5468752041707220323620323031322031343A[…]
Verwijdert : user_pref("CT2481029.backendstorage.shoppingapp.gk.geolocation", "6E65746865726C616E6473";
Verwijdert : user_pref("CT2481029.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[…]
Verwijdert : user_pref("CT2481029.globalFirstTimeInfoLastCheckTime", "Sat Apr 21 2012 14:24:03 GMT+0200";
Verwijdert : user_pref("CT2481029.homepageProtectorEnableByLogin", true);
Verwijdert : user_pref("CT2481029.initDone", true);
Verwijdert : user_pref("CT2481029.isAppTrackingManagerOn", true);
Verwijdert : user_pref("CT2481029.isFirstRadioInstallation", false);
Verwijdert : user_pref("CT2481029.myStuffEnabled", true);
Verwijdert : user_pref("CT2481029.myStuffPublihserMinWidth", 400);
Verwijdert : user_pref("CT2481029.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[…]
Verwijdert : user_pref("CT2481029.myStuffServiceIntervalMM", 1440);
Verwijdert : user_pref("CT2481029.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[…]
Verwijdert : user_pref("CT2481029.navigateToUrlOnSearch", false);
Verwijdert : user_pref("CT2481029.revertSettingsEnabled", true);
Verwijdert : user_pref("CT2481029.searchProtectorDialogDelayInSec", 10);
Verwijdert : user_pref("CT2481029.searchProtectorEnableByLogin", true);
Verwijdert : user_pref("CT2481029.testingCtid", "";
Verwijdert : user_pref("CT2481029.toolbarAppMetaDataLastCheckTime", "Sat Apr 21 2012 14:24:03 GMT+0200";
Verwijdert : user_pref("CT2481029.toolbarContextMenuLastCheckTime", "Sat Apr 21 2012 14:24:07 GMT+0200";
Verwijdert : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481029&Search[…]
Verwijdert : user_pref("CommunityToolbar.ConduitSearchList", "Ashampoo NL Customized Web Search";
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2481029/CT2481029[…]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2481029", […]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[…]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[…]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[…]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[…]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[…]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[…]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2481029",[…]
Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=nl", "\"d8c[…]
Verwijdert : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Boudewijn\\AppData\\Roaming\\Mozill[…]
Verwijdert : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.10.0.1";
Verwijdert : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.babylon.com/?babsrc=adbart[…]
Verwijdert : user_pref("CommunityToolbar.ToolbarsList", "CT2481029";
Verwijdert : user_pref("CommunityToolbar.ToolbarsList2", "CT2481029";
Verwijdert : user_pref("CommunityToolbar.ToolbarsList4", "CT2481029";
Verwijdert : user_pref("CommunityToolbar.globalUserId", "6be9f1a4-43f5-4cac-8ad9-ed5416dd64fd";
Verwijdert : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Verwijdert : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Verwijdert : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2481029";
Verwijdert : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Apr 21 2012 14:24:0[…]
Verwijdert : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com";
Verwijdert : user_pref("CommunityToolbar.notifications.locale", "en";
Verwijdert : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Verwijdert : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Apr 21 2012 14:24:02 GMT+0200";
Verwijdert : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611";
Verwijdert : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Verwijdert : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com";
Verwijdert : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Verwijdert : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Verwijdert : user_pref("CommunityToolbar.notifications.userId", "13c86405-556c-41de-9440-511104296327";
Verwijdert : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.nl/ig?rls=ig&hl=nl&source=iglk|htt[…]
Verwijdert : user_pref("CommunityToolbar.originalSearchEngine", "Search the web (Babylon)";
Verwijdert : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com";
Verwijdert : user_pref("browser.search.defaultenginename", "Search the web (Babylon)";
Verwijdert : user_pref("browser.search.defaultthis.engineName", "Ashampoo NL Customized Web Search";
Verwijdert : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481029&Sea[…]
Verwijdert : user_pref("browser.search.order.1", "Search the web (Babylon)";
Verwijdert : user_pref("browser.search.selectedEngine", "Ashampoo NL Customized Web Search";
Verwijdert : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2481029&SearchSource=13";
Verwijdert : user_pref("extensions.BabylonToolbar.aflt", "orgnl";
Verwijdert : user_pref("extensions.BabylonToolbar.bbDpng", 21);
Verwijdert : user_pref("extensions.BabylonToolbar.dfltLng", "nl";
Verwijdert : user_pref("extensions.BabylonToolbar.lastDP", 21);
Verwijdert : user_pref("extensions.BabylonToolbar.lastVrsnTs", "";
Verwijdert : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "6.0";
Verwijdert : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb";
Verwijdert : user_pref("extensions.BabylonToolbar.propectorlck", 73571048);
Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 1);
Verwijdert : user_pref("extensions.BabylonToolbar.smplGrp", "free";
Verwijdert : user_pref("extensions.enabledAddons", "ffxtlbr@babylon.com:1.1.9,{0734d757-fea6-4637-a7e4-2bd40a7fd8[…]
Verwijdert : user_pref("keyword.URL", "hxxp://search.babylon.com/?babsrc=adbartrp&affID=19764&mntrId=e8bbb17c0000[…]
*************************
AdwCleaner[S1].txt - [21771 octets] - [12/10/2012 13:50:39] - Hallo Abraham54,
Hier het tweede log.
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
Run by Boudewijn at 14:19:44 on 2012-10-12
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.3326.2388 [GMT 2:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\HiYo\Bin\HiYo.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEToolbar.BHO: {1d970ed5-3eda-438d-bffd-715931e2775b} - mscoree.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: MoneyMillionaire Toolbar: {d28c7e56-2cc6-415c-8727-d71334085926} - mscoree.dll
TB: {0734D757-FEA6-4637-A7E4-2BD40A7FD8DA} - No File
TB: {37E17185-B07A-47B3-BD86-C675E4E4B89A} - No File
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [Hiyo] c:\program files\hiyo\bin\HiYo.exe /RunFromStartup
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab
DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} - hxxp://www.smartphoto.nl/ExtraFilmUploader6.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://217.123.26.196/activex/AMC.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{6DD001BA-A2A1-4F28-A144-A537AC82A278} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{6DD001BA-A2A1-4F28-A144-A537AC82A278}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{6DD001BA-A2A1-4F28-A144-A537AC82A278}\2656C6B696E6E233636683 : DhcpNameServer = 192.168.2.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SEH: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - SABShellExecuteHook Class
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
Hosts: 74.55.76.230 www.google-analytics.com.
Hosts: 74.55.76.230 ad-emea.doubleclick.net.
Hosts: 74.55.76.230 www.statcounter.com.
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\boudewijn\appdata\roaming\mozilla\firefox\profiles\mapr5jej.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~1\common~1\nero\browse~1\npBrowserPlugin.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\mycamera download plugin\NPCIG.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\televisionfanaticei\installr\1.bin\NP64EISb.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\moneymiljonair+\ffextension20120109162552\plugins\npdf.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_233.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]
R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [2011-11-7 56496]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [2011-11-7 12464]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\drivers\tdrpm273.sys [2011-4-2 752128]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/04/03 12:03:40];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-6-28 87536]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]
R2 afcdpsrv;Acronis Nonstop Backup-service ;c:\program files\common files\acronis\cdp\afcdpsrv.exe [2011-4-2 3246040]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-10-6 399432]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2011-9-23 641832]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-8-2 2214504]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2010-5-7 1051976]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [2011-4-2 167968]
R3 netr28u;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista;c:\windows\system32\drivers\netr28u.sys [2009-6-10 657408]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 DiscountfinderService;DiscountfinderService;"c:\programdata\moneymiljonair+\dfservice.exe" –> c:\programdata\moneymiljonair+\DFService.exe [?]
S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-4-1 136176]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-10-6 676936]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-29 250808]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-4-1 136176]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-10-6 22856]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 99272]
S3 NisSrv;Microsoft Netwerkinspectie;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-4-6 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-4-6 52224]
S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2011-4-2 1343400]
.
=============== Created Last 30 ================
.
2012-10-12 11:42:23 6980552 —-a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d50f3960-3670-4e0c-8bb2-eee8c7c97aae}\mpengine.dll
2012-10-12 08:44:20 ——– d—–w- c:\users\boudewijn\appdata\local\{3FC853AB-3F31-4093-901A-C3D2CEA7B04E}
2012-10-11 08:43:39 ——– d—–w- c:\users\boudewijn\appdata\local\{0B1D49E1-BAF7-4ABA-A452-C3A0B859E395}
2012-10-10 09:52:58 6980552 ——w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-10-10 09:41:32 ——– d—–w- c:\users\boudewijn\appdata\local\{009F50AE-C443-4CB1-8A77-BE31E5117A52}
2012-10-09 20:13:34 ——– d—–w- c:\users\boudewijn\appdata\local\{EDF85E04-1F41-45BD-9ACB-9C5091D83B95}
2012-10-09 08:12:54 ——– d—–w- c:\users\boudewijn\appdata\local\{89DED982-CAA0-4929-B621-4CF77C42D972}
2012-10-08 12:21:50 ——– d—–w- c:\windows\1C7CC8E2CFCF41E6A8637C7A45CE8A78.TMP
2012-10-08 11:38:07 ——– d—–w- C:\sh4ldr
2012-10-08 11:36:28 ——– d—–w- c:\windows\9E897D0FF80441A3966C7BB6EB5B6BE8.TMP
2012-10-08 09:37:52 2560 —-a-w- c:\windows\_MSRSTRT.EXE
2012-10-08 08:55:05 ——– d—–w- c:\users\boudewijn\appdata\local\{A6AC49AA-520F-47FD-81F0-0E460A1D7D8F}
2012-10-07 20:54:07 ——– d—–w- c:\users\boudewijn\appdata\local\{49EF52E3-3891-49FA-B4FD-B67B7546017E}
2012-10-07 08:53:27 ——– d—–w- c:\users\boudewijn\appdata\local\{0BAC3B99-AF0F-45D5-8160-91763162AE94}
2012-10-06 19:28:42 ——– d—–w- c:\users\boudewijn\appdata\local\{C9462574-E9C2-4F94-927C-8033C1F630B7}
2012-10-06 07:45:26 22856 —-a-w- c:\windows\system32\drivers\mbam.sys
2012-10-06 07:27:39 ——– d—–w- c:\users\boudewijn\appdata\local\{1C343966-CDFB-4DB0-AFCA-A10226634643}
2012-10-05 08:21:26 740784 ——w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9a48f5a1-5adb-4e1f-911b-a3c37625b00a}\gapaengine.dll
2012-10-05 08:10:33 ——– d—–w- c:\users\boudewijn\appdata\local\{F7AE42F0-B6CF-44B5-A586-66025F26E3AB}
2012-10-04 14:32:24 ——– d—–w- c:\program files\Enigma Software Group
2012-10-04 14:31:36 ——– d—–w- c:\windows\ADAFC0B4FC1545D9BAB3BC7A8829D0C4.TMP
2012-10-04 14:31:35 ——– d—–w- c:\program files\common files\Wise Installation Wizard
2012-10-04 09:16:35 ——– d—–w- c:\users\boudewijn\appdata\local\{AF82FDB3-CF68-45E6-B1A9-5EEAC629FC33}
2012-10-03 10:27:41 245760 —-a-w- c:\windows\system32\OxpsConverter.exe
2012-10-03 10:19:48 ——– d—–w- c:\users\boudewijn\appdata\local\{C417E9C7-EDE8-409F-8583-F55677BF5C69}
2012-10-03 09:09:46 ——– d—–w- c:\users\boudewijn\appdata\roaming\Malwarebytes
2012-10-03 09:09:07 ——– d—–w- c:\programdata\Malwarebytes
2012-10-03 09:09:06 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
2012-10-03 08:17:16 ——– d—–w- c:\users\boudewijn\appdata\local\{43F1FDF3-8BEE-4B92-AD9B-C06B2DEA8795}
2012-10-02 08:21:43 ——– d—–w- c:\users\boudewijn\appdata\local\{F656761B-3638-45D4-A6BD-CC8F3C7AFB00}
2012-10-01 06:52:24 ——– d—–w- c:\users\boudewijn\appdata\local\{639C6314-0231-405E-A10D-1022403795D7}
2012-09-30 09:53:47 ——– d—–w- c:\users\boudewijn\appdata\local\{829A365A-788D-419F-9CE8-2A709E2BCED2}
2012-09-29 08:04:25 ——– d—–w- c:\users\boudewijn\appdata\local\{1230524C-1557-4CB5-B19E-8141C8DF61BD}
2012-09-28 07:55:30 ——– d—–w- c:\users\boudewijn\appdata\local\{04BCF117-5DF6-416D-9E1E-2C4D4EFC8901}
2012-09-27 07:55:52 ——– d—–w- c:\users\boudewijn\appdata\local\{F043416B-D73E-4A36-A034-50088F503370}
2012-09-26 18:14:47 ——– d—–w- c:\users\boudewijn\appdata\local\{47D0A7FC-56F4-472C-9765-202CE6CE0E99}
2012-09-26 11:40:32 ——– d—–w- c:\users\boudewijn\appdata\local\{60A00B70-42E4-4EAE-8648-46AA52384C60}
2012-09-25 11:19:24 ——– d—–w- c:\users\boudewijn\appdata\local\{DCAD03A4-8602-4B1D-91A2-9CC6EEFD84F6}
2012-09-24 19:26:10 ——– d—–w- c:\users\boudewijn\appdata\local\{7B6CD00F-451E-4EAE-A8FA-41C4265EBC90}
2012-09-24 07:25:30 ——– d—–w- c:\users\boudewijn\appdata\local\{17340331-40C1-4A30-84D4-3C2A86ED3CDD}
2012-09-23 08:42:30 ——– d—–w- c:\users\boudewijn\appdata\local\{26CB1B12-C053-4F06-8983-9FE2F8FAFB6C}
2012-09-22 09:28:03 2382848 —-a-w- c:\windows\system32\mshtml.tlb
2012-09-22 09:28:03 140936 —-a-w- c:\program files\internet explorer\sqmapi.dll
2012-09-22 09:28:02 420864 —-a-w- c:\windows\system32\vbscript.dll
2012-09-22 09:28:02 194048 —-a-w- c:\program files\internet explorer\IEShims.dll
2012-09-22 09:28:01 142848 —-a-w- c:\windows\system32\ieUnatt.exe
2012-09-22 09:28:00 194560 —-a-w- c:\program files\internet explorer\ieproxy.dll
2012-09-22 09:28:00 1129472 —-a-w- c:\windows\system32\wininet.dll
2012-09-22 09:27:59 748680 —-a-w- c:\program files\internet explorer\iexplore.exe
2012-09-22 09:27:59 1800704 —-a-w- c:\windows\system32\jscript9.dll
2012-09-22 09:27:58 678912 —-a-w- c:\program files\internet explorer\iedvtool.dll
2012-09-22 09:27:58 387584 —-a-w- c:\program files\internet explorer\jsdbgui.dll
2012-09-22 09:27:57 1427968 —-a-w- c:\windows\system32\inetcpl.cpl
2012-09-22 09:05:21 ——– d—–w- c:\users\boudewijn\appdata\local\{80AE856B-21F7-44A0-BB36-3B30BC346FB3}
2012-09-21 07:52:43 ——– d—–w- c:\users\boudewijn\appdata\local\{8964A724-75A8-4220-8EB6-437076946016}
2012-09-20 08:22:53 ——– d—–w- c:\users\boudewijn\appdata\local\{9E67F89D-01FC-44A8-8D73-3894D4D6E4E6}
2012-09-19 09:57:40 ——– d—–w- c:\users\boudewijn\appdata\local\{320FC38A-0A34-4C77-9C13-15BD6C28B6BD}
2012-09-18 09:13:26 ——– d—–w- c:\users\boudewijn\appdata\local\{88204BC5-12A5-4F86-B5EA-4CC6F009DE8A}
2012-09-17 08:18:56 ——– d—–w- c:\users\boudewijn\appdata\local\{EF6FBC17-7AE2-47B4-BF29-F3A32DC25C84}
2012-09-16 08:39:27 ——– d—–w- c:\users\boudewijn\appdata\local\{F510A86D-7421-4FA8-80B3-7C853FD69722}
2012-09-15 09:35:39 ——– d—–w- c:\users\boudewijn\appdata\local\{63ABDCEE-D8B1-4BB1-8AD1-EB4A0A61F2D0}
2012-09-14 07:38:31 ——– d—–w- c:\users\boudewijn\appdata\local\{139CAE2C-4445-475F-9427-6B23112472CA}
2012-09-13 09:08:31 ——– d—–w- c:\users\boudewijn\appdata\local\{48E5FE15-EE75-4515-A0EF-5C66973D5918}
2012-09-12 14:04:40 712048 —-a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 14:04:40 33280 —-a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 14:04:39 240496 —-a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 14:04:39 187760 —-a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 14:04:39 1292144 —-a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 14:04:38 490496 —-a-w- c:\windows\system32\d3d10level9.dll
.
==================== Find3M ====================
.
2012-10-09 17:15:20 73656 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 17:15:20 696760 —-a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-14 18:28:53 2048 —-a-w- c:\windows\system32\tzres.dll
2012-09-03 08:27:00 93672 —-a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-03 08:26:58 821736 —-a-w- c:\windows\system32\npdeployJava1.dll
2012-09-03 08:26:58 746984 —-a-w- c:\windows\system32\deployJava1.dll
2012-08-31 17:18:09 1211760 —-a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 20:03:50 99272 —-a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-30 20:03:50 193552 —-a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 17:12:02 3968880 —-a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 —-a-w- c:\windows\system32\ntoskrnl.exe
2012-08-24 16:57:48 172544 —-a-w- c:\windows\system32\wintrust.dll
2012-08-20 17:40:31 169984 —-a-w- c:\windows\system32\winsrv.dll
2012-08-20 17:40:01 293376 —-a-w- c:\windows\system32\KernelBase.dll
2012-08-20 17:37:58 271360 —-a-w- c:\windows\system32\conhost.exe
2012-08-20 15:33:28 6144 —ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 —ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 —ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 —ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-10 23:56:14 542208 —-a-w- c:\windows\system32\kerberos.dll
2012-07-18 17:47:53 2345984 —-a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 14:20:50,09 =============== - We gaan naar de volgende stap:
[b:452949fb6a]Welk programma[/b:452949fb6a]: - Geachte Abraham54,
Hierbij de log ComboFix.
ComboFix 12-10-12.01 - Boudewijn 12-10-2012 15:51:47.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.3326.2281 [GMT 2:00]
Gestart vanuit: c:\users\Boudewijn\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\proscan
c:\program files\TelevisionFanaticEI
c:\program files\TelevisionFanaticEI\Installr\1.bin\64EIPlug.dll
c:\program files\TelevisionFanaticEI\Installr\1.bin\64EZSETP.dll
c:\program files\TelevisionFanaticEI\Installr\1.bin\NP64EISb.dll
D:\setup.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-09-12 to 2012-10-12 ))))))))))))))))))))))))))))))
.
.
2012-10-12 12:24 . 2012-08-30 08:17 6980552 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4556F536-B8E8-4156-A13F-6CC535A83D19}\mpengine.dll
2012-10-10 09:52 . 2012-08-30 08:17 6980552 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-08 12:21 . 2012-10-08 12:48 ——– d—–w- c:\windows\1C7CC8E2CFCF41E6A8637C7A45CE8A78.TMP
2012-10-08 11:38 . 2012-10-08 12:48 ——– d—–w- C:\sh4ldr
2012-10-03 10:27 . 2012-08-21 20:12 245760 —-a-w- c:\windows\system32\OxpsConverter.exe
2012-10-03 09:09 . 2012-10-03 09:09 ——– d—–w- c:\users\Boudewijn\AppData\Roaming\Malwarebytes
2012-10-03 09:09 . 2012-10-03 09:09 ——– d—–w- c:\programdata\Malwarebytes
2012-10-03 09:09 . 2012-10-06 07:45 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
2012-09-22 09:28 . 2012-08-24 07:34 140936 —-a-w- c:\program files\Internet Explorer\sqmapi.dll
2012-09-22 09:28 . 2012-08-24 06:43 2382848 —-a-w- c:\windows\system32\mshtml.tlb
2012-09-22 09:28 . 2012-08-24 06:48 194048 —-a-w- c:\program files\Internet Explorer\IEShims.dll
2012-09-22 09:28 . 2012-08-24 06:47 420864 —-a-w- c:\windows\system32\vbscript.dll
2012-09-22 09:28 . 2012-08-24 06:47 142848 —-a-w- c:\windows\system32\ieUnatt.exe
2012-09-22 09:28 . 2012-08-24 06:51 1129472 —-a-w- c:\windows\system32\wininet.dll
2012-09-22 09:28 . 2012-08-24 06:49 194560 —-a-w- c:\program files\Internet Explorer\ieproxy.dll
2012-09-22 09:27 . 2012-08-24 07:34 748680 —-a-w- c:\program files\Internet Explorer\iexplore.exe
2012-09-22 09:27 . 2012-08-24 06:59 1800704 —-a-w- c:\windows\system32\jscript9.dll
2012-09-22 09:27 . 2012-08-24 06:53 678912 —-a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-09-22 09:27 . 2012-08-24 06:52 387584 —-a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-09-22 09:27 . 2012-08-24 06:51 1427968 —-a-w- c:\windows\system32\inetcpl.cpl
2012-09-12 14:04 . 2012-08-22 17:16 712048 —-a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 14:04 . 2012-07-04 19:45 33280 —-a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 14:04 . 2012-08-22 17:16 1292144 —-a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 14:04 . 2012-08-22 17:16 240496 —-a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 14:04 . 2012-08-22 17:16 187760 —-a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 14:04 . 2012-08-02 16:57 490496 —-a-w- c:\windows\system32\d3d10level9.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 17:15 . 2012-03-29 09:12 696760 —-a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 17:15 . 2011-05-20 10:29 73656 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-03 08:27 . 2012-09-03 08:27 93672 —-a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-03 08:26 . 2012-06-18 13:22 821736 —-a-w- c:\windows\system32\npdeployJava1.dll
2012-09-03 08:26 . 2011-04-03 17:37 746984 —-a-w- c:\windows\system32\deployJava1.dll
2012-08-30 20:03 . 2012-08-30 20:03 193552 —-a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2010-10-24 19:25 99272 —-a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-07-18 17:47 . 2012-08-16 07:56 2345984 —-a-w- c:\windows\system32\win32k.sys
2011-09-09 19:21 . 2011-08-20 19:02 134104 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{d28c7e56-2cc6-415c-8727-d71334085926}"= "mscoree.dll" [2010-11-05 297808]
.
[HKEY_CLASSES_ROOT\clsid\{d28c7e56-2cc6-415c-8727-d71334085926}]
[HKEY_CLASSES_ROOT\IEToolbar.Toolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2565520]
"Hiyo"="c:\program files\HiYo\bin\HiYo.exe" [2011-04-02 238960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"IncrediMail"=c:\program files\IncrediMail\bin\IncMail.exe /c
"DriverScanner"="c:\progra~1\Uniblue\DRIVER~1\launcher.exe" delay 20000
"Xvid"=c:\program files\Xvid\CheckUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"Acronis Scheduler2Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe"
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
"RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe"
"USBToolTip"=c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
"SAOB Monitor"=c:\program files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"BDRegion"=c:\program files\Cyberlink\Shared files\brs.exe
"Windows Mobile Device Center"=%windir%\WindowsMobile\wmdc.exe
"NBAgent"="c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" /s
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"CanonSolutionMenuEx"=c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R2 DiscountfinderService;DiscountfinderService;c:\programdata\MoneyMiljonair+\DFService.exe [x]
R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 ALSysIO;ALSysIO;c:\users\BOUDEW~1\AppData\Local\Temp\ALSysIO.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\NPF.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 uxddrv;Dynamically loaded UxdDrv;D:\uxddrv86.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/04/03 12:03];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 afcdpsrv;Acronis Nonstop Backup-service ;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]
S3 netr28u;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr28u.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 —-a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2012-10-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 17:15]
.
2011-12-09 c:\windows\Tasks\DriverScanner.job
- c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2011-12-08 13:43]
.
2012-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-01 15:53]
.
2012-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-01 15:53]
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.google.com/ig
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://217.123.26.196/activex/AMC.cab
FF - ProfilePath - c:\users\Boudewijn\AppData\Roaming\Mozilla\Firefox\Profiles\mapr5jej.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS VERWIJDERD - - - -
.
URLSearchHooks-{0734d757-fea6-4637-a7e4-2bd40a7fd8da} - (no file)
URLSearchHooks-{37e17185-b07a-47b3-bd86-c675e4e4b89a} - (no file)
WebBrowser-{0734D757-FEA6-4637-A7E4-2BD40A7FD8DA} - (no file)
WebBrowser-{37E17185-B07A-47B3-BD86-C675E4E4B89A} - (no file)
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
[HKEY_USERS\S-1-5-21-2409496061-4137906875-955605994-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-10-12 16:06:00
ComboFix-quarantined-files.txt 2012-10-12 14:05
.
Pre-Run: 816.113.950.720 bytes beschikbaar
Post-Run: 827.918.303.232 bytes beschikbaar
.
- - End Of File - - BDFE9A89E154FF8771FBF894BF9E92FB - Geachte Abraham54,
Ik heb geen popups meer, De computer draait super.
Ik wil u heel hartelijk danken voor uw hulp om dit probleem op te lossen
SUPER bedankt.
Boudewijn - Hallo Boudewijn, klaar zijn we nog niet, want er zit een nog erg vieze toolbar in IE en verder zit er ook nog een virusbestand in Windows.
Daarom nu het volgende:
[b:545555c43f]Welk programma[/b:545555c43f]: - Goedenmorgen Abraham54,
Fijn dat u mij wil helpen om ook het restant op te ruimen.
OTL logfile created on: 13-10-2012 11:56:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Boudewijn\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
3,25 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 72,16% Memory free
6,49 Gb Paging File | 5,57 Gb Available in Paging File | 85,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911,51 Gb Total Space | 770,64 Gb Free Space | 84,55% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 318,71 Gb Free Space | 34,21% Space Free | Partition Type: NTFS
Drive E: | 20,00 Gb Total Space | 19,51 Gb Free Space | 97,52% Space Free | Partition Type: NTFS
Computer Name: BOUDEWIJN-PC | User Name: Boudewijn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
- Hierbij het Extras.txt
OTL Extras logfile created on: 13-10-2012 11:56:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Boudewijn\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
3,25 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 72,16% Memory free
6,49 Gb Paging File | 5,57 Gb Available in Paging File | 85,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911,51 Gb Total Space | 770,64 Gb Free Space | 84,55% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 318,71 Gb Free Space | 34,21% Space Free | Partition Type: NTFS
Drive E: | 20,00 Gb Total Space | 19,51 Gb Free Space | 97,52% Space Free | Partition Type: NTFS
Computer Name: BOUDEWIJN-PC | User Name: Boudewijn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
- [b:59a965831e]Sluit voordat
- Geachte Abraham54,
Hierbij de OTO-scanlog
All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-2409496061-4137906875-955605994-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AC20671B-8013-45A8-8B9F-B3212A5DECD2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC20671B-8013-45A8-8B9F-B3212A5DECD2}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ei.TelevisionFanatic.com/Plugin\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@MoneyMillionaire/npdf\ deleted successfully.
C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552\plugins\npdf.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\discountfinder@moneymillionaire.com deleted successfully.
C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552\skin folder moved successfully.
C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552\plugins folder moved successfully.
C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552\defaults folder moved successfully.
C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552\components folder moved successfully.
C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552\chrome\content folder moved successfully.
C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552\chrome folder moved successfully.
C:\ProgramData\MoneyMiljonair+\FFExtension20120109162552 folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components deleted successfully.
C:\Program Files\Mozilla Firefox\components folder moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ========== - Is jouw PC inderdaad opnieuw opgestart en hoe gaat het nu?
- Geachte Abraham54,
Ik krijg een bericht dat Windows niet als legitiem kan worden gevalideerd,
Dit is een bericht van Microsoft Security Essentials.
Als u Security Essentials wilt blijven gebruiken, klikt u op Het probleem online oplossen en maakt u Windows legitiem.
Ik heb een Windows versie van een ROC. - Een Windows van het ROC????
Sinds wanneer kan je via het ROC dan Windows kopen of gaat dat dan via een MSDN site? - Geachte Abraham54,
De zoon van een vriend heeft de oem versie van de ROC aan mij gegeven al een 2 jaar terug en die werkte perfect tot nu toe.
Groet Boudewijn - En heb je daar ook de bijbehorende licentie bij gekregen?
- Helaas is de code zoekgeraakt, is het een oplossing om de backup van afgelopen zondag terug te zetten?
Sorry voor de problemen, het ging zo super.
Groet Boudewijn - Weet u of het mogelijk is om op de dvd in een map of iets dergelijks de code te achterhalen is
Groet Boudewijn - Kijk hier maar: http://www.magicaljellybean.com/keyfinder/
Gewoon de gratis versie nemen!
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.
