bart0
-
Items
18 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door bart0
-
-
Eigenschappen Mac:
- OS X El Capitan (versie 10.11.1)
- MacBook Pro (Retina, 15-inch, eind 2013)
- Processor 2 GHz Intel Core i7
- Geheugen 16 GB 1600 MHz DDR3
- Opstartschijf Macintosh HD
- Videokaart Intel Iris Pro 1536 MB
Geheugen:
MacinTosh 249,78 GB
- Programma's: 21,08 GB
- Foto's 102,41 GB
- Audio 2,96 GB
- Films 40,73 GB
- Overig 82,6 GB
- Nog beschikbaar 0 GB
Iedere keer als ik de computer opruim is hij nog geen week later weer vol, terwijl er helemaal niet veel of niks aan bestanden bijgekomen is. Ook wanneer ik het geheugen 'schoonmaak' met het programma 'Onyx', is er zo weer 2 GB vrij, maar dat is twee dagen later ook weer helemaal vol. Hoe kan dit; en belangrijker nog; hoe kan ik het voorkomen?
-
Hij gedraagt zich goed
Bedankt!
-
Hee,
Hieronder staan de 2 logbestanden.
De bestanden van hijackthis die ik moest verwijderen heb ik verwijderd, maar de laatste die je me had gegeven werd niet meteen verwijderd. Na een paar keer was hij wel verwijderd.
Bedankt alvast
Groetjes,
Bart
# AdwCleaner v2.303 - Verslag gemaakt op 12/06/2013 om 15:23:53
# Geactualiseerd op 08/06/2013 door Xplode
# Besturingssysteem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Gebruiker : Bart - BART-LAPTOP-3
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Bart\Desktop\adwcleaner.exe
# Optie [Verwijderen]
***** [Diensten] *****
Gestopt & Verwijdert : BrowserDefendert
Gestopt & Verwijdert : eSafeSvc
Gestopt & Verwijdert : WebCake Desktop Updater
***** [Files / Mappen] *****
File Verwijderd : C:\Users\Bart\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Verwijderd : C:\Users\Bart\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Verwijderd : C:\Users\Bart\AppData\Roaming\BabMaint.exe
Map Verwijderd : C:\Program Files\Common Files\DVDVideoSoft\TB
Map Verwijderd : C:\Program Files\Conduit
Map Verwijderd : C:\Program Files\DealPly
Map Verwijderd : C:\Program Files\Delta
Map Verwijderd : C:\Program Files\Desk 365
Map Verwijderd : C:\Program Files\WebCake
Map Verwijderd : C:\ProgramData\Babylon
Map Verwijderd : C:\ProgramData\eSafe
Map Verwijderd : C:\ProgramData\Tarma Installer
Map Verwijderd : C:\Users\Bart\AppData\Local\Bundled software uninstaller
Map Verwijderd : C:\Users\Bart\AppData\Local\Conduit
Map Verwijderd : C:\Users\Bart\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Map Verwijderd : C:\Users\Bart\AppData\LocalLow\Conduit
Map Verwijderd : C:\Users\Bart\AppData\LocalLow\Delta
Map Verwijderd : C:\Users\Bart\AppData\Roaming\BabSolution
Map Verwijderd : C:\Users\Bart\AppData\Roaming\Babylon
Map Verwijderd : C:\Users\Bart\AppData\Roaming\DealPly
Map Verwijderd : C:\Users\Bart\AppData\Roaming\Delta
Map Verwijderd : C:\Users\Bart\AppData\Roaming\dvdvideosoftiehelpers
Map Verwijderd : C:\Users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Map Verwijderd : C:\Users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Map Verwijderd : C:\Users\Bart\AppData\Roaming\WebCake
Verwijderd bij het opstarten : C:\ProgramData\BrowserDefender
***** [Register] *****
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar
Sleutel Verwijderd : HKCU\Software\AppDataLow\SProtector
Sleutel Verwijderd : HKCU\Software\BabSolution
Sleutel Verwijderd : HKCU\Software\BI
Sleutel Verwijderd : HKCU\Software\Conduit
Sleutel Verwijderd : HKCU\Software\DataMngr
Sleutel Verwijderd : HKCU\Software\DataMngr_Toolbar
Sleutel Verwijderd : HKCU\Software\DealPly
Sleutel Verwijderd : HKCU\Software\Delta
Sleutel Verwijderd : HKCU\Software\e2dbddb369eb47
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Sleutel Verwijderd : HKCU\Software\PrivitizeVPNInstallDates
Sleutel Verwijderd : HKCU\Software\StartSearch
Sleutel Verwijderd : HKLM\Software\Babylon
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\delta.deltaappCore
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\escort.escortIEPane
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2865317
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Sleutel Verwijderd : HKLM\Software\Conduit
Sleutel Verwijderd : HKLM\Software\DataMngr
Sleutel Verwijderd : HKLM\Software\DealPly
Sleutel Verwijderd : HKLM\Software\Delta
Sleutel Verwijderd : HKLM\Software\Desksvc
Sleutel Verwijderd : HKLM\SOFTWARE\e2dbddb369eb47
Sleutel Verwijderd : HKLM\Software\eSafeSecControl
Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eSafeSecControl
Sleutel Verwijderd : HKLM\Software\SP Global
Sleutel Verwijderd : HKLM\Software\SProtector
Sleutel Verwijderd : HKLM\Software\Tarma Installer
Sleutel Verwijderd : HKLM\Software\V9
Sleutel Verwijderd : HKU\S-1-5-21-3091460872-3751063814-4196830348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Waarde Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Waarde Verwijderd : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]
***** [browsers] *****
-\\ Internet Explorer v10.0.9200.16576
Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=122254&tt=120613_ctrl&babsrc=HP_ss&mntrId=E4540017C458CE10 --> hxxp://www.google.com
-\\ Google Chrome v27.0.1453.110
File : C:\Users\Bart\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] De file bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner[s1].txt - [12072 octets] - [12/06/2013 15:23:53]
########## EOF - C:\AdwCleaner[s1].txt - [12133 octets] ##########
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:33:15, on 12-6-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Program Files\Livedrive\Livedrive.exe
C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\program files\stardock\fences\Fences.exe
C:\Program Files\Air Mouse\Air Mouse\Mobile Mouse Service.exe
C:\Program Files\Microsoft Office\Office15\MsoSync.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\wuauclt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: BrowserHelper Class - {EDF48A39-1442-463F-9F4E-F376A78D034A} - C:\Program Files\Livedrive\ExplorerExtensions.dll
O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [b89371320B2EE11FC054C53F0A75C821DF3B361D._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
O4 - HKCU\..\Run: [Livedrive] "C:\Program Files\Livedrive\Livedrive.exe" /setup
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
O4 - Global Startup: Air Mouse.lnk = C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://navigram.com/engine/v1140/Navigram.cab
O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Livedrive VSS Service (LivedriveVSSService) - Unknown owner - C:\Program Files\Livedrive\VSSService.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 9274 bytes
-
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:25:14, on 10-6-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Program Files\Livedrive\Livedrive.exe
C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Air Mouse\Air Mouse\Mobile Mouse Service.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.16.16\bh\delta.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: BrowserHelper Class - {EDF48A39-1442-463F-9F4E-F376A78D034A} - C:\Program Files\Livedrive\ExplorerExtensions.dll
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.16.16\deltaTlbr.dll
O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [NCInstallQueue] rundll32 netman.dll,ProcessQueue
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [b89371320B2EE11FC054C53F0A75C821DF3B361D._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
O4 - HKCU\..\Run: [Livedrive] "C:\Program Files\Livedrive\Livedrive.exe" /setup
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
O4 - Global Startup: Air Mouse.lnk = C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://navigram.com/engine/v1140/Navigram.cab
O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Livedrive VSS Service (LivedriveVSSService) - Unknown owner - C:\Program Files\Livedrive\VSSService.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 9857 bytes
-
Hallo,
De laatste tijd is mijn computer erg sloom. Ik heb, naar mijn weten, maar één virusscan. De harde schijf zit nog lang niet vol. Een tijdje terug heb ik wel last gehad van malware, maar dat is dankzij jullie ook opgelost. Ik hoop dat u mij kunt helpen met het oplossen van mijn trage computer, want ik wordt er gek van...
Alvast bedankt,
Groetjes,
Bart
-
Hallo Mako,
Ik heb geen problemen meer.
Echt heel erg bedankt voor al je hulp en geduld!
Ik ben je er echt heel dankbaar voor!
Bedankt!
Groetjes,
Bart
-
Hallo Mako,
Ik ben erg blij dat het logje er goed uitzag
Het programma dat je aangaf (Malware-bytes anti-malware), gebruikte ik de laatste tijd al als virus scanner. De eerste paar keer gaf hij wel enkele geïnfecteerde bestanden (ik gebruikte toen een volledige scan), die infecties heb ik inmiddels verwijderd, toen ik hem net scande (met een snelle scan) gaf hij geen geïnfecteerde bestanden meer aan.
In de bijlage staan alle logbestanden (in totaal 4) van het programma.
Groetjes,
Bart
P.S. Aangezien ik malware op mijn computer heb/had, is het dan verstandig om al mijn wachtwoorden te veranderen? En zijn er nog andere dingen die ik beter wel/niet kan doen?
[ATTACH]25393[/ATTACH]
[ATTACH]25394[/ATTACH]
[ATTACH]25395[/ATTACH]
[ATTACH]25396[/ATTACH]
mbam-log-2013-04-10 (22-52-19).txt
mbam-log-2013-04-14 (19-32-17).txt
-
hallo Mako,
Bedankt voor je snelle reactie, ik heb het inmiddels uitgevoerd en het log-bestand staat in de bijlage.
Groetjes,
Bart[ATTACH]25380[/ATTACH]
-
Hallo Mako,
Je schreef 'Kopieer nu onderstaande code uit bijgevoegd bestand in het grote invulvenster:', maar welke code bedoel je precies? Want er zit geen bijlage bij (of ik heb verkeerd gekeken) of bedoel je de code uit jouw bericht van 18 april?
Groetjes,
Bart
-
Hallo Mako,
In de bijlage vindt je het logbestand. Ik moet wel even zeggen dat ik de code per ongeluk eerst in had gevuld zonder dat ik restore point aangevinkt had, ik hoop dat dit niet erg is.
Verder kreeg ik bij het verwijderen van de opgegeven programma's de melding:
Er is een foutopgetreden tijdens het verwijderen van BrowserProtect. Het is mogelijk aleerder verwijderd.
Wilt uBrowserProtect uit de lijst met Programma's en onderdelen verwijderen?
Nogmaals alvast heel erg bedankt voor je hulp!
Groetjes,
Bart
-
Hallo Mako,
Hieronder is het bestand dat ik moest sturen.
Ik hoop dat je mij weer verder kan helpen
Moet ik het gedownloade programma, waarna de problemen ontstonden, al verwijderen of is dat (nog) niet nodig?
Nogmaals heeeeeel erg bedankt!!!
groetjes,
Bart
Zoek.exe Version 4.0.0.2 Updated 15-April-2013
Tool run by Bart on wo 17-04-2013 at 21:43:47,52.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3091460872-3751063814-4196830348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-3091460872-3751063814-4196830348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-3091460872-3751063814-4196830348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B036AE61-D84B-4457-96A2-84B0A925E900} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Prey\platform\windows\cronsvc.exe
C:\Windows\system32\schtasks.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Livedrive\VSSService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Livedrive\Livedrive.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Air Mouse\Air Mouse\Mobile Mouse Service.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Bart\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrowserProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BrowserProtect deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"bProtector Start Page"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"bProtectorDefaultScope"=-
==== Deleting Files \ Folders ======================
"C:\Users\Bart\AppData\Local\Google\Chrome\User Data\Default\bprotector web data" deleted
"C:\Users\Bart\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.xpt" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul" not deleted
"C:\ProgramData\MyaagniPPicc" deleted
"C:\Program Files\Delta" deleted
"C:\Program Files\Common Files\DVDVideoSoft\bin" deleted
"C:\Program Files\Industriya" deleted
"C:\Users\Bart\AppData\Roaming\Industriya" deleted
"C:\Users\Bart\AppData\Roaming\BabSolution" deleted
"C:\Users\Bart\AppData\Roaming\Babylon" deleted
"C:\Users\Bart\AppData\Roaming\Delta" deleted
"C:\Users\Bart\AppData\Roaming\OpenCandy" deleted
"C:\ProgramData\BrowserProtect" not deleted
"C:\ProgramData\CLSoft LTD" deleted
"C:\ProgramData\InstallMate" deleted
"C:\ProgramData\Premium" deleted
"C:\ProgramData\Babylon" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyaagniPPicc" deleted
"C:\Users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect" deleted
"C:\Users\Bart\AppData\Local\PackageAware" deleted
"C:\Windows\System32\searchplugins" deleted
"C:\Windows\System32\Extensions" deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components" not deleted
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content" not deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Bart\AppData\Local\Temp ====
====== C:\Windows\system32 =====
2013-04-14 17:21:01 2E56BA5BC215B2AED2B790D42D8C1739 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-04-14 17:21:00 507183B4FCB535A7A973427D1F367CA8 420864 ----a-w- C:\Windows\System32\vbscript.dll
2013-04-14 17:21:00 4BE468D2EE9CC59CB8F666949CD37CD5 65024 ----a-w- C:\Windows\System32\jsproxy.dll
2013-04-14 17:21:00 40169F9AE27BB73F2CB8C7D11A7A2AC2 73216 ----a-w- C:\Windows\System32\mshtmled.dll
2013-04-14 17:20:59 FC5BBA40E667D20126D91BD6A790705B 142848 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-04-14 17:20:59 C720BD3BDE2C9A1BFC4476F6D3A4B64D 176640 ----a-w- C:\Windows\System32\ieui.dll
2013-04-14 17:20:58 C5B6468422DB1C8AA36C32CBB0197E5E 1129472 ----a-w- C:\Windows\System32\wininet.dll
2013-04-14 17:20:58 9DE04A790F697432871E88BB77EEBCF5 607744 ----a-w- C:\Windows\System32\msfeeds.dll
2013-04-14 17:20:58 26DB6CB9BC434ABA1169B3051E6AB4F2 717824 ----a-w- C:\Windows\System32\jscript.dll
2013-04-14 17:20:57 7E6052699CAF18ADEDD846D44ECCE81F 1800704 ----a-w- C:\Windows\System32\jscript9.dll
2013-04-14 17:20:57 69EDE878C3891E7796D46B7E552330B1 231936 ----a-w- C:\Windows\System32\url.dll
2013-04-14 17:20:56 9BDDA34DC4890169DE5BA21134B33EFB 1796096 ----a-w- C:\Windows\System32\iertutil.dll
2013-04-14 17:20:55 4E7F83E1F6AEFA38E270EA7353D6911E 1104384 ----a-w- C:\Windows\System32\urlmon.dll
2013-04-14 17:20:54 CA78BA218B423C7F22B14906308B8B02 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-04-14 17:20:53 658EBC74BD38D16805648C4775F7FA82 12324352 ----a-w- C:\Windows\System32\mshtml.dll
2013-04-14 17:20:52 DFE118C95C6571B87D1923DAB3FA0A77 9738752 ----a-w- C:\Windows\System32\ieframe.dll
2013-04-10 19:50:48 6FCC2090F055F5C96236DCD057DD705D 2347008 ----a-w- C:\Windows\System32\win32k.sys
2013-04-10 19:50:43 80A652978002318C9723D43CFA618816 3916632 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-04-10 19:50:43 3DFCBEEE97DF8BBAA749CAACFC9C43E1 3972440 ----a-w- C:\Windows\System32\ntkrnlpa.exe
2013-04-10 19:50:42 47C2D6C4F7080A9D67259E83A617B08D 97792 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2013-04-10 19:50:42 0106C36DFF51A161DB4C34C4C14ECC41 29696 ----a-w- C:\Windows\System32\appidsvc.dll
2013-04-10 19:50:41 DE91DCC7BC55E940979097E98F743205 69632 ----a-w- C:\Windows\System32\smss.exe
2013-04-10 19:50:41 5B7C7A3C706A90FBCCC319ABEFF14F3A 16896 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2013-04-10 19:50:41 23AB7E36551C6BA5370EF7F05142F0EB 38912 ----a-w- C:\Windows\System32\csrsrv.dll
2013-04-10 19:50:41 0624CB85816C748DA16DB347FCF3352F 50688 ----a-w- C:\Windows\System32\appidapi.dll
2013-04-10 19:50:34 0B7E6782CCC28D1068E267554B566A60 3218432 ----a-w- C:\Windows\System32\mstscax.dll
2013-04-10 19:50:33 3E675B1FB08210BE724E79D7D1DA4D79 131584 ----a-w- C:\Windows\System32\aaclient.dll
2013-04-10 19:50:33 162F39D5C94A807296EC4B46D0C7A9CB 36864 ----a-w- C:\Windows\System32\tsgqec.dll
2013-04-10 19:50:33 064C778BFF3A323645F73FB09625905A 223744 ----a-w- C:\Windows\System32\wksprt.exe
2013-04-10 19:50:33 04FF24D66412FC1072F8D0B7CB83BCF5 1051136 ----a-w- C:\Windows\System32\mstsc.exe
2013-04-09 15:31:23 0FECB3FB879F3ED7AB5BB878D947E87A 225280 ----a-w- C:\Windows\System32\rewire.dll
2013-04-09 15:31:07 9033DAF3277F0498BC86C8D4566C25CE 1554944 ----a-w- C:\Windows\System32\vorbis.acm
====== C:\Windows\system32\drivers =====
2013-04-10 20:47:38 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-04-10 19:50:46 E306A24D9694C724FA2491278BF50FDB 196328 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-04-10 19:50:42 8FF93E6F3894067000986599E96012CF 50176 ----a-w- C:\Windows\System32\drivers\appid.sys
2013-04-10 19:50:16 BDC9CE1B497B6C266ED70E3D34184F40 1213272 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-03-26 15:39:12 FE8A57C8E04EDD3AA8ADD8F3C8F65297 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-04-10 20:48:25 -------- d-----w- C:\Program Files\Trend Micro
2013-04-09 16:07:05 -------- d-----w- C:\Program Files\ASIO4ALL v2
2013-04-09 15:31:23 -------- d-----w- C:\Program Files\VstPlugins
2013-04-09 15:31:02 -------- d-----w- C:\Program Files\Outsim
2013-04-09 15:25:47 -------- d-----w- C:\Program Files\Image-Line
2013-04-09 15:16:40 -------- d-----w- C:\Program Files\Plugin
2013-04-09 15:16:20 -------- d-----w- C:\Program Files\MagniPic
2013-04-02 14:16:50 -------- d-----w- C:\Program Files\Spotydl
======= C: =====
====== C:\Users\Bart\AppData\Roaming ======
2013-04-09 16:07:05 -------- d-----w- C:\users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2013-04-02 14:18:43 -------- d-----w- C:\users\Bart\AppData\Local\Bundled software uninstaller
2013-04-02 14:17:05 -------- d-----w- C:\users\Bart\AppData\Roaming\Spotydl
2013-03-20 16:11:27 -------- d-----w- C:\users\Bart\AppData\Local\Spotify
2013-03-20 16:11:02 -------- d-----w- C:\users\Bart\AppData\Roaming\Spotify
====== C:\Users\Bart ======
2013-04-16 16:58:19 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Bart\11782303.cvr
2013-04-09 15:31:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2013-04-02 14:18:42 -------- d-----w- C:\ProgramData\BrowserProtect
2013-04-02 14:17:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl
====== C: exe-files ==
2013-04-16 15:58:43 F456E0CEE6A1BEE196C42A0B48FD11E2 77128 ----a-w- C:\Users\Bart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0WKUILP\SetupAdmin[1].exe
2013-04-16 15:58:43 F456E0CEE6A1BEE196C42A0B48FD11E2 77128 ----a-w- C:\ProgramData\Apple\Installer Cache\iCloud Control Panel 2.1.2.8\SetupAdmin.exe
2013-04-14 17:20:56 32732CEDE2A1106B736EF3D84054EE04 757376 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-04-10 20:52:10 6EEB1CA09DC0E82774BEBB01A921164B 245984 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\WSCTool.exe
2013-04-10 20:52:09 F3C17AF5E896B57EBE35F01AEE3A9F7E 159464 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\InstallSettingMigrate.exe
2013-04-10 20:52:09 B2A167A07D0662236D8EF62382906B9C 497304 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\InstallUCWrapper.exe
2013-04-10 20:52:09 6A942B9FC6157B7CCFAAF38CC0D0FC44 2223584 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\TisEzIns.exe
2013-04-10 20:52:09 62599DCCB5EE66F5F94E76DE34CE420A 295424 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\TiPatch.exe
2013-04-10 20:52:09 08202704062E8DD8ED5E60545408A1B4 316024 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\TiPreAU.exe
2013-04-10 20:52:04 9124DDBBC48BD623029A76C09B67D23B 192424 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\TMSToolEx.exe
2013-04-10 20:52:04 6EEB1CA09DC0E82774BEBB01A921164B 245984 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\WSCTool.exe
2013-04-10 20:52:03 B78FF5B2E79EC5CE238596383D2B6D11 3492544 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\SupportTool.exe
2013-04-10 20:51:59 6E5C18D0C98333DC16B29AD26C60F49E 1959904 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\setup.exe
2013-04-10 20:51:16 A4BB970D51FF548864AEBB850C830EDB 217144 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c11t1103v0.0.0l1p1r1o1\WSCStatusController.exe
2013-04-10 20:51:16 6EEB1CA09DC0E82774BEBB01A921164B 245984 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCTool.exe
2013-04-10 20:51:15 9AAE82DBDBE99EDECE53E1B9E48721E8 625024 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCHandler.exe
2013-04-10 20:51:15 7F9454A776CA6BFB655D8F49CA6110F6 133456 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiWatchDog.exe
2013-04-10 20:51:15 41B63501ADA84FFFCCC0DB7E2B80B7F3 479536 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiUpdateTray.exe
2013-04-10 20:51:15 102596AFB271F540E0C77C3634775FE6 1374864 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1725v0.0.0l1p1r1o1\uiWinMgr.exe
2013-04-10 20:51:14 FC1BD22EA4A0E04D5430D0C34AD245E3 122384 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLImp.exe
2013-04-10 20:51:14 F26C4F4B9128AFE6522D07160D1D9BA9 241864 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1703v0.0.0l1p1r1o1\UfIfAvIm.exe
2013-04-10 20:51:14 780AEC23F2A36521CC0C33F4FCCBBFEB 40056 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLMMon.exe
2013-04-10 20:51:14 6C15AA98FDD8731CE9560A36F5771986 1035736 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiSeAgnt.exe
2013-04-10 20:51:14 40102E21AF66C3617BF9CDAFE3D42B7B 324264 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLM.exe
2013-04-10 20:51:14 2E088D9D545AFD4A4FECA1D08D7E3E13 39984 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLSentry.exe
2013-04-10 20:51:14 2989E0FD82B9BD0B6BFB7B09C20E245A 192424 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1783v0.0.0l1p1r1o1\plugin\Win8Cpnt\TmToastNotificationCaller.exe
2013-04-10 20:51:13 F176291A59D0518A850D607E4A8880EF 381944 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OE.exe
2013-04-10 20:51:13 85A2488E78A4EADF0AFA8F8174BEC489 122384 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEImp.exe
2013-04-10 20:51:13 53E46968985308CA81601CD8185E8801 68824 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEMon.exe
2013-04-10 20:51:13 43E2B963DF6BBF43CFE4A2D48D329472 340744 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OL.exe
2013-04-10 20:51:12 F746894E3C713B8C9F8E647292F1E111 167704 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiMiniService.exe
2013-04-10 20:51:12 6F335706463254CC016590C39ABD4BEB 262464 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiResumeSrv.exe
2013-04-10 20:51:12 63B272259EE49FECADDB8019FF74D0C8 1016424 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\Remove.exe
2013-04-10 20:51:12 310DE5B33C3EFD7443D8CCE27FE2E449 303664 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\ShorcutLauncher.exe
2013-04-10 20:51:11 63DC34F8620723A713B3FFE6FD9A6470 112824 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\OEMConsole.exe
2013-04-10 20:51:11 60B028274D438E982AE5EE8303CFF574 68824 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\PackageRemover.exe
2013-04-10 20:48:33 783CF19637B70F3B7BF4BA201A305CBC 67120 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1094\TmExtIns.exe
2013-04-10 20:48:33 783CF19637B70F3B7BF4BA201A305CBC 67120 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959569l1p1r1o1\6.8.1093\TmExtIns.exe
2013-04-10 20:48:33 6936B0F88764C7996582F57B42305C72 188304 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\utilRollback.exe
2013-04-10 20:48:33 413DBD496EF19DBD588C79887B7156C3 71216 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959829l1p1r1o1\1.0.1170\TmopExtIns.exe
2013-04-10 20:48:32 F52603B708438E39FF38475807A01CBC 221264 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\coreServiceShell.exe
2013-04-10 20:48:32 8A199030ABA071199C11BB9544D64690 26128 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959570l-1p1r-1o-1\1.6.1018\DREBoot.exe
2013-04-10 20:48:32 533DFD7D7320EF9FDB20FDE5C8B6A408 121360 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tdiins.exe
2013-04-10 20:46:41 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Bart\Downloads\mbam-setup-1.75.0.1300.exe
2013-04-10 20:45:22 7F0BB7B4AB781BDF7912AF3BB394A072 6160960 ----a-w- C:\Users\Bart\Downloads\Ti_60_PR_SIA_EWEB.exe
2013-04-10 19:54:18 AA964645D3A987CA87186A36DFFBF28D 5677408 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\26.0.1410.64\26.0.1410.64_26.0.1410.43_chrome_updater.exe
=== C: other files ==
2013-04-10 20:52:01 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_systeminfo.bat
2013-04-10 20:52:01 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\ForceRemove.bat
2013-04-10 20:52:01 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\mk_debug_dir.bat
2013-04-10 20:52:00 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_processes_list.bat
2013-04-10 20:52:00 6CC6C743FAFAC589BBFEBB86DB6ADC7B 3477 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\AMSPForceRemove.bat
2013-04-10 20:52:00 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_registry.bat
2013-04-10 20:52:00 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_copy_config.bat
2013-04-10 20:52:00 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_ipconfig.bat
2013-04-10 20:52:00 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_folder_tree.bat
2013-04-10 20:50:44 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_processes_list.bat
2013-04-10 20:50:44 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_systeminfo.bat
2013-04-10 20:50:44 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_registry.bat
2013-04-10 20:50:44 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_copy_config.bat
2013-04-10 20:50:44 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_ipconfig.bat
2013-04-10 20:50:44 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_folder_tree.bat
2013-04-10 20:50:44 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\ForceRemove.bat
2013-04-10 20:50:44 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\mk_debug_dir.bat
2013-04-10 20:50:43 6CC6C743FAFAC589BBFEBB86DB6ADC7B 3477 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\AMSPForceRemove.bat
2013-04-10 20:49:05 4EA7AD2C5B743F48ECFF282BBC62D076 152176 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959553l1p1r1o1\7.5.1107\chrome_tmbep.crx
2013-04-10 20:49:04 9BCCA50CD9F8DD5AFF4C5108F04FA7BE 56632 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959831l1p1r1o1\1.0.1169\tmusa.sys
2013-04-10 20:49:04 63828FBD740F178DE2E2D42C3136FDEE 75624 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\5.50.1043\tmevtmgr.sys
2013-04-10 20:49:04 43C1B7C778B296D492AF6D2ABB2ECF7F 92304 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tmtdi.sys
2013-04-10 20:49:04 211EA740D2EB1A26AE098D1DD1518098 28056 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959815l1p1r1o1\1.0.1014\tmel.sys
2013-04-10 20:49:04 0C40396F071A8092964C8DC951F62B17 171064 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959587l1p1r1o1\1.5.1012\tmnciesc.sys
2013-04-10 20:49:03 D0B08F941C0B06846533C6A38DD09B22 94200 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\5.50.1043\tmactmon.sys
2013-04-10 20:49:03 B966E2400AB813527F656759C9C03A89 38328 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959843l1p1r1o1\1.0.1023\TMEBC32.sys
2013-04-10 20:49:03 7AC66D3A5BA87C6CD16B457A3786DF64 90808 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959624l1p1r1o1\1.5.1104\tmeext.sys
2013-04-10 20:49:03 2A61B4210D92D17F0E3E13CC6B908662 84792 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959618l1p1r1o1\1.5.1104\tmeevw.sys
2013-04-10 20:49:03 0C9ACEF23B537D6E8B1373C98D066B1C 257928 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\5.50.1043\tmcomm.sys
2013-04-10 20:48:27 83729C698248980FA0A016DE7E0D5CE2 91 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\CollectICRCPerfmon.bat
2013-04-10 20:48:27 0FAA7EB13610A9BAA9C643019694FF12 159 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\AMSP_systeminfo.bat
2013-04-10 20:48:26 E8213D15469B2457C4178CBE9F8AF38A 170 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\AMSP_copy_config.bat
2013-04-10 20:48:26 D94DA6C34EB7385F346FCA15EC85F212 245 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\AMSP_registry.bat
2013-04-10 20:48:26 B113F6999C5139FEA922611AB5940529 20 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\AMSP_ipconfig.bat
2013-04-10 20:48:26 592F188323683FC4F2497C9BCDB31E04 60 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\AMSP_processes_list.bat
2013-04-10 20:47:38 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-3091460872-3751063814-4196830348-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Livedrive"="C:\Program Files\Livedrive\Livedrive.exe /setup"
"iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"com.apple.dav.bookmarks.daemon"="C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe"
"Spotify"="C:\Users\Bart\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"
"Spotify Web Helper"="C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"B89371320B2EE11FC054C53F0A75C821DF3B361D._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IJNetworkScanUtility"="C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"RIMBBLaunchAgent.exe"="C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Livedrive"="C:\Program Files\Livedrive\Livedrive.exe /setup"
"iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"com.apple.dav.bookmarks.daemon"="C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe"
"Spotify"="C:\Users\Bart\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"
"Spotify Web Helper"="C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"B89371320B2EE11FC054C53F0A75C821DF3B361D._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service"
==== Startup Folders ======================
2012-12-02 20:34:58 1162 ----a-w- C:\users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk
2012-12-14 23:48:48 1995 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13-03-2013 18:57]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [02-12-2012 21:31]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undertermined Task]
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
pgafcinpmmpklohkojmllohd****efph - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx[04-03-2013 14:32]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[01-12-2012 12:22]
Google Search - Bart - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Bart - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.nl/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://searchou.com/?id=e4547e760000000000000017c458ce10"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{B036AE61-D84B-4457-96A2-84B0A925E900}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B036AE61-D84B-4457-96A2-84B0A925E900}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.nl/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Delta Search Url="http://www.delta-search.com/?q={searchTerms}&affID=119816&tt=190313_wo1&babsrc=SP_ss&mntrId=E4540017C458CE10"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
==== Uninstall List x86 ======================
Aangifte inkomstenbelasting 2012 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Aangifte inkomstenbelasting 2012]
Adobe Flash Player 11 ActiveX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]
Apple Application Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}]
Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}]
Apple Software Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}]
ASIO4ALL [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ASIO4ALL]
BlackBerry Desktop Software 7.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7A3E6E1C-CF5A-4CE9-B8D6-A2F9B7BA18FC}]
BlackBerry Desktop Software 7.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BlackBerry_Desktop]
Bonjour [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79155F2B-9895-49D7-8612-D92580E0DE5B}]
BrowserProtect [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}]
Bundled software uninstaller [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller]
Canon IJ Network Scan Utility [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Canon_IJ_Network_Scan_UTILITY]
Canon IJ Network Tool [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Canon_IJ_Network_UTILITY]
Canon MP Navigator EX 2.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MP Navigator EX 2.0]
Canon MP980 series MP Drivers [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP980_series]
Canon My Printer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CanonMyPrinter]
Delta Chrome Toolbar [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar]
Delta toolbar [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\delta]
Fences [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{10CD364B-FFCC-48BE-B469-B9622A033075}]
Fences [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Fences]
Free Studio version 5.8.0.1201 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Free Studio_is1]
Google Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
Google SketchUp 8 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13FE3480-9E41-48C0-930F-BFC0767CC340}]
Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
iCloud [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{925F1DB6-E86E-4378-9091-D1F68B0583C9}]
Intel® Graphics Media Accelerator Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}]
iTunes [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{47C6C88F-FA95-49C8-B57D-5C5F093738E1}]
Java 7 Update 17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217017FF}]
Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}]
KeePass Password Safe 1.25 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\KeePass Password Safe_is1]
Livedrive [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4975D666-729A-46A5-8C80-1F022AD43543}]
MagniPic [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E711FC96-C539-4F89-AD62-8D1B3CF2DE60}]
Malwarebytes Anti-Malware versie 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1]
Microsoft .NET Framework 4.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033]
Microsoft .NET Framework 4.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9F612429-4A00-3D44-88CF-146DA2EE1F92}]
Microsoft .NET Framework 4.5 NLD Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{679E0B0A-BB5B-33DD-A697-59EEBF7D01DD}]
Microsoft Office Professional Plus 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Office15.PROPLUS]
Microsoft Office Professional Plus 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Office15.PROPLUSR]
Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0FE0292-D3BE-3447-80F2-72E032A54875}]
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)]
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B8CA0ED6-DE91-3F49-B66E-E44306B8E453}]
Mobile Mouse Server [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{895FE43E-71C2-4FEA-94EF-B88D111495FC}]
Nitro Reader 3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2D7C68BA-90B9-46E6-851F-EA9149FEB744}]
Plugin 7 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F16247B8-CD07-40C4-8C96-FC2568G29E8F}}_is1]
QuickTime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}]
Safari [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C779648B-410E-4BBA-B75B-5815BCEFE71D}]
Spotify [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spotify]
Spotydl 0.9.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spotydl_is1]
System Requirements Lab for Intel [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}]
Taalpakket voor Microsoft .NET Framework 4.5 - NLD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043]
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD]
Teach2000 versie 8.53 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Teach2000.7 XP - The Troolean Edition_is1]
toolbar on IE and Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\privitize]
==== Empty IE Cache ======================
C:\Users\Bart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Bart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\users\Bart\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\users\Bart\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Bart\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.xpt" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js" not found
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul" not found
"C:\Users\Bart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\ProgramData\BrowserProtect" not found
-
geen probleem, ik wacht geduldig af.
Ben al heel blij als jullie mij willen helpen.
-
Hallo,
ik heb denk ik drie weken geleden een programma gedownload waarmee je muziek kon downloaden. Toen ik het programma downloadde was er niks aan de hand en enkele dagen later ook nog niet, maar nu, ongeveer een week of twee geleden begon het.
In mijn standaard browser (google chrome), startte naast de door mij ingestelde opstartpagina's, nog een andere site op (http://www.delta-search.com/)
Later gaf google chrome aan dat deze site een malware site was en of je door wilde gaan, dit deed ik uiteraard niet. 2 dagen later kwam er naast de door mij niet ingestelde opstartsite nog een andere site bij. Weer wat later (nu dus) is de eerste site (die werd gedecteerd door google weer verdwenen en wordt dus ook niet meer opgestart) en is er nog maar een site die verschijnt bij het opstarten (http://searchou.com/?id=e4547e760000000000000017c458ce10)
Ik heb het programma nog niet verwijderd, want weet niet of het dan nog mogelijk is om andere verborgen bestanden te verwijderen.
Ik ben bang dat ik malware op mijn computer heb en ik hoop dat jullie mij kunnen helpen met het verwijderen ervan.
Alvast super bedankt!!!
P.s. Ik zag dat andere allemaal een hijack-bestand moesten sturen, dus die heb ik er alvast bij gezet:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:56:04, on 16-4-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal
Running processes:
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Livedrive\Livedrive.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
C:\Program Files\Air Mouse\Air Mouse\Mobile Mouse Service.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Bart\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: privitize Helper Object - {1ACB5ABE-4890-4747-952C-F13BDB93FB75} - C:\Program Files\Industriya\privitize\1.8.16.22\bh\privitize.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.10.0\bh\delta.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: BrowserHelper Class - {EDF48A39-1442-463F-9F4E-F376A78D034A} - C:\Program Files\Livedrive\LivedriveExplorerExtensions.dll
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.10.0\deltaTlbr.dll
O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [NCInstallQueue] rundll32 netman.dll,ProcessQueue
O4 - HKCU\..\Run: [Livedrive] "C:\Program Files\Livedrive\Livedrive.exe" /setup
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
O4 - HKCU\..\Run: [spotify] "C:\Users\Bart\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [b89371320B2EE11FC054C53F0A75C821DF3B361D._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
O4 - Global Startup: Air Mouse.lnk = C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://navigram.com/engine/v1140/Navigram.cab
O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll c:\progra~1\magnipic\sprote~1.dll
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Livedrive VSS Service (LivedriveVSSService) - Unknown owner - C:\Program Files\Livedrive\VSSService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
--
End of file - 10324 bytes
-
Ik weet echt niet hoe ik jullie moet bedanken. Ik ben echt heel erg blij dat text enhange nu weg is, want ik vond het echt heel irritant.
Bedankt!
-
Het is nu weg!
Echt super super bedankt!
groetjes,
Bart
-
Hallo,
Alvast bedankt voor alle hulp!
Volgens mij is het in internet explorer inderdaad weg, maar ik gebruik meestal google chrome en daarin is het nog niet weg.
Ik hoop dat u mij nog een keer zou willen helpen.
Alvast bedankt,
Bart
Hieronder vindt u de gevraagde logbestanden.
Malwarebytes Anti-Malware 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
Databaseversie: v2012.05.23.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Bart :: PC-BART [administrator]
23-5-2012 15:45:31
mbam-log-2012-05-23 (15-45-31).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 196712
Verstreken tijd: 6 minuut/minuten, 18 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 3
C:\Users\Bart\AppData\Local\Temp\is1373634743\IWantThis_ROW.exe (Adware.GamePlayLabs) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Bart\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Bart\Downloads\PDFCreatorSetup.exe (PUP.Adware.InstallCore) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:03:07, on 23-5-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Livedrive\Livedrive.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: BrowserHelper Class - {EDF48A39-1442-463F-9F4E-F376A78D034A} - C:\Program Files\Livedrive\LivedriveExplorerExtensions.dll
O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Livedrive] "C:\Program Files\Livedrive\Livedrive.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - BitComet - A free C++ BitTorrent/HTTP/FTP Download Client - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Livedrive VSS Service (LivedriveVSSService) - Unknown owner - C:\Program Files\Livedrive\VSSService.exe
--
End of file - 8327 bytes
-
Hallo,
Ik hoop dat jullie mij ook kunnen helpen, want ik zit met hetzelfde probleem. Ik heb alles gelezen wat jullie hebben geschreven, maar ik kom er niet uit. Hieronder vinden jullie het log bestand. Ik hoop echt dat jullie mij willen helpen want ik vind het echt heel irritant.
Groetjes Bart
Ik gebruik meestal google chrome
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:19:01, on 22-5-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Livedrive\Livedrive.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MyStart by IncrediBar.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ADDICT-THING - {AA92C6B9-704A-249B-366B-6C71F2BAF5FF} - C:\ProgramData\ADDICT-THING\bhoclass.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: BrowserHelper Class - {EDF48A39-1442-463F-9F4E-F376A78D034A} - C:\Program Files\Livedrive\LivedriveExplorerExtensions.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll
O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Livedrive] "C:\Program Files\Livedrive\Livedrive.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - BitComet - A free C++ BitTorrent/HTTP/FTP Download Client - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Livedrive VSS Service (LivedriveVSSService) - Unknown owner - C:\Program Files\Livedrive\VSSService.exe
O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
--
End of file - 9847 bytes
Geheugen steeds vol
in Archief Linux, Mac OS & andere besturingssystemen
Geplaatst:
Ik heb nog niet geüpdate omdat daar nog iets meer geheugen voor nodig is om de download überhaupt te kunnen uitvoeren. Daarnaast heb ik met Etrecheck het volgende report gekregen:
EtreCheck version: 2.9.13 (267)
Report generated 2016-07-11 01:01:57
Download EtreCheck from https://etrecheck.com
Runtime 1:34
Performance: Excellent
Click the [Support] links for help with non-Apple products.
Click the [Details] links for more information about that line.
Problem: Other problem
Hardware Information: ⓘ
MacBook Pro (Retina, 15-inch, Late 2013)
[Technical Specifications] - [User Guide] - [Warranty & Service]
MacBook Pro - model: MacBookPro11,2
1 2 GHz Intel Core i7 CPU: 4-core
16 GB RAM Not upgradeable
BANK 0/DIMM0
8 GB DDR3 1600 MHz ok
BANK 1/DIMM0
8 GB DDR3 1600 MHz ok
Bluetooth: Good - Handoff/Airdrop2 supported
Wireless: en0: 802.11 a/b/g/n/ac
Battery: Health = Normal - Cycle count = 295
Video Information: ⓘ
Intel Iris Pro
Color LCD 2880 x 1800
System Software: ⓘ
OS X El Capitan 10.11.1 (15B42) - Time since boot: less than an hour
Disk Information: ⓘ
APPLE SSD SM0256F disk0 : (251 GB) (Solid State - TRIM: Yes)
EFI (disk0s1) <not mounted> : 210 MB
Recovery HD (disk0s3) <not mounted> [Recovery]: 650 MB
Macintosh HD (disk1) / [Startup]: 249.78 GB (4.96 GB free) (Low!)
Encrypted AES-XTS Unlocked
Core Storage: disk0s2 250.14 GB Online
USB Information: ⓘ
Apple Inc. Apple Internal Keyboard / Trackpad
Apple Inc. BRCM20702 Hub
Apple Inc. Bluetooth USB Host Controller
Thunderbolt Information: ⓘ
Apple Inc. thunderbolt_bus
Gatekeeper: ⓘ
Mac App Store and identified developers
System Launch Agents: ⓘ
[not loaded] 6 Apple tasks
[loaded] 144 Apple tasks
[running] 86 Apple tasks
System Launch Daemons: ⓘ
[not loaded] 43 Apple tasks
[loaded] 141 Apple tasks
[running] 102 Apple tasks
Launch Agents: ⓘ
[not loaded] com.adobe.AAM.Updater-1.0.plist (2015-05-31) [Support]
[running] com.brother.LOGINserver.plist (2014-05-08) [Support]
[loaded] com.google.keystone.agent.plist (2016-03-02) [Support]
[loaded] com.oracle.java.Java-Updater.plist (2014-11-25) [Support]
Launch Daemons: ⓘ
[loaded] com.adobe.SwitchBoard.plist (2015-05-31) [Support]
[loaded] com.adobe.fpsaud.plist (2016-06-13) [Support]
[loaded] com.google.keystone.daemon.plist (2016-03-02) [Support]
[loaded] com.microsoft.autoupdate.helpertool.plist (2016-04-15) [Support]
[loaded] com.microsoft.office.licensing.helper.plist (2010-08-25) [Support]
[loaded] com.microsoft.office.licensingV2.helper.plist (2016-02-12) [Support]
[loaded] com.oracle.java.Helper-Tool.plist (2014-11-25) [Support]
User Launch Agents: ⓘ
[loaded] com.adobe.AAM.Updater-1.0.plist (2015-04-20) [Support]
[loaded] uk.co.markallan.clamxav.clamscan.plist (2016-04-02) [Support]
User Login Items: ⓘ
iTunesHelper Programma (/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)
ClamXav Programma Hidden (/Applications/ClamXav.app)
Livedrive Programma (/Applications/Livedrive.app/Contents/Resources/Livedrive.app)
Other Apps: ⓘ
[running] com.brother.utility.NETserver.96352
[running] com.brother.utility.USBserver.95712
[loaded] com.fiplab.MenuTabHelper
[running] com.fiplab.facetab.61152
[running] com.livedrive.Livedriveapp.113632
[loaded] uk.co.markallan.clamxav.54432
[loaded] 376 Apple tasks
[running] 221 Apple tasks
Internet Plug-ins: ⓘ
FlashPlayer-10.6: 22.0.0.192 - SDK 10.9 (2016-07-02) [Support]
QuickTime Plugin: 7.7.3 (2015-11-10)
Flash Player: 22.0.0.192 - SDK 10.9 (2016-07-02) [Support]
AdobePDFViewer: 10.1.1 (2015-05-31) [Support]
EPPEX Plugin: 10.0 (2014-07-06) [Support]
Default Browser: 601 - SDK 10.11 (2015-11-10)
o1dbrowserplugin: 5.41.3.0 - SDK 10.8 (2016-02-22) [Support]
SharePointBrowserPlugin: 14.6.1 - SDK 10.6 (2016-03-05) [Support]
googletalkbrowserplugin: 5.41.3.0 - SDK 10.8 (2015-12-11) [Support]
Silverlight: 5.1.30514.0 - SDK 10.6 (2014-07-25) [Support]
JavaAppletPlugin: Java 8 Update 91 build 14 (2016-04-25) Check version
3rd Party Preference Panes: ⓘ
Flash Player (2016-06-13) [Support]
Java (2016-04-25) [Support]
Time Machine: ⓘ
Skip System Files: NO
Mobile backups: ON
Auto backup: YES
Volumes being backed up:
Macintosh HD: Disk size: 249.78 GB Disk used: 244.81 GB
Destinations:
TimeMachineBackup [Network]
Total size: 726.66 GB
Total number of backups: 24
Oldest backup: 05-03-16 17:46
Last backup: 01-06-16 09:53
Size of backup disk: Too small
Backup size 726.66 GB < (Disk used 244.81 GB X 3)
Top Processes by CPU: ⓘ
49% Livedrive
5% kernel_task
5% WindowServer
2% Mail
1% fontd
Top Processes by Memory: ⓘ
1.07 GB kernel_task
573 MB Livedrive
475 MB softwareupdated
393 MB com.apple.WebKit.WebContent(3)
279 MB mdworker(14)
Virtual Memory Information: ⓘ
7.09 GB Free RAM
8.90 GB Used RAM (3.31 GB Cached)
0 B Swap Used
Diagnostics Information: ⓘ
Jul 11, 2016, 01:00:13 AM /Library/Logs/DiagnosticReports/Livedrive_2016-07-11-010013_[redacted].cpu_resource.diag [Details]
/Applications/Livedrive.app/Contents/Resources/Livedrive.app/Contents/MacOS/Livedrive
Jul 11, 2016, 12:54:45 AM ~/Library/Logs/DiagnosticReports/com.apple.sbd_2016-07-11-005445_[redacted].crash
/System/Library/PrivateFrameworks/CloudServices.framework/Versions/A/XPCServices/com.apple.sbd.xpc/Contents/MacOS/com.apple.sbd
Jul 11, 2016, 12:54:34 AM ~/Library/Logs/DiagnosticReports/com.apple.sbd_2016-07-11-005434_[redacted].crash
Jul 11, 2016, 12:52:57 AM Self test - passed