Ga naar inhoud

bart0

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    18

  • Registratiedatum

  • Laatst bezocht

bart0's prestaties

Leerling

Leerling (3/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. bart0
    Ik heb nog niet geüpdate omdat daar nog iets meer geheugen voor nodig is om de download überhaupt te kunnen uitvoeren. Daarnaast heb ik met Etrecheck het volgende report gekregen: EtreCheck version: 2.9.13 (267) Report generated 2016-07-11 01:01:57 Download EtreCheck from https://etrecheck.com Runtime 1:34 Performance: Excellent Click the [Support] links for help with non-Apple products. Click the [Details] links for more information about that line. Problem: Other problem Hardware Information: ⓘ MacBook Pro (Retina, 15-inch, Late 2013) [Technical Specifications] - [User Guide] - [Warranty & Service] MacBook Pro - model: MacBookPro11,2 1 2 GHz Intel Core i7 CPU: 4-core 16 GB RAM Not upgradeable BANK 0/DIMM0 8 GB DDR3 1600 MHz ok BANK 1/DIMM0 8 GB DDR3 1600 MHz ok Bluetooth: Good - Handoff/Airdrop2 supported Wireless: en0: 802.11 a/b/g/n/ac Battery: Health = Normal - Cycle count = 295 Video Information: ⓘ Intel Iris Pro Color LCD 2880 x 1800 System Software: ⓘ OS X El Capitan 10.11.1 (15B42) - Time since boot: less than an hour Disk Information: ⓘ APPLE SSD SM0256F disk0 : (251 GB) (Solid State - TRIM: Yes) EFI (disk0s1) <not mounted> : 210 MB Recovery HD (disk0s3) <not mounted> [Recovery]: 650 MB Macintosh HD (disk1) / [Startup]: 249.78 GB (4.96 GB free) (Low!) Encrypted AES-XTS Unlocked Core Storage: disk0s2 250.14 GB Online USB Information: ⓘ Apple Inc. Apple Internal Keyboard / Trackpad Apple Inc. BRCM20702 Hub Apple Inc. Bluetooth USB Host Controller Thunderbolt Information: ⓘ Apple Inc. thunderbolt_bus Gatekeeper: ⓘ Mac App Store and identified developers System Launch Agents: ⓘ [not loaded] 6 Apple tasks [loaded] 144 Apple tasks [running] 86 Apple tasks System Launch Daemons: ⓘ [not loaded] 43 Apple tasks [loaded] 141 Apple tasks [running] 102 Apple tasks Launch Agents: ⓘ [not loaded] com.adobe.AAM.Updater-1.0.plist (2015-05-31) [Support] [running] com.brother.LOGINserver.plist (2014-05-08) [Support] [loaded] com.google.keystone.agent.plist (2016-03-02) [Support] [loaded] com.oracle.java.Java-Updater.plist (2014-11-25) [Support] Launch Daemons: ⓘ [loaded] com.adobe.SwitchBoard.plist (2015-05-31) [Support] [loaded] com.adobe.fpsaud.plist (2016-06-13) [Support] [loaded] com.google.keystone.daemon.plist (2016-03-02) [Support] [loaded] com.microsoft.autoupdate.helpertool.plist (2016-04-15) [Support] [loaded] com.microsoft.office.licensing.helper.plist (2010-08-25) [Support] [loaded] com.microsoft.office.licensingV2.helper.plist (2016-02-12) [Support] [loaded] com.oracle.java.Helper-Tool.plist (2014-11-25) [Support] User Launch Agents: ⓘ [loaded] com.adobe.AAM.Updater-1.0.plist (2015-04-20) [Support] [loaded] uk.co.markallan.clamxav.clamscan.plist (2016-04-02) [Support] User Login Items: ⓘ iTunesHelper Programma (/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app) ClamXav Programma Hidden (/Applications/ClamXav.app) Livedrive Programma (/Applications/Livedrive.app/Contents/Resources/Livedrive.app) Other Apps: ⓘ [running] com.brother.utility.NETserver.96352 [running] com.brother.utility.USBserver.95712 [loaded] com.fiplab.MenuTabHelper [running] com.fiplab.facetab.61152 [running] com.livedrive.Livedriveapp.113632 [loaded] uk.co.markallan.clamxav.54432 [loaded] 376 Apple tasks [running] 221 Apple tasks Internet Plug-ins: ⓘ FlashPlayer-10.6: 22.0.0.192 - SDK 10.9 (2016-07-02) [Support] QuickTime Plugin: 7.7.3 (2015-11-10) Flash Player: 22.0.0.192 - SDK 10.9 (2016-07-02) [Support] AdobePDFViewer: 10.1.1 (2015-05-31) [Support] EPPEX Plugin: 10.0 (2014-07-06) [Support] Default Browser: 601 - SDK 10.11 (2015-11-10) o1dbrowserplugin: 5.41.3.0 - SDK 10.8 (2016-02-22) [Support] SharePointBrowserPlugin: 14.6.1 - SDK 10.6 (2016-03-05) [Support] googletalkbrowserplugin: 5.41.3.0 - SDK 10.8 (2015-12-11) [Support] Silverlight: 5.1.30514.0 - SDK 10.6 (2014-07-25) [Support] JavaAppletPlugin: Java 8 Update 91 build 14 (2016-04-25) Check version 3rd Party Preference Panes: ⓘ Flash Player (2016-06-13) [Support] Java (2016-04-25) [Support] Time Machine: ⓘ Skip System Files: NO Mobile backups: ON Auto backup: YES Volumes being backed up: Macintosh HD: Disk size: 249.78 GB Disk used: 244.81 GB Destinations: TimeMachineBackup [Network] Total size: 726.66 GB Total number of backups: 24 Oldest backup: 05-03-16 17:46 Last backup: 01-06-16 09:53 Size of backup disk: Too small Backup size 726.66 GB < (Disk used 244.81 GB X 3) Top Processes by CPU: ⓘ 49% Livedrive 5% kernel_task 5% WindowServer 2% Mail 1% fontd Top Processes by Memory: ⓘ 1.07 GB kernel_task 573 MB Livedrive 475 MB softwareupdated 393 MB com.apple.WebKit.WebContent(3) 279 MB mdworker(14) Virtual Memory Information: ⓘ 7.09 GB Free RAM 8.90 GB Used RAM (3.31 GB Cached) 0 B Swap Used Diagnostics Information: ⓘ Jul 11, 2016, 01:00:13 AM /Library/Logs/DiagnosticReports/Livedrive_2016-07-11-010013_[redacted].cpu_resource.diag [Details] /Applications/Livedrive.app/Contents/Resources/Livedrive.app/Contents/MacOS/Livedrive Jul 11, 2016, 12:54:45 AM ~/Library/Logs/DiagnosticReports/com.apple.sbd_2016-07-11-005445_[redacted].crash /System/Library/PrivateFrameworks/CloudServices.framework/Versions/A/XPCServices/com.apple.sbd.xpc/Contents/MacOS/com.apple.sbd Jul 11, 2016, 12:54:34 AM ~/Library/Logs/DiagnosticReports/com.apple.sbd_2016-07-11-005434_[redacted].crash Jul 11, 2016, 12:52:57 AM Self test - passed
  2. bart0
    Eigenschappen Mac: OS X El Capitan (versie 10.11.1) MacBook Pro (Retina, 15-inch, eind 2013) Processor 2 GHz Intel Core i7 Geheugen 16 GB 1600 MHz DDR3 Opstartschijf Macintosh HD Videokaart Intel Iris Pro 1536 MB Geheugen: MacinTosh 249,78 GB Programma's: 21,08 GB Foto's 102,41 GB Audio 2,96 GB Films 40,73 GB Overig 82,6 GB Nog beschikbaar 0 GB Iedere keer als ik de computer opruim is hij nog geen week later weer vol, terwijl er helemaal niet veel of niks aan bestanden bijgekomen is. Ook wanneer ik het geheugen 'schoonmaak' met het programma 'Onyx', is er zo weer 2 GB vrij, maar dat is twee dagen later ook weer helemaal vol. Hoe kan dit; en belangrijker nog; hoe kan ik het voorkomen?
  3. bart0
    Hij gedraagt zich goed Bedankt!
  4. bart0
    Hee, Hieronder staan de 2 logbestanden. De bestanden van hijackthis die ik moest verwijderen heb ik verwijderd, maar de laatste die je me had gegeven werd niet meteen verwijderd. Na een paar keer was hij wel verwijderd. Bedankt alvast Groetjes, Bart # AdwCleaner v2.303 - Verslag gemaakt op 12/06/2013 om 15:23:53 # Geactualiseerd op 08/06/2013 door Xplode # Besturingssysteem : Windows 7 Ultimate Service Pack 1 (32 bits) # Gebruiker : Bart - BART-LAPTOP-3 # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Bart\Desktop\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** Gestopt & Verwijdert : BrowserDefendert Gestopt & Verwijdert : eSafeSvc Gestopt & Verwijdert : WebCake Desktop Updater ***** [Files / Mappen] ***** File Verwijderd : C:\Users\Bart\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data File Verwijderd : C:\Users\Bart\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences File Verwijderd : C:\Users\Bart\AppData\Roaming\BabMaint.exe Map Verwijderd : C:\Program Files\Common Files\DVDVideoSoft\TB Map Verwijderd : C:\Program Files\Conduit Map Verwijderd : C:\Program Files\DealPly Map Verwijderd : C:\Program Files\Delta Map Verwijderd : C:\Program Files\Desk 365 Map Verwijderd : C:\Program Files\WebCake Map Verwijderd : C:\ProgramData\Babylon Map Verwijderd : C:\ProgramData\eSafe Map Verwijderd : C:\ProgramData\Tarma Installer Map Verwijderd : C:\Users\Bart\AppData\Local\Bundled software uninstaller Map Verwijderd : C:\Users\Bart\AppData\Local\Conduit Map Verwijderd : C:\Users\Bart\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh Map Verwijderd : C:\Users\Bart\AppData\LocalLow\Conduit Map Verwijderd : C:\Users\Bart\AppData\LocalLow\Delta Map Verwijderd : C:\Users\Bart\AppData\Roaming\BabSolution Map Verwijderd : C:\Users\Bart\AppData\Roaming\Babylon Map Verwijderd : C:\Users\Bart\AppData\Roaming\DealPly Map Verwijderd : C:\Users\Bart\AppData\Roaming\Delta Map Verwijderd : C:\Users\Bart\AppData\Roaming\dvdvideosoftiehelpers Map Verwijderd : C:\Users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender Map Verwijderd : C:\Users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly Map Verwijderd : C:\Users\Bart\AppData\Roaming\WebCake Verwijderd bij het opstarten : C:\ProgramData\BrowserDefender ***** [Register] ***** Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Verwijderd : HKCU\Software\AppDataLow\SProtector Sleutel Verwijderd : HKCU\Software\BabSolution Sleutel Verwijderd : HKCU\Software\BI Sleutel Verwijderd : HKCU\Software\Conduit Sleutel Verwijderd : HKCU\Software\DataMngr Sleutel Verwijderd : HKCU\Software\DataMngr_Toolbar Sleutel Verwijderd : HKCU\Software\DealPly Sleutel Verwijderd : HKCU\Software\Delta Sleutel Verwijderd : HKCU\Software\e2dbddb369eb47 Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Sleutel Verwijderd : HKCU\Software\PrivitizeVPNInstallDates Sleutel Verwijderd : HKCU\Software\StartSearch Sleutel Verwijderd : HKLM\Software\Babylon Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\delta.deltaappCore Sleutel Verwijderd : HKLM\SOFTWARE\Classes\delta.deltaappCore.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\delta.deltadskBnd Sleutel Verwijderd : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\delta.deltaHlpr Sleutel Verwijderd : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\escort.escortIEPane Sleutel Verwijderd : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\esrv.deltaESrvc Sleutel Verwijderd : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2865317 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api Sleutel Verwijderd : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers Sleutel Verwijderd : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1 Sleutel Verwijderd : HKLM\Software\Conduit Sleutel Verwijderd : HKLM\Software\DataMngr Sleutel Verwijderd : HKLM\Software\DealPly Sleutel Verwijderd : HKLM\Software\Delta Sleutel Verwijderd : HKLM\Software\Desksvc Sleutel Verwijderd : HKLM\SOFTWARE\e2dbddb369eb47 Sleutel Verwijderd : HKLM\Software\eSafeSecControl Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA} Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eSafeSecControl Sleutel Verwijderd : HKLM\Software\SP Global Sleutel Verwijderd : HKLM\Software\SProtector Sleutel Verwijderd : HKLM\Software\Tarma Installer Sleutel Verwijderd : HKLM\Software\V9 Sleutel Verwijderd : HKU\S-1-5-21-3091460872-3751063814-4196830348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page] Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] Waarde Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop] Waarde Verwijderd : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}] ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16576 Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=122254&tt=120613_ctrl&babsrc=HP_ss&mntrId=E4540017C458CE10 --> hxxp://www.google.com -\\ Google Chrome v27.0.1453.110 File : C:\Users\Bart\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [12072 octets] - [12/06/2013 15:23:53] ########## EOF - C:\AdwCleaner[s1].txt - [12133 octets] ########## Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:33:15, on 12-6-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16576) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe C:\Program Files\Livedrive\Livedrive.exe C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\program files\stardock\fences\Fences.exe C:\Program Files\Air Mouse\Air Mouse\Mobile Mouse Service.exe C:\Program Files\Microsoft Office\Office15\MsoSync.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\wuauclt.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: BrowserHelper Class - {EDF48A39-1442-463F-9F4E-F376A78D034A} - C:\Program Files\Livedrive\ExplorerExtensions.dll O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [b89371320B2EE11FC054C53F0A75C821DF3B361D._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe O4 - HKCU\..\Run: [Livedrive] "C:\Program Files\Livedrive\Livedrive.exe" /setup O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE O4 - Global Startup: Air Mouse.lnk = C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://navigram.com/engine/v1140/Navigram.cab O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Livedrive VSS Service (LivedriveVSSService) - Unknown owner - C:\Program Files\Livedrive\VSSService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 9274 bytes
  5. bart0
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:25:14, on 10-6-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16576) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe C:\Program Files\Livedrive\Livedrive.exe C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files\Air Mouse\Air Mouse\Mobile Mouse Service.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.16.16\bh\delta.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: BrowserHelper Class - {EDF48A39-1442-463F-9F4E-F376A78D034A} - C:\Program Files\Livedrive\ExplorerExtensions.dll O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.16.16\deltaTlbr.dll O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [NCInstallQueue] rundll32 netman.dll,ProcessQueue O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [b89371320B2EE11FC054C53F0A75C821DF3B361D._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe O4 - HKCU\..\Run: [Livedrive] "C:\Program Files\Livedrive\Livedrive.exe" /setup O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE O4 - Global Startup: Air Mouse.lnk = C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://navigram.com/engine/v1140/Navigram.cab O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Livedrive VSS Service (LivedriveVSSService) - Unknown owner - C:\Program Files\Livedrive\VSSService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 9857 bytes
  6. bart0
    Hallo, De laatste tijd is mijn computer erg sloom. Ik heb, naar mijn weten, maar één virusscan. De harde schijf zit nog lang niet vol. Een tijdje terug heb ik wel last gehad van malware, maar dat is dankzij jullie ook opgelost. Ik hoop dat u mij kunt helpen met het oplossen van mijn trage computer, want ik wordt er gek van... Alvast bedankt, Groetjes, Bart
  7. bart0
    Hallo Mako, Ik heb geen problemen meer. Echt heel erg bedankt voor al je hulp en geduld! Ik ben je er echt heel dankbaar voor! Bedankt! Groetjes, Bart
  8. bart0
    Hallo Mako, Ik ben erg blij dat het logje er goed uitzag Het programma dat je aangaf (Malware-bytes anti-malware), gebruikte ik de laatste tijd al als virus scanner. De eerste paar keer gaf hij wel enkele geïnfecteerde bestanden (ik gebruikte toen een volledige scan), die infecties heb ik inmiddels verwijderd, toen ik hem net scande (met een snelle scan) gaf hij geen geïnfecteerde bestanden meer aan. In de bijlage staan alle logbestanden (in totaal 4) van het programma. Groetjes, Bart P.S. Aangezien ik malware op mijn computer heb/had, is het dan verstandig om al mijn wachtwoorden te veranderen? En zijn er nog andere dingen die ik beter wel/niet kan doen? [ATTACH]25393[/ATTACH] [ATTACH]25394[/ATTACH] [ATTACH]25395[/ATTACH] [ATTACH]25396[/ATTACH] mbam-log-2013-04-10 (22-52-19).txt mbam-log-2013-04-14 (19-32-17).txt mbam-log-2013-04-19 (23-11-00).txt mbam-log-2013-04-22 (22-07-28).txt
  9. bart0
    hallo Mako, Bedankt voor je snelle reactie, ik heb het inmiddels uitgevoerd en het log-bestand staat in de bijlage. Groetjes, Bart[ATTACH]25380[/ATTACH] 21-4-2013-bestand-pc-helpforum.be.txt
  10. bart0
    Hallo Mako, Je schreef 'Kopieer nu onderstaande code uit bijgevoegd bestand in het grote invulvenster:', maar welke code bedoel je precies? Want er zit geen bijlage bij (of ik heb verkeerd gekeken) of bedoel je de code uit jouw bericht van 18 april? Groetjes, Bart
  11. bart0
    Hallo Mako, In de bijlage vindt je het logbestand. Ik moet wel even zeggen dat ik de code per ongeluk eerst in had gevuld zonder dat ik restore point aangevinkt had, ik hoop dat dit niet erg is. Verder kreeg ik bij het verwijderen van de opgegeven programma's de melding: Er is een foutopgetreden tijdens het verwijderen van BrowserProtect. Het is mogelijk aleerder verwijderd. Wilt uBrowserProtect uit de lijst met Programma's en onderdelen verwijderen? Nogmaals alvast heel erg bedankt voor je hulp! Groetjes, Bart 19-4-2013-bestand-pc-helpforum.be.txt
  12. bart0
    Hallo Mako, Hieronder is het bestand dat ik moest sturen. Ik hoop dat je mij weer verder kan helpen Moet ik het gedownloade programma, waarna de problemen ontstonden, al verwijderen of is dat (nog) niet nodig? Nogmaals heeeeeel erg bedankt!!! groetjes, Bart Zoek.exe Version 4.0.0.2 Updated 15-April-2013 Tool run by Bart on wo 17-04-2013 at 21:43:47,52. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3091460872-3751063814-4196830348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-3091460872-3751063814-4196830348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-3091460872-3751063814-4196830348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B036AE61-D84B-4457-96A2-84B0A925E900} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Prey\platform\windows\cronsvc.exe C:\Windows\system32\schtasks.exe C:\Windows\system32\conhost.exe C:\Program Files\Livedrive\VSSService.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe C:\Windows\System32\WUDFHost.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Livedrive\Livedrive.exe C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Air Mouse\Air Mouse\Mobile Mouse Service.exe C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Windows\system32\sppsvc.exe C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Bart\Desktop\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k LocalServicePeerNet ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrowserProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BrowserProtect deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- ==== Deleting Files \ Folders ====================== "C:\Users\Bart\AppData\Local\Google\Chrome\User Data\Default\bprotector web data" deleted "C:\Users\Bart\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.xpt" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul" not deleted "C:\ProgramData\MyaagniPPicc" deleted "C:\Program Files\Delta" deleted "C:\Program Files\Common Files\DVDVideoSoft\bin" deleted "C:\Program Files\Industriya" deleted "C:\Users\Bart\AppData\Roaming\Industriya" deleted "C:\Users\Bart\AppData\Roaming\BabSolution" deleted "C:\Users\Bart\AppData\Roaming\Babylon" deleted "C:\Users\Bart\AppData\Roaming\Delta" deleted "C:\Users\Bart\AppData\Roaming\OpenCandy" deleted "C:\ProgramData\BrowserProtect" not deleted "C:\ProgramData\CLSoft LTD" deleted "C:\ProgramData\InstallMate" deleted "C:\ProgramData\Premium" deleted "C:\ProgramData\Babylon" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyaagniPPicc" deleted "C:\Users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect" deleted "C:\Users\Bart\AppData\Local\PackageAware" deleted "C:\Windows\System32\searchplugins" deleted "C:\Windows\System32\Extensions" deleted "C:\ProgramData\BrowserProtect\2.6.1125.80" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components" not deleted "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Bart\AppData\Local\Temp ==== ====== C:\Windows\system32 ===== 2013-04-14 17:21:01 2E56BA5BC215B2AED2B790D42D8C1739 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-04-14 17:21:00 507183B4FCB535A7A973427D1F367CA8 420864 ----a-w- C:\Windows\System32\vbscript.dll 2013-04-14 17:21:00 4BE468D2EE9CC59CB8F666949CD37CD5 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2013-04-14 17:21:00 40169F9AE27BB73F2CB8C7D11A7A2AC2 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2013-04-14 17:20:59 FC5BBA40E667D20126D91BD6A790705B 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-04-14 17:20:59 C720BD3BDE2C9A1BFC4476F6D3A4B64D 176640 ----a-w- C:\Windows\System32\ieui.dll 2013-04-14 17:20:58 C5B6468422DB1C8AA36C32CBB0197E5E 1129472 ----a-w- C:\Windows\System32\wininet.dll 2013-04-14 17:20:58 9DE04A790F697432871E88BB77EEBCF5 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2013-04-14 17:20:58 26DB6CB9BC434ABA1169B3051E6AB4F2 717824 ----a-w- C:\Windows\System32\jscript.dll 2013-04-14 17:20:57 7E6052699CAF18ADEDD846D44ECCE81F 1800704 ----a-w- C:\Windows\System32\jscript9.dll 2013-04-14 17:20:57 69EDE878C3891E7796D46B7E552330B1 231936 ----a-w- C:\Windows\System32\url.dll 2013-04-14 17:20:56 9BDDA34DC4890169DE5BA21134B33EFB 1796096 ----a-w- C:\Windows\System32\iertutil.dll 2013-04-14 17:20:55 4E7F83E1F6AEFA38E270EA7353D6911E 1104384 ----a-w- C:\Windows\System32\urlmon.dll 2013-04-14 17:20:54 CA78BA218B423C7F22B14906308B8B02 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-04-14 17:20:53 658EBC74BD38D16805648C4775F7FA82 12324352 ----a-w- C:\Windows\System32\mshtml.dll 2013-04-14 17:20:52 DFE118C95C6571B87D1923DAB3FA0A77 9738752 ----a-w- C:\Windows\System32\ieframe.dll 2013-04-10 19:50:48 6FCC2090F055F5C96236DCD057DD705D 2347008 ----a-w- C:\Windows\System32\win32k.sys 2013-04-10 19:50:43 80A652978002318C9723D43CFA618816 3916632 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-04-10 19:50:43 3DFCBEEE97DF8BBAA749CAACFC9C43E1 3972440 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2013-04-10 19:50:42 47C2D6C4F7080A9D67259E83A617B08D 97792 ----a-w- C:\Windows\System32\appidpolicyconverter.exe 2013-04-10 19:50:42 0106C36DFF51A161DB4C34C4C14ECC41 29696 ----a-w- C:\Windows\System32\appidsvc.dll 2013-04-10 19:50:41 DE91DCC7BC55E940979097E98F743205 69632 ----a-w- C:\Windows\System32\smss.exe 2013-04-10 19:50:41 5B7C7A3C706A90FBCCC319ABEFF14F3A 16896 ----a-w- C:\Windows\System32\appidcertstorecheck.exe 2013-04-10 19:50:41 23AB7E36551C6BA5370EF7F05142F0EB 38912 ----a-w- C:\Windows\System32\csrsrv.dll 2013-04-10 19:50:41 0624CB85816C748DA16DB347FCF3352F 50688 ----a-w- C:\Windows\System32\appidapi.dll 2013-04-10 19:50:34 0B7E6782CCC28D1068E267554B566A60 3218432 ----a-w- C:\Windows\System32\mstscax.dll 2013-04-10 19:50:33 3E675B1FB08210BE724E79D7D1DA4D79 131584 ----a-w- C:\Windows\System32\aaclient.dll 2013-04-10 19:50:33 162F39D5C94A807296EC4B46D0C7A9CB 36864 ----a-w- C:\Windows\System32\tsgqec.dll 2013-04-10 19:50:33 064C778BFF3A323645F73FB09625905A 223744 ----a-w- C:\Windows\System32\wksprt.exe 2013-04-10 19:50:33 04FF24D66412FC1072F8D0B7CB83BCF5 1051136 ----a-w- C:\Windows\System32\mstsc.exe 2013-04-09 15:31:23 0FECB3FB879F3ED7AB5BB878D947E87A 225280 ----a-w- C:\Windows\System32\rewire.dll 2013-04-09 15:31:07 9033DAF3277F0498BC86C8D4566C25CE 1554944 ----a-w- C:\Windows\System32\vorbis.acm ====== C:\Windows\system32\drivers ===== 2013-04-10 20:47:38 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-04-10 19:50:46 E306A24D9694C724FA2491278BF50FDB 196328 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2013-04-10 19:50:42 8FF93E6F3894067000986599E96012CF 50176 ----a-w- C:\Windows\System32\drivers\appid.sys 2013-04-10 19:50:16 BDC9CE1B497B6C266ED70E3D34184F40 1213272 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-03-26 15:39:12 FE8A57C8E04EDD3AA8ADD8F3C8F65297 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-04-10 20:48:25 -------- d-----w- C:\Program Files\Trend Micro 2013-04-09 16:07:05 -------- d-----w- C:\Program Files\ASIO4ALL v2 2013-04-09 15:31:23 -------- d-----w- C:\Program Files\VstPlugins 2013-04-09 15:31:02 -------- d-----w- C:\Program Files\Outsim 2013-04-09 15:25:47 -------- d-----w- C:\Program Files\Image-Line 2013-04-09 15:16:40 -------- d-----w- C:\Program Files\Plugin 2013-04-09 15:16:20 -------- d-----w- C:\Program Files\MagniPic 2013-04-02 14:16:50 -------- d-----w- C:\Program Files\Spotydl ======= C: ===== ====== C:\Users\Bart\AppData\Roaming ====== 2013-04-09 16:07:05 -------- d-----w- C:\users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 2013-04-02 14:18:43 -------- d-----w- C:\users\Bart\AppData\Local\Bundled software uninstaller 2013-04-02 14:17:05 -------- d-----w- C:\users\Bart\AppData\Roaming\Spotydl 2013-03-20 16:11:27 -------- d-----w- C:\users\Bart\AppData\Local\Spotify 2013-03-20 16:11:02 -------- d-----w- C:\users\Bart\AppData\Roaming\Spotify ====== C:\Users\Bart ====== 2013-04-16 16:58:19 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Bart\11782303.cvr 2013-04-09 15:31:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line 2013-04-02 14:18:42 -------- d-----w- C:\ProgramData\BrowserProtect 2013-04-02 14:17:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl ====== C: exe-files == 2013-04-16 15:58:43 F456E0CEE6A1BEE196C42A0B48FD11E2 77128 ----a-w- C:\Users\Bart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0WKUILP\SetupAdmin[1].exe 2013-04-16 15:58:43 F456E0CEE6A1BEE196C42A0B48FD11E2 77128 ----a-w- C:\ProgramData\Apple\Installer Cache\iCloud Control Panel 2.1.2.8\SetupAdmin.exe 2013-04-14 17:20:56 32732CEDE2A1106B736EF3D84054EE04 757376 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-04-10 20:52:10 6EEB1CA09DC0E82774BEBB01A921164B 245984 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\WSCTool.exe 2013-04-10 20:52:09 F3C17AF5E896B57EBE35F01AEE3A9F7E 159464 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\InstallSettingMigrate.exe 2013-04-10 20:52:09 B2A167A07D0662236D8EF62382906B9C 497304 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\InstallUCWrapper.exe 2013-04-10 20:52:09 6A942B9FC6157B7CCFAAF38CC0D0FC44 2223584 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\TisEzIns.exe 2013-04-10 20:52:09 62599DCCB5EE66F5F94E76DE34CE420A 295424 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\TiPatch.exe 2013-04-10 20:52:09 08202704062E8DD8ED5E60545408A1B4 316024 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\TiPreAU.exe 2013-04-10 20:52:04 9124DDBBC48BD623029A76C09B67D23B 192424 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\TMSToolEx.exe 2013-04-10 20:52:04 6EEB1CA09DC0E82774BEBB01A921164B 245984 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\WSCTool.exe 2013-04-10 20:52:03 B78FF5B2E79EC5CE238596383D2B6D11 3492544 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\SupportTool.exe 2013-04-10 20:51:59 6E5C18D0C98333DC16B29AD26C60F49E 1959904 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\setup.exe 2013-04-10 20:51:16 A4BB970D51FF548864AEBB850C830EDB 217144 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c11t1103v0.0.0l1p1r1o1\WSCStatusController.exe 2013-04-10 20:51:16 6EEB1CA09DC0E82774BEBB01A921164B 245984 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCTool.exe 2013-04-10 20:51:15 9AAE82DBDBE99EDECE53E1B9E48721E8 625024 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCHandler.exe 2013-04-10 20:51:15 7F9454A776CA6BFB655D8F49CA6110F6 133456 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiWatchDog.exe 2013-04-10 20:51:15 41B63501ADA84FFFCCC0DB7E2B80B7F3 479536 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiUpdateTray.exe 2013-04-10 20:51:15 102596AFB271F540E0C77C3634775FE6 1374864 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1725v0.0.0l1p1r1o1\uiWinMgr.exe 2013-04-10 20:51:14 FC1BD22EA4A0E04D5430D0C34AD245E3 122384 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLImp.exe 2013-04-10 20:51:14 F26C4F4B9128AFE6522D07160D1D9BA9 241864 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1703v0.0.0l1p1r1o1\UfIfAvIm.exe 2013-04-10 20:51:14 780AEC23F2A36521CC0C33F4FCCBBFEB 40056 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLMMon.exe 2013-04-10 20:51:14 6C15AA98FDD8731CE9560A36F5771986 1035736 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiSeAgnt.exe 2013-04-10 20:51:14 40102E21AF66C3617BF9CDAFE3D42B7B 324264 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLM.exe 2013-04-10 20:51:14 2E088D9D545AFD4A4FECA1D08D7E3E13 39984 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLSentry.exe 2013-04-10 20:51:14 2989E0FD82B9BD0B6BFB7B09C20E245A 192424 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1783v0.0.0l1p1r1o1\plugin\Win8Cpnt\TmToastNotificationCaller.exe 2013-04-10 20:51:13 F176291A59D0518A850D607E4A8880EF 381944 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OE.exe 2013-04-10 20:51:13 85A2488E78A4EADF0AFA8F8174BEC489 122384 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEImp.exe 2013-04-10 20:51:13 53E46968985308CA81601CD8185E8801 68824 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEMon.exe 2013-04-10 20:51:13 43E2B963DF6BBF43CFE4A2D48D329472 340744 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OL.exe 2013-04-10 20:51:12 F746894E3C713B8C9F8E647292F1E111 167704 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiMiniService.exe 2013-04-10 20:51:12 6F335706463254CC016590C39ABD4BEB 262464 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiResumeSrv.exe 2013-04-10 20:51:12 63B272259EE49FECADDB8019FF74D0C8 1016424 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\Remove.exe 2013-04-10 20:51:12 310DE5B33C3EFD7443D8CCE27FE2E449 303664 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\ShorcutLauncher.exe 2013-04-10 20:51:11 63DC34F8620723A713B3FFE6FD9A6470 112824 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\OEMConsole.exe 2013-04-10 20:51:11 60B028274D438E982AE5EE8303CFF574 68824 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\PackageRemover.exe 2013-04-10 20:48:33 783CF19637B70F3B7BF4BA201A305CBC 67120 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1094\TmExtIns.exe 2013-04-10 20:48:33 783CF19637B70F3B7BF4BA201A305CBC 67120 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959569l1p1r1o1\6.8.1093\TmExtIns.exe 2013-04-10 20:48:33 6936B0F88764C7996582F57B42305C72 188304 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\utilRollback.exe 2013-04-10 20:48:33 413DBD496EF19DBD588C79887B7156C3 71216 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959829l1p1r1o1\1.0.1170\TmopExtIns.exe 2013-04-10 20:48:32 F52603B708438E39FF38475807A01CBC 221264 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\coreServiceShell.exe 2013-04-10 20:48:32 8A199030ABA071199C11BB9544D64690 26128 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959570l-1p1r-1o-1\1.6.1018\DREBoot.exe 2013-04-10 20:48:32 533DFD7D7320EF9FDB20FDE5C8B6A408 121360 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tdiins.exe 2013-04-10 20:46:41 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Bart\Downloads\mbam-setup-1.75.0.1300.exe 2013-04-10 20:45:22 7F0BB7B4AB781BDF7912AF3BB394A072 6160960 ----a-w- C:\Users\Bart\Downloads\Ti_60_PR_SIA_EWEB.exe 2013-04-10 19:54:18 AA964645D3A987CA87186A36DFFBF28D 5677408 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\26.0.1410.64\26.0.1410.64_26.0.1410.43_chrome_updater.exe === C: other files == 2013-04-10 20:52:01 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_systeminfo.bat 2013-04-10 20:52:01 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\ForceRemove.bat 2013-04-10 20:52:01 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\mk_debug_dir.bat 2013-04-10 20:52:00 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_processes_list.bat 2013-04-10 20:52:00 6CC6C743FAFAC589BBFEBB86DB6ADC7B 3477 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\AMSPForceRemove.bat 2013-04-10 20:52:00 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_registry.bat 2013-04-10 20:52:00 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_copy_config.bat 2013-04-10 20:52:00 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_ipconfig.bat 2013-04-10 20:52:00 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_folder_tree.bat 2013-04-10 20:50:44 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_processes_list.bat 2013-04-10 20:50:44 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_systeminfo.bat 2013-04-10 20:50:44 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_registry.bat 2013-04-10 20:50:44 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_copy_config.bat 2013-04-10 20:50:44 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_ipconfig.bat 2013-04-10 20:50:44 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_folder_tree.bat 2013-04-10 20:50:44 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\ForceRemove.bat 2013-04-10 20:50:44 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\mk_debug_dir.bat 2013-04-10 20:50:43 6CC6C743FAFAC589BBFEBB86DB6ADC7B 3477 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\AMSPForceRemove.bat 2013-04-10 20:49:05 4EA7AD2C5B743F48ECFF282BBC62D076 152176 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959553l1p1r1o1\7.5.1107\chrome_tmbep.crx 2013-04-10 20:49:04 9BCCA50CD9F8DD5AFF4C5108F04FA7BE 56632 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959831l1p1r1o1\1.0.1169\tmusa.sys 2013-04-10 20:49:04 63828FBD740F178DE2E2D42C3136FDEE 75624 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\5.50.1043\tmevtmgr.sys 2013-04-10 20:49:04 43C1B7C778B296D492AF6D2ABB2ECF7F 92304 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tmtdi.sys 2013-04-10 20:49:04 211EA740D2EB1A26AE098D1DD1518098 28056 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959815l1p1r1o1\1.0.1014\tmel.sys 2013-04-10 20:49:04 0C40396F071A8092964C8DC951F62B17 171064 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959587l1p1r1o1\1.5.1012\tmnciesc.sys 2013-04-10 20:49:03 D0B08F941C0B06846533C6A38DD09B22 94200 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\5.50.1043\tmactmon.sys 2013-04-10 20:49:03 B966E2400AB813527F656759C9C03A89 38328 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959843l1p1r1o1\1.0.1023\TMEBC32.sys 2013-04-10 20:49:03 7AC66D3A5BA87C6CD16B457A3786DF64 90808 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959624l1p1r1o1\1.5.1104\tmeext.sys 2013-04-10 20:49:03 2A61B4210D92D17F0E3E13CC6B908662 84792 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959618l1p1r1o1\1.5.1104\tmeevw.sys 2013-04-10 20:49:03 0C9ACEF23B537D6E8B1373C98D066B1C 257928 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\5.50.1043\tmcomm.sys 2013-04-10 20:48:27 83729C698248980FA0A016DE7E0D5CE2 91 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\CollectICRCPerfmon.bat 2013-04-10 20:48:27 0FAA7EB13610A9BAA9C643019694FF12 159 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\AMSP_systeminfo.bat 2013-04-10 20:48:26 E8213D15469B2457C4178CBE9F8AF38A 170 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\AMSP_copy_config.bat 2013-04-10 20:48:26 D94DA6C34EB7385F346FCA15EC85F212 245 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\AMSP_registry.bat 2013-04-10 20:48:26 B113F6999C5139FEA922611AB5940529 20 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\AMSP_ipconfig.bat 2013-04-10 20:48:26 592F188323683FC4F2497C9BCDB31E04 60 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\AMSP_processes_list.bat 2013-04-10 20:47:38 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3091460872-3751063814-4196830348-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Livedrive"="C:\Program Files\Livedrive\Livedrive.exe /setup" "iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "com.apple.dav.bookmarks.daemon"="C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe" "Spotify"="C:\Users\Bart\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "B89371320B2EE11FC054C53F0A75C821DF3B361D._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IJNetworkScanUtility"="C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RIMBBLaunchAgent.exe"="C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Livedrive"="C:\Program Files\Livedrive\Livedrive.exe /setup" "iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "com.apple.dav.bookmarks.daemon"="C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe" "Spotify"="C:\Users\Bart\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "B89371320B2EE11FC054C53F0A75C821DF3B361D._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service" ==== Startup Folders ====================== 2012-12-02 20:34:58 1162 ----a-w- C:\users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk 2012-12-14 23:48:48 1995 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13-03-2013 18:57] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [02-12-2012 21:31] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undertermined Task] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions pgafcinpmmpklohkojmllohd****efph - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx[04-03-2013 14:32] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[01-12-2012 12:22] Google Search - Bart - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail - Bart - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://searchou.com/?id=e4547e760000000000000017c458ce10" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{B036AE61-D84B-4457-96A2-84B0A925E900}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B036AE61-D84B-4457-96A2-84B0A925E900}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Delta Search Url="http://www.delta-search.com/?q={searchTerms}&affID=119816&tt=190313_wo1&babsrc=SP_ss&mntrId=E4540017C458CE10" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully ==== Uninstall List x86 ====================== Aangifte inkomstenbelasting 2012 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Aangifte inkomstenbelasting 2012] Adobe Flash Player 11 ActiveX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] Apple Application Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}] Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}] Apple Software Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}] ASIO4ALL [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ASIO4ALL] BlackBerry Desktop Software 7.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7A3E6E1C-CF5A-4CE9-B8D6-A2F9B7BA18FC}] BlackBerry Desktop Software 7.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BlackBerry_Desktop] Bonjour [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79155F2B-9895-49D7-8612-D92580E0DE5B}] BrowserProtect [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] Bundled software uninstaller [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller] Canon IJ Network Scan Utility [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Canon_IJ_Network_Scan_UTILITY] Canon IJ Network Tool [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Canon_IJ_Network_UTILITY] Canon MP Navigator EX 2.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MP Navigator EX 2.0] Canon MP980 series MP Drivers [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP980_series] Canon My Printer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CanonMyPrinter] Delta Chrome Toolbar [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar] Delta toolbar [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\delta] Fences [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{10CD364B-FFCC-48BE-B469-B9622A033075}] Fences [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Fences] Free Studio version 5.8.0.1201 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Free Studio_is1] Google Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google SketchUp 8 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13FE3480-9E41-48C0-930F-BFC0767CC340}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] iCloud [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{925F1DB6-E86E-4378-9091-D1F68B0583C9}] Intel® Graphics Media Accelerator Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] iTunes [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{47C6C88F-FA95-49C8-B57D-5C5F093738E1}] Java 7 Update 17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217017FF}] Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] KeePass Password Safe 1.25 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\KeePass Password Safe_is1] Livedrive [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4975D666-729A-46A5-8C80-1F022AD43543}] MagniPic [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E711FC96-C539-4F89-AD62-8D1B3CF2DE60}] Malwarebytes Anti-Malware versie 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1] Microsoft .NET Framework 4.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033] Microsoft .NET Framework 4.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9F612429-4A00-3D44-88CF-146DA2EE1F92}] Microsoft .NET Framework 4.5 NLD Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{679E0B0A-BB5B-33DD-A697-59EEBF7D01DD}] Microsoft Office Professional Plus 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Office15.PROPLUS] Microsoft Office Professional Plus 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Office15.PROPLUSR] Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] Microsoft Visual Studio 2010 Tools for Office Runtime (x86) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0FE0292-D3BE-3447-80F2-72E032A54875}] Microsoft Visual Studio 2010 Tools for Office Runtime (x86) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)] Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B8CA0ED6-DE91-3F49-B66E-E44306B8E453}] Mobile Mouse Server [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{895FE43E-71C2-4FEA-94EF-B88D111495FC}] Nitro Reader 3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2D7C68BA-90B9-46E6-851F-EA9149FEB744}] Plugin 7 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F16247B8-CD07-40C4-8C96-FC2568G29E8F}}_is1] QuickTime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}] Safari [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C779648B-410E-4BBA-B75B-5815BCEFE71D}] Spotify [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spotify] Spotydl 0.9.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spotydl_is1] System Requirements Lab for Intel [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}] Taalpakket voor Microsoft .NET Framework 4.5 - NLD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043] Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD] Teach2000 versie 8.53 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Teach2000.7 XP - The Troolean Edition_is1] toolbar on IE and Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\privitize] ==== Empty IE Cache ====================== C:\Users\Bart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Bart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\users\Bart\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\Bart\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Bart\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.xpt" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js" not found "C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul" not found "C:\Users\Bart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\ProgramData\BrowserProtect" not found
  13. bart0
    geen probleem, ik wacht geduldig af. Ben al heel blij als jullie mij willen helpen.
  14. bart0
    Hallo, ik heb denk ik drie weken geleden een programma gedownload waarmee je muziek kon downloaden. Toen ik het programma downloadde was er niks aan de hand en enkele dagen later ook nog niet, maar nu, ongeveer een week of twee geleden begon het. In mijn standaard browser (google chrome), startte naast de door mij ingestelde opstartpagina's, nog een andere site op (http://www.delta-search.com/) Later gaf google chrome aan dat deze site een malware site was en of je door wilde gaan, dit deed ik uiteraard niet. 2 dagen later kwam er naast de door mij niet ingestelde opstartsite nog een andere site bij. Weer wat later (nu dus) is de eerste site (die werd gedecteerd door google weer verdwenen en wordt dus ook niet meer opgestart) en is er nog maar een site die verschijnt bij het opstarten (http://searchou.com/?id=e4547e760000000000000017c458ce10) Ik heb het programma nog niet verwijderd, want weet niet of het dan nog mogelijk is om andere verborgen bestanden te verwijderen. Ik ben bang dat ik malware op mijn computer heb en ik hoop dat jullie mij kunnen helpen met het verwijderen ervan. Alvast super bedankt!!! P.s. Ik zag dat andere allemaal een hijack-bestand moesten sturen, dus die heb ik er alvast bij gezet: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:56:04, on 16-4-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16476) Boot mode: Normal Running processes: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Livedrive\Livedrive.exe C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE C:\Program Files\Air Mouse\Air Mouse\Mobile Mouse Service.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Bart\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: privitize Helper Object - {1ACB5ABE-4890-4747-952C-F13BDB93FB75} - C:\Program Files\Industriya\privitize\1.8.16.22\bh\privitize.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.10.0\bh\delta.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: BrowserHelper Class - {EDF48A39-1442-463F-9F4E-F376A78D034A} - C:\Program Files\Livedrive\LivedriveExplorerExtensions.dll O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.10.0\deltaTlbr.dll O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [NCInstallQueue] rundll32 netman.dll,ProcessQueue O4 - HKCU\..\Run: [Livedrive] "C:\Program Files\Livedrive\Livedrive.exe" /setup O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe O4 - HKCU\..\Run: [spotify] "C:\Users\Bart\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [b89371320B2EE11FC054C53F0A75C821DF3B361D._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE O4 - Global Startup: Air Mouse.lnk = C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://navigram.com/engine/v1140/Navigram.cab O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll c:\progra~1\magnipic\sprote~1.dll O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Livedrive VSS Service (LivedriveVSSService) - Unknown owner - C:\Program Files\Livedrive\VSSService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe -- End of file - 10324 bytes
  15. bart0
    Ik weet echt niet hoe ik jullie moet bedanken. Ik ben echt heel erg blij dat text enhange nu weg is, want ik vond het echt heel irritant. Bedankt!
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.