Vraag & Antwoord

Beveiliging & privacy

coupon drop down

Anoniem
Abraham54
44 antwoorden
  • Dag

    Ik heb last van dit progje, overal waar ik een popup open wil klikken.
    Enkele tips op internet om dit op te lossen hebben gefaald: software verwijderen en combo fix draaien. Combofix gaf aan dat ik geen rechten zou hebben.

    Heeft iemand tips om dit coupon ding te verwijderen?
  • Welke webbrowsers gebruik jij?

  • Dag Awd loopt vast bij verwijderen. Hieronder de log die meteen na scannen gemaakt wordt.

    MBAM heb ik gisteravond gedraaid, uitgebreide versie. Heeft niets gevonden. ik weet zo vlug niet waar die log is opgeslagen.

    Ik gebruik Chrome





    # AdwCleaner v2.011 - Verslag gemaakt op 08/12/2012 om 16:51:33
    # Geactualiseerd op 02/12/2012 door Xplode
    # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)
    # Gebruiker : klaas - KLAAS-8A63BC311
    # Opstarten Modus : Normale modus
    # Gelanceerd vanaf : C:\Documents and Settings\klaas\Mijn documenten\Downloads\adwcleaner.exe
    # Optie [Zoeken]


    ***** [Diensten] *****


    ***** [Files / Mappen] *****

    File Aanwezig : C:\Documents and Settings\klaas\Menu Start\Programma's\iLivid.lnk
    File Aanwezig : C:\user.js
    Map Aanwezig : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
    Map Aanwezig : C:\Documents and Settings\All Users\Application Data\Browser Manager
    Map Aanwezig : C:\Documents and Settings\All Users\Application Data\Tarma Installer
    Map Aanwezig : C:\Documents and Settings\klaas\Application Data\AVG Secure Search
    Map Aanwezig : C:\Documents and Settings\klaas\Application Data\Babylon
    Map Aanwezig : C:\Documents and Settings\klaas\Application Data\Claro
    Map Aanwezig : C:\Documents and Settings\klaas\Application Data\Complitly
    Map Aanwezig : C:\Documents and Settings\klaas\Application Data\OpenCandy
    Map Aanwezig : C:\Documents and Settings\klaas\Local Settings\Application Data\AVG Secure Search
    Map Aanwezig : C:\Documents and Settings\klaas\Local Settings\Application Data\Conduit
    Map Aanwezig : C:\Documents and Settings\klaas\Local Settings\Application Data\Ilivid
    Map Aanwezig : C:\Documents and Settings\klaas\Local Settings\Application Data\Wajam
    Map Aanwezig : C:\Documents and Settings\klaas\Menu Start\Programma's\Browser Manager
    Map Aanwezig : C:\Documents and Settings\klaas\Menu Start\Programma's\Wajam
    Map Aanwezig : C:\Program Files\AVG Secure Search
    Map Aanwezig : C:\Program Files\Claro LTD
    Map Aanwezig : C:\Program Files\Common Files\AVG Secure Search
    Map Aanwezig : C:\Program Files\Complitly
    Map Aanwezig : C:\Program Files\Wajam

    ***** [Register] *****

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\Conduit
    Sleutel Aanwezig : HKCU\Software\AVG Secure Search
    Sleutel Aanwezig : HKCU\Software\Claro LTD
    Sleutel Aanwezig : HKCU\Software\Complitly
    Sleutel Aanwezig : HKCU\Software\Conduit
    Sleutel Aanwezig : HKCU\Software\ConduitSearchScopes
    Sleutel Aanwezig : HKCU\Software\DataMngr
    Sleutel Aanwezig : HKCU\Software\DataMngr_Toolbar
    Sleutel Aanwezig : HKCU\Software\ilivid
    Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Sleutel Aanwezig : HKCU\Software\SmartBar
    Sleutel Aanwezig : HKCU\Software\Softonic
    Sleutel Aanwezig : HKCU\Software\Wajam
    Sleutel Aanwezig : HKLM\Software\AVG Secure Search
    Sleutel Aanwezig : HKLM\Software\Babylon
    Sleutel Aanwezig : HKLM\Software\Claro LTD
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\escort.escortIEPane
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Prod.cap
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\S
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Toolbar.CT2849859
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\wajam.WajamBHO
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
    Sleutel Aanwezig : HKLM\Software\Conduit
    Sleutel Aanwezig : HKLM\Software\DataMngr
    Sleutel Aanwezig : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
    Sleutel Aanwezig : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
    Sleutel Aanwezig : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
    Sleutel Aanwezig : HKLM\Software\Iminent
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F}
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Updater Service
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
    Sleutel Aanwezig : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Sleutel Aanwezig : HKLM\Software\Tarma Installer
    Sleutel Aanwezig : HKLM\Software\Wajam
    Sleutel Aanwezig : HKU\S-1-5-21-606747145-1677128483-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Sleutel Aanwezig : HKU\S-1-5-21-606747145-1677128483-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Sleutel Aanwezig : HKU\S-1-5-21-606747145-1677128483-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
    Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Waarde Aanwezig : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
    Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}]
    Waarde Aanwezig : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

    ***** [Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.claro-search.com/?affID=116677&tt=4912_2&babsrc=HP_ss&mntrId=e8f280c4000000000000002522b9e953
    [HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www.claro-search.com/?affID=116677&tt=4912_2&babsrc=HP_ss&mntrId=e8f280c4000000000000002522b9e953
    [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.claro-search.com/?affID=116677&tt=4912_2&babsrc=NT_ss&mntrId=e8f280c4000000000000002522b9e953

    -\\ Google Chrome v23.0.1271.95

    File : C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    Aanwezig [l.12] : homepage = "hxxp://www.claro-search.com/?affID=116677&tt=4912_2&babsrc=HP_ss&mntrId=e8f280c4000000000000002522b9e953",
    Aanwezig [l.52] : icon_url = "hxxp://www.claro-search.com/favicon.ico",
    Aanwezig [l.55] : keyword = "claro-search.com",
    Aanwezig [l.58] : search_url = "hxxp://www.claro-search.com/?q={searchTerms}&affID=116677&tt=4912_2&babsrc=SP_ss&mntrId=e8f280c4000000000000002522b9e953",
    Aanwezig [l.1817] : homepage = "hxxp://www.claro-search.com/?affID=116677&tt=4912_2&babsrc=HP_ss&mntrId=e8f280c4000000000000002522b9e953",

    *************************

    AdwCleaner[R1].txt - [10799 octets] - [06/12/2012 21:51:18]
    AdwCleaner[R2].txt - [10860 octets] - [06/12/2012 21:51:59]
    AdwCleaner[R3].txt - [15796 octets] - [08/12/2012 14:28:10]
    AdwCleaner[R4].txt - [15900 octets] - [08/12/2012 16:50:41]
    AdwCleaner[R5].txt - [15653 octets] - [08/12/2012 16:51:33]
    AdwCleaner[S1].txt - [515 octets] - [08/12/2012 14:30:12]
    AdwCleaner[S2].txt - [434 octets] - [08/12/2012 14:59:26]
    AdwCleaner[S3].txt - [434 octets] - [08/12/2012 16:43:39]
    AdwCleaner[S4].txt - [434 octets] - [08/12/2012 16:51:01]

    ########## EOF - C:\AdwCleaner[R5].txt - [15950 octets] ##########
  • Waar je het log van MBAM vindt, heb ik toch duidelijk aangegeven!

    [b:73002d8836]MBAM-Log[/b:73002d8836]:
    [list:73002d8836][*:73002d8836] Het log wordt automatisch bewaard door 'MBAM' en dat kan je terugvinden door in het hoofdmenu van 'MBAM' op de tab 'Logbestanden' te klikken.[/list:u:73002d8836]

    En graag antwoord op mijn vraag welke webbrowser(s) jij gebruikt.

    [b:73002d8836]Welk programma[/b:73002d8836]:
  • Dag

    Zoals hierboven aangegeven gebruik ik chrome.

    Ook combofix start niet door, na de melding dat de verwerking bij b. computers twee keer zo lang kan duren gebeurt er verder 45 minuten niets meer. De computer is dan ook niet meer bestuurbaar en moet uitgezet worden.


    Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.0.1400
    www.malwarebytes.org

    Databaseversie: v2012.09.28.03

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    klaas :: KLAAS-8A63BC311 [administrator]

    Realtime bescherming: Ingeschakeld

    28-9-2012 12:08:59
    mbam-log-2012-09-28 (12-08-59).txt

    Scantype: Snelle scan
    Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scanopties: P2P
    Objecten gescand: 186993
    Verstreken tijd: 26 minuut/minuten,

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 1
    HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerwaarden gedetecteerd: 1
    HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 50a30c20917a2f685e767f5c8c2b1308 -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)
  • Verwijder de oude ComboFix en download ComboFix opnieuw.

    Herstart daarna naar Veilige Modus met netwerkmogelijkheid.
    Zie daarvoor desnoods: http://users.telenet.be/marcvn/spyware/veilige-modus.html

    Start ComboFix dan opnieuw op voor een scan.
  • combo fix doet niets ook niet in veilige modus
  • [b:28fe94b0e0]Doe de ESET online scan (Klik).[/b:28fe94b0e0]
    [list:28fe94b0e0]
    [*:28fe94b0e0]Klik op de knop [b:28fe94b0e0]ESET Online Scanner[/b:28fe94b0e0]
    [*:28fe94b0e0]Zet een vinkje bij [b:28fe94b0e0]YES, I accept the Terms of Use[/b:28fe94b0e0]
    [*:28fe94b0e0]Klik op [b:28fe94b0e0]Start[/b:28fe94b0e0]
    [*:28fe94b0e0]Sta het ActiveX control toe om te installeren.
    [*:28fe94b0e0]Zet een vinkje bij de volgende opties:
    [list:28fe94b0e0][*:28fe94b0e0][b:28fe94b0e0]Remove found threats[/b:28fe94b0e0]
    [*:28fe94b0e0][b:28fe94b0e0]Scan archives[/b:28fe94b0e0][/list:u:28fe94b0e0]
    [*:28fe94b0e0]Klik vervolgens op [b:28fe94b0e0]
  • ESETSmartInstaller@High as downloader log:
    all ok
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6844
    # api_version=3.0.2
    # EOSSerial=a52ecefac6968c469fd71caa0f3df92a
    # end=finished
    # remove_checked=true
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2012-12-14 01:34:24
    # local_time=2012-12-14 02:34:24 (+0100, West-Europa (standaardtijd))
    # country="Netherlands"
    # lang=1033
    # osver=5.1.2600 NT Service Pack 3
    # scanned=373431
    # found=33
    # cleaned=33
    # scan_time=16485
    C:\Documents and Settings\All Users\Application Data\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.crx Win32/bProtector.D application (deleted - quarantined) DD3CE6E52476139C1E0ACA8B68C041FDB561F338 C
    C:\Documents and Settings\All Users\Application Data\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.dll a variant of Win32/bProtector.A application (cleaned by deleting - quarantined) 1E62BF7A205ABC44A0A32E8C805AAAD8B02FCBE0 C
    C:\Documents and Settings\All Users\Application Data\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\mngr.js Win32/bProtector.C application (cleaned by deleting - quarantined) 21A2772AC0026ACA82F7BED3BC770638FF8CEAC4 C
    C:\Documents and Settings\klaas\Local Settings\Temp\ICReinstall_DownloadManagerSetup.exe a variant of Win32/InstallCore.AY application (cleaned by deleting - quarantined) 15DD6D311D2F0EF3BBC6BAC24073E896F7A3F0D1 C
    C:\Documents and Settings\klaas\Local Settings\Temp\YontooSetup-S.exe multiple threats (cleaned by deleting - quarantined) 9588275FF7803065136FC9EAF31BDFC74C97A5E3 C
    C:\Documents and Settings\klaas\Local Settings\Temp\01FB2D7A-BAB0-7891-B1C2-1A357B3FF896\Latest\MyBabylonTB.exe Win32/Toolbar.Babylon application (cleaned by deleting - quarantined) E78A50AFD731B5E8331C8087828C67D288D5E0F6 C
    C:\Documents and Settings\klaas\Local Settings\Temp\C69FE72C-BAB0-7891-86DE-2A7721A912F0\Latest\MyBabylonTB.exe Win32/Toolbar.Funmoods application (cleaned by deleting - quarantined) 4D284D71880CACD1975902DE6861FA86AB76972A C
    C:\Documents and Settings\klaas\Local Settings\Temporary Internet Files\Content.IE5\13EV0HIF\pack[1].7z multiple threats (deleted - quarantined) A8B5BE4E07E42AAAE58582261956167782BD5AAD C
    C:\Documents and Settings\klaas\Mijn documenten\Downloads\cbsidlm-tr1_8-Combofix-ORG2-75221073 (1).exe Win32/DownloadAdmin.E application (cleaned by deleting - quarantined) 5BAFD51453714E4815F80C01DA03F9DEF0CDE8C9 C
    C:\Documents and Settings\klaas\Mijn documenten\Downloads\cbsidlm-tr1_8-Combofix-ORG2-75221073.exe Win32/DownloadAdmin.E application (cleaned by deleting - quarantined) 5BAFD51453714E4815F80C01DA03F9DEF0CDE8C9 C
    C:\Documents and Settings\klaas\Mijn documenten\Downloads\desktop-icalendar-downloader (1).exe a variant of Win32/Somoto.A application (cleaned by deleting - quarantined) 89422941962AEBECC5A79FBFC985C9FE4C97FAD0 C
    C:\Documents and Settings\klaas\Mijn documenten\Downloads\desktop-icalendar-downloader.exe a variant of Win32/Somoto.A application (cleaned by deleting - quarantined) 89422941962AEBECC5A79FBFC985C9FE4C97FAD0 C
    C:\Documents and Settings\klaas\Mijn documenten\Downloads\DownloadManagerSetup.exe a variant of Win32/InstallCore.AY application (cleaned by deleting - quarantined) 15DD6D311D2F0EF3BBC6BAC24073E896F7A3F0D1 C
    C:\Documents and Settings\klaas\Mijn documenten\Downloads\iLividSetup (1).exe Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 52F814443453A0453C2FE9D88A881514EEF299A0 C
    C:\Documents and Settings\klaas\Mijn documenten\Downloads\iLividSetup.exe Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 52F814443453A0453C2FE9D88A881514EEF299A0 C
    C:\Documents and Settings\klaas\Mijn documenten\Downloads\IZArcInstall.exe a variant of Win32/Somoto.A application (cleaned by deleting - quarantined) 6CFFDDB76345FA7BB63579E11CD5F6BB5E2F44F6 C
    C:\Documents and Settings\klaas\Mijn documenten\Downloads\PDFReaderSetup.exe a variant of Win32/InstallCore.AX application (cleaned by deleting - quarantined) 197B9DC70199193C32D12667DF16D82B24A758BE C
    C:\Documents and Settings\klaas\Mijn documenten\Downloads\SoftonicDownloader_voor_bittorrent.exe a variant of Win32/SoftonicDownloader.E application (cleaned by deleting - quarantined) A79D3EEC5E17A1B53C698502A308232BE0C3FAF4 C
    C:\Documents and Settings\klaas\Mijn documenten\Downloads\SoftonicDownloader_voor_slimdrivers.exe a variant of Win32/SoftonicDownloader.E application (cleaned by deleting - quarantined) 22A403D17F60A1FC77E50A81F559F88260B28171 C
    C:\Documents and Settings\klaas\Mijn documenten\Downloads\SoftonicDownloader_voor_utorrent.exe a variant of Win32/SoftonicDownloader.E application (cleaned by deleting - quarantined) 42665EDA8BB609B53A99C67095012F065BE5BE81 C
    C:\Documents and Settings\klaas\Mijn documenten\Downloads\VideoPerformerSetup.exe a variant of Win32/InstallBrain.L application (cleaned by deleting - quarantined) 4A71ACB64D81064704F8A403D447A4C7AD4BF520 C
    C:\Documents and Settings\klaas\Mijn documenten\Downloads\Windows_7_Loader_v1_9_7_DAZ_32Bit_64Bit_.exe Win32/Adware.1ClickDownload.K application (cleaned by deleting - quarantined) C5F87150706DA13FAF695CF1FBB8948B945A48E5 C
    C:\Documents and Settings\klaas\Mijn documenten\Downloads\WinZip165Multi-language.exe a variant of Win32/OpenInstall application (cleaned by deleting - quarantined) FBF190997350C32BDC4E9E4C3C47D3BEC72CEEBE C
    C:\Program Files\Claro LTD\claro\1.8.3.10\escortShld.dll Win32/Toolbar.Funmoods application (cleaned by deleting - quarantined) 6C89F129D39CA812C1E18B557119785109DF3F28 C
    C:\Program Files\TornTV.com\uninst.exe Win32/Adware.1ClickDownload.K application (cleaned by deleting - quarantined) 3E4FCC3AA30431CCF06FF4F3F1EE5415E04896D7 C
    D:\backup vanf zolder\oud\DRIVERS\zelf toegevoegde drivers of updates\Elby Clone Dvd V1.3.10.1 Anydvd 2.0.0.4 Ger Key\AnyDVD v2.0.0.4.rar probably a variant of Win32/Adware.Agent.EQTHDWD application (deleted - quarantined) A174DDF9E56FDC681952E7DCBB645B2A67335C48 C
    D:\Program Files\Stellar Phoenix Windows Data Recovery\d\A0041211.exe probably unknown NewHeur_PE virus (deleted - quarantined) 0FB6D3086C3D0ECB9CF743F5DA36BFE73AE9F2BB C
    D:\Program Files\Stellar Phoenix Windows Data Recovery\d\asc-setup (1).exe a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) 368E29C92D580DB0B2E0E0DDC9AE588A83DD7B78 C
    D:\Program Files\Stellar Phoenix Windows Data Recovery\d\asc-setup (2).exe a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) B8EB12CB8CFC740F3C59822CC3FD79BDD8751394 C
    D:\Program Files\Stellar Phoenix Windows Data Recovery\d\asc-setup (3).exe a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) 03A7D97387FBF9BAC969A591B68A8EDC2D493417 C
    D:\Program Files\Stellar Phoenix Windows Data Recovery\d\registrybooster (1).exe Win32/RegistryBooster application (cleaned by deleting - quarantined) 5F85D7FB8E0C1CFB3C8A2546FE743238E23EC12B C
    D:\Program Files\Stellar Phoenix Windows Data Recovery\d\registrybooster.exe multiple threats (cleaned by deleting - quarantined) 0BCFA334658F372DEA606CB8C1FDC2506074E1E0 C
    D:\Program Files\Stellar Phoenix Windows Data Recovery\d\slow-pcfighter_Web.exe probably a variant of Win32/SlowPCfighter application (cleaned by deleting - quarantined) A2887FB0F82BC4672737FC29CD96471D74083190 C
  • Wat een waslijst aan ongein heeft de scan opgeleverd.

    Download de nieuwste versie van AdwCleaner naar het bureaublad: AdwCleaner by Xplode.

    En start het tool daarna op voor een nieuwe verwijderronde.
    Post wederom het log dat je krijgt.
  • # AdwCleaner v2.011 - Verslag gemaakt op 15/12/2012 om 09:17:24
    # Geactualiseerd op 02/12/2012 door Xplode
    # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)
    # Gebruiker : klaas - KLAAS-8A63BC311
    # Opstarten Modus : Normale modus
    # Gelanceerd vanaf : C:\Documents and Settings\klaas\Bureaublad\adwcleaner.exe
    # Optie [Verwijderen]


    ***** [Diensten] *****


    ***** [Files / Mappen] *****

    File Verwijdert : C:\Documents and Settings\klaas\Menu Start\Programma's\iLivid.lnk
    File Verwijdert : C:\user.js
    Map Verwijdert : C:\Documents and Settings\All Users\Application Data\Browser Manager
    Map Verwijdert : C:\Documents and Settings\All Users\Application Data\Tarma Installer
    Map Verwijdert : C:\Documents and Settings\klaas\Application Data\AVG Secure Search
    Map Verwijdert : C:\Documents and Settings\klaas\Application Data\Babylon
    Map Verwijdert : C:\Documents and Settings\klaas\Application Data\Claro
    Map Verwijdert : C:\Documents and Settings\klaas\Application Data\Complitly
    Map Verwijdert : C:\Documents and Settings\klaas\Application Data\OpenCandy
    Map Verwijdert : C:\Documents and Settings\klaas\Local Settings\Application Data\AVG Secure Search
    Map Verwijdert : C:\Documents and Settings\klaas\Local Settings\Application Data\Conduit
    Map Verwijdert : C:\Documents and Settings\klaas\Local Settings\Application Data\Ilivid
    Map Verwijdert : C:\Documents and Settings\klaas\Local Settings\Application Data\Wajam
    Map Verwijdert : C:\Documents and Settings\klaas\Menu Start\Programma's\Browser Manager
    Map Verwijdert : C:\Documents and Settings\klaas\Menu Start\Programma's\Wajam
    Map Verwijdert : C:\Program Files\AVG Secure Search
    Map Verwijdert : C:\Program Files\Claro LTD
    Map Verwijdert : C:\Program Files\Complitly
    Map Verwijdert : C:\Program Files\Wajam
    Verwijdert bij het opstarten : C:\Program Files\Common Files\AVG Secure Search

    ***** [Register] *****

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit
    Sleutel Verwijdert : HKCU\Software\AVG Secure Search
    Sleutel Verwijdert : HKCU\Software\Claro LTD
    Sleutel Verwijdert : HKCU\Software\Complitly
    Sleutel Verwijdert : HKCU\Software\Conduit
    Sleutel Verwijdert : HKCU\Software\ConduitSearchScopes
    Sleutel Verwijdert : HKCU\Software\DataMngr
    Sleutel Verwijdert : HKCU\Software\DataMngr_Toolbar
    Sleutel Verwijdert : HKCU\Software\ilivid
    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Sleutel Verwijdert : HKCU\Software\SmartBar
    Sleutel Verwijdert : HKCU\Software\Softonic
    Sleutel Verwijdert : HKCU\Software\Wajam
    Sleutel Verwijdert : HKLM\Software\AVG Secure Search
    Sleutel Verwijdert : HKLM\Software\Babylon
    Sleutel Verwijdert : HKLM\Software\Claro LTD
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\S
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2849859
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wajam.WajamBHO
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
    Sleutel Verwijdert : HKLM\Software\Conduit
    Sleutel Verwijdert : HKLM\Software\DataMngr
    Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
    Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
    Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
    Sleutel Verwijdert : HKLM\Software\Iminent
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\claro
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Updater Service
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
    Sleutel Verwijdert : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Sleutel Verwijdert : HKLM\Software\Tarma Installer
    Sleutel Verwijdert : HKLM\Software\Wajam
    Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
    Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Waarde Verwijdert : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
    Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}]
    Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

    ***** [Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.claro-search.com/?affID=116677&tt=4912_2&babsrc=HP_ss&mntrId=e8f280c4000000000000002522b9e953 –> hxxp://www.google.com
    Verwijdert : [HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page]
    Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.claro-search.com/?affID=116677&tt=4912_2&babsrc=NT_ss&mntrId=e8f280c4000000000000002522b9e953 –> hxxp://www.google.com

    -\\ Google Chrome v23.0.1271.97

    File : C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    Verwijdert [l.12] : homepage = "hxxp://www.claro-search.com/?affID=116677&tt=4912_2&babsrc=HP_ss&mntrId=e8f280c40[…]
    Verwijdert [l.52] : icon_url = "hxxp://www.claro-search.com/favicon.ico",
    Verwijdert [l.55] : keyword = "claro-search.com",
    Verwijdert [l.58] : search_url = "hxxp://www.claro-search.com/?q={searchTerms}&affID=116677&tt=4912_2&babsrc=SP_s[…]
    Verwijdert [l.1817] : homepage = "hxxp://www.claro-search.com/?affID=116677&tt=4912_2&babsrc=HP_ss&mntrId=e8f280c40000[…]

    *************************

    AdwCleaner[R1].txt - [10799 octets] - [06/12/2012 21:51:18]
    AdwCleaner[R2].txt - [10860 octets] - [06/12/2012 21:51:59]
    AdwCleaner[R3].txt - [15796 octets] - [08/12/2012 14:28:10]
    AdwCleaner[R4].txt - [15900 octets] - [08/12/2012 16:50:41]
    AdwCleaner[R5].txt - [16020 octets] - [08/12/2012 16:51:33]
    AdwCleaner[R6].txt - [16066 octets] - [08/12/2012 16:53:17]
    AdwCleaner[R7].txt - [16526 octets] - [15/12/2012 09:11:57]
    AdwCleaner[S1].txt - [515 octets] - [08/12/2012 14:30:12]
    AdwCleaner[S2].txt - [434 octets] - [08/12/2012 14:59:26]
    AdwCleaner[S3].txt - [434 octets] - [08/12/2012 16:43:39]
    AdwCleaner[S4].txt - [434 octets] - [08/12/2012 16:51:01]
    AdwCleaner[S5].txt - [419 octets] - [08/12/2012 16:53:26]
    AdwCleaner[S7].txt - [16135 octets] - [15/12/2012 09:17:24]

    ########## EOF - C:\AdwCleaner[S7].txt - [16196 octets] ##########
  • Vervolgens nog dit er achteraan in 2e instantie

    # AdwCleaner v2.100 - Verslag gemaakt op 15/12/2012 om 09:23:50
    # Geactualiseerd op 09/12/2012 door Xplode
    # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)
    # Gebruiker : klaas - KLAAS-8A63BC311
    # Opstarten Modus : Normale modus
    # Gelanceerd vanaf : C:\Documents and Settings\klaas\Mijn documenten\Downloads\AdwCleaner.exe
    # Optie [Verwijderen]


    ***** [Diensten] *****


    ***** [Files / Mappen] *****


    ***** [Register] *****

    Sleutel Verwijdert : HKCU\Software\SweetIM
    Sleutel Verwijdert : HKLM\Software\SweetIM

    ***** [Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Het register bevat geen enkele ongeoorloofde invoer.

    -\\ Google Chrome v23.0.1271.97

    File : C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    [OK] De file bevat geen enkele ongeoorloofde invoer.

    *************************

    AdwCleaner[R1].txt - [10799 octets] - [06/12/2012 21:51:18]
    AdwCleaner[R2].txt - [10860 octets] - [06/12/2012 21:51:59]
    AdwCleaner[R3].txt - [15796 octets] - [08/12/2012 14:28:10]
    AdwCleaner[R4].txt - [15900 octets] - [08/12/2012 16:50:41]
    AdwCleaner[R5].txt - [16020 octets] - [08/12/2012 16:51:33]
    AdwCleaner[R6].txt - [16066 octets] - [08/12/2012 16:53:17]
    AdwCleaner[R7].txt - [16526 octets] - [15/12/2012 09:11:57]
    AdwCleaner[S1].txt - [515 octets] - [08/12/2012 14:30:12]
    AdwCleaner[S2].txt - [434 octets] - [08/12/2012 14:59:26]
    AdwCleaner[S3].txt - [434 octets] - [08/12/2012 16:43:39]
    AdwCleaner[S4].txt - [434 octets] - [08/12/2012 16:51:01]
    AdwCleaner[S5].txt - [419 octets] - [08/12/2012 16:53:26]
    AdwCleaner[S7].txt - [16266 octets] - [15/12/2012 09:17:24]
    AdwCleaner[S8].txt - [1701 octets] - [15/12/2012 09:23:50]

    ########## EOF - C:\AdwCleaner[S8].txt - [1761 octets] ##########
  • Laten we ComboFix opnieuw proberen:

    [b:ef5cdecbdf]Welk programma[/b:ef5cdecbdf]:
  • Combofix loopt nog steeds vast zodra het scannen begint. Er is nu wel een kleine verandering: Enkele ogenblikken na het starten van de scan verdwijnt het hele blauwe veld en staat onderin alleen autoscan. De computer moet nog steeds uit en aan gezet worden.

    Alle handelingen tot nu toe hebben wel geholpen in de zin dat de coupon toestanden weg zijn en de computer weer wat sneller lijkt te zijn.
  • Fijn dat er resultaat bemerkbaar is.

    We gaan wat anders doen:

    [b:57261f1e8d]Welk programma[/b:57261f1e8d]:
  • [code:1:1f5bc5ee7f]
    HitmanPro 3.6.2.174
    www.hitmanpro.com

    Computer name . . . . : KLAAS-8A63BC311
    Windows . . . . . . . : 5.1.3.2600.X86/2
    User name . . . . . . : KLAAS-8A63BC311\klaas
    License . . . . . . . : Free

    Scan date . . . . . . : 2012-12-15 12:38:23
    Scan mode . . . . . . : Normal
    Scan duration . . . . : 10m 37s
    Disk access mode . . : Direct disk access (SRB)
    Cloud . . . . . . . . : Internet
    Reboot . . . . . . . : No

    Threats . . . . . . . : 0
    Traces . . . . . . . : 147

    Objects scanned . . . : 520.841
    Files scanned . . . . : 37.026
    Remnants scanned . . : 92.904 files / 390.911 keys

    Potential Unwanted Programs _________________________________________________

    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\bprotector web data (Claro)
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\bprotectorpreferences (Claro)
    C:\WINDOWS\Installer\{069B290F-5398-4629-A009-85B4BCB4B1B9}\ (Claro)
    C:\WINDOWS\Installer\{069B290F-5398-4629-A009-85B4BCB4B1B9}\Claro.ico (Claro)
    HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL\ (Claro)
    HKLM\SOFTWARE\Classes\AppID\secman.DLL\ (Babylon)
    HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}\ (Babylon)
    HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}\ (Claro)
    HKLM\SOFTWARE\Classes\AppID\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}\ (Claro)
    HKLM\SOFTWARE\Classes\c\ (Claro)
    HKLM\SOFTWARE\Classes\claro.claroappCore.1\ (Claro)
    HKLM\SOFTWARE\Classes\claro.claroappCore\ (Claro)
    HKLM\SOFTWARE\Classes\claro.clarodskBnd.1\ (Claro)
    HKLM\SOFTWARE\Classes\claro.clarodskBnd\ (Claro)
    HKLM\SOFTWARE\Classes\claro.claroHlpr.1\ (Claro)
    HKLM\SOFTWARE\Classes\claro.claroHlpr\ (Claro)
    HKLM\SOFTWARE\Classes\CLSID\{F398D871-ED00-42A8-BEAA-0209E9E59FCC}\ (Claro)
    HKLM\SOFTWARE\Classes\esrv.claroESrvc.1\ (Claro)
    HKLM\SOFTWARE\Classes\esrv.claroESrvc\ (Claro)
    HKLM\SOFTWARE\Classes\Installer\Features\F092B960893592640A90584BCB4B1B9B\ (Claro)
    HKLM\SOFTWARE\Classes\Installer\Products\F092B960893592640A90584BCB4B1B9B\ (Claro)
    HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\2E4A8FA31C5CBF34AB8A9A1FEEC064D1\F092B960893592640A90584BCB4B1B9B (Claro)
    HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}\ (Claro)
    HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}\ (Claro)
    HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}\ (Claro)
    HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}\ (Claro)
    HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}\ (Claro)
    HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}\ (Claro)
    HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}\ (Claro)
    HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}\ (Babylon)
    HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}\ (Claro)
    HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}\ (Claro)
    HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}\ (Claro)
    HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}\ (Claro)
    HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}\ (Claro)
    HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}\ (Claro)
    HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1\ (Babylon)
    HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager\ (Babylon)
    HKLM\SOFTWARE\Classes\TypeLib\{A903AC15-686E-4D67-A355-86FCBE9F60DA}\ (Claro)
    HKLM\SOFTWARE\Classes\TypeLib\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}\ (Claro)
    HKLM\SOFTWARE\Google\Chrome\Extensions\dcillohgikpecbmgioknapdpcjofaafl\ (Claro)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\2E4A8FA31C5CBF34AB8A9A1FEEC064D1\F092B960893592640A90584BCB4B1B9B (Claro)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7\ (Claro)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9FAC99E2D8280F4482F22004D09FBA2\ (Claro)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE26D37B0FFFAE4559860C5C4D938B71\ (Claro)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F092B960893592640A90584BCB4B1B9B\ (Claro)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{069B290F-5398-4629-A009-85B4BCB4B1B9}\ (Claro)
    HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\WajamUpdater\ (Claro)
    HKLM\SYSTEM\ControlSet003\Services\Eventlog\Application\WajamUpdater\ (Claro)
    HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater\ (Claro)
    HKU\S-1-5-21-606747145-1677128483-839522115-1004\Software\Microsoft\ClaroDirectory\ (Claro)

    Cookies _____________________________________________________________________

    C:\Documents and Settings\klaas\Cookies\4DEKP3YN.txt
    C:\Documents and Settings\klaas\Cookies\8R3277GK.txt
    C:\Documents and Settings\klaas\Cookies\IV57CTXO.txt
    C:\Documents and Settings\klaas\Cookies\NRCVGFVN.txt
    C:\Documents and Settings\klaas\Cookies\VOJ94FCT.txt
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:2o7.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad-emea.doubleclick.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad.nl
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad.zanox.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:adbrite.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.ad4game.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.hachette.nl
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.justpremium.nl
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.p161.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.pointroll.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.undertone.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:adserver.omroepzeeland.nl
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:adtech.de
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:adtechus.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:adverteerdirect.nl
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:advertising.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:advertstream.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:apmebf.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:asrverzekeringen.solution.weborama.fr
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:at.atwola.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:atdmt.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:be.sitestat.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:bluemango.solution.weborama.fr
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:burstnet.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:c.atdmt.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:c1.atdmt.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:casalemedia.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:clubmednl.solution.weborama.fr
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:cms.ad.yieldmanager.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:collective-media.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:conversioncompany.solution.weborama.fr
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:deltalloyd.adservinginternational.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:doubleclick.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:eas.apm.emediate.eu
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:fairetail.directtrack.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:fastclick.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ffddela.solution.weborama.fr
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ffddelacampagne.solution.weborama.fr
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ffdeon.solution.weborama.fr
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:fucktimkuik.org
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:googleads.g.doubleclick.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:h.atdmt.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:hollandsnieuwe.122.2o7.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:intergamma.122.2o7.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:invitemedia.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:keygens.nl
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:kiemer.adservinginternational.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:kontera.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:kpn.solution.weborama.fr
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:media6degrees.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:mediaplex.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:mswmwpapolloprod.122.2o7.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:nl.sitestat.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:nuon.112.2o7.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ohra.adservinginternational.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:overture.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:philips.112.2o7.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:pointroll.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:questionmarket.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:revsci.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:robeco.122.2o7.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ru4.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:serving-sys.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:smartadserver.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:specificclick.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:stat.onestat.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:statcounter.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:stepstone.112.2o7.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:thephonehouse.solution.weborama.fr
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:track.adform.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:track.zalando.nl
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:tradedoubler.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:vodafonebranding.solution.weborama.fr
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:volkswagenbm.solution.weborama.fr
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:weborama.fr
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ww251.smartadserver.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:www.burstnet.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:www.etracker.de
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:www4.smartadserver.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:xiti.com
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:yieldmanager.net
    C:\Documents and Settings\klaas\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:zeddigitalnl.solution.weborama.fr


    [/code:1:1f5bc5ee7f]
  • En nu gaan we ComboFix weer gebruiken.
    Echter hernoem ComboFix.exe naar iexplore.exe, explorer.exe, of winlogon.exe.

    Start de hernoemde ComboFix dan op nadat je de antivirus hebt gedeaktiveerd.
  • Dag,

    Bedoel je nu dat ik combofix.exe gewoon een andere naam moet geven?
  • Dag

    Misschien die ik iets verkeerd, als ik combofix opstart krijg ik een uitpakscherm in beeld.
    Ik heb Combofix verwijderd en weer gedownlaod, krijg niet eens de keus om op te slaan. Het uitpakprogramma zet zich op mijn buroblad en pakt elke keer als ik dat aanklik opnieuw uit, ik kan niet bij een exe.file komen.
  • Welke browser gebruik jij dan?

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.

Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord