Erikm
-
Items
61 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door Erikm
-
Is goed, dan kan deze op opgelost neem ik aan?
-
Het internet is weer hartstikke traag... Dit is echt niet normaal volgens mij. Als ik soms naar een website ga dan blijft hij soms op dezelfde pagina. Als u niets meer weet misschien even langs Internet & Netwerk? Erik
-
Zo. Alles gedaan. Nog wel even SP1 en updates installeren, en even een admin en gebruikersaccount maken. Ook heb ik nog geen firewall volgens mij. Enig idee voor een goede firewall? Erik
-
Tja... Dan moet ik het er maar mee doen... Toch bedankt voor alle hulp en als die nginx meldingen terugkomen dan meld ik het wel even. Ik moet nog wel de gebruikte programma's opruimen toch? Erik
-
Chrome opnieuw geinstalleerd. De paginas laden (nu) goed, maar wel met enige moeite. Het internet is ook weer redelijk traag . Maar het kan ook aan mijn internetverbinding liggen hoor. Ook als de pagina's laden, zie ik soms onderin het beeld: proxy laden... Moet ik mij daar zorgen over maken? Erik
-
Chrome.
-
Da's mooi. Internet doet het ook weer prima, op 1 ding na: Mijn start-tabbladen laden meestal niet. Als ik hem dan laat ophouden met laden, en het adres zelf intyp, laadt hij wel. Erik
-
Adwcleaner is klaar. Kreeg tijdens het runnen wel een melding van AVG, dat het 'potentieel gevaarlijke beveiligingssoftware was'. Heb Adwcleaner gewoon toegestaan, en hier is de log: # AdwCleaner v1.703 - Logfile created 07/24/2012 at 10:12:51 # Updated 20/07/2012 by Xplode # Operating system : Windows 7 Home Premium (64 bits) # User : Erik - ERIK-LAPTOP # Running from : C:\Users\Erik\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** Stopped & Deleted : vToolbarUpdater11.2.0 ***** [Files / Folders] ***** Folder Deleted : C:\Users\Erik\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\Erik\AppData\Local\Babylon Folder Deleted : C:\Users\Erik\AppData\LocalLow\AVG Secure Search Folder Deleted : C:\Users\Erik\AppData\LocalLow\BabylonToolbar Folder Deleted : C:\Users\Erik\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Erik\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Erik\AppData\LocalLow\Search Settings Folder Deleted : C:\Users\Erik\AppData\LocalLow\SearchquTB Folder Deleted : C:\Users\Erik\AppData\LocalLow\Toolbar4 Folder Deleted : C:\Users\Erik\AppData\Roaming\Babylon Folder Deleted : C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\Conduit Folder Deleted : C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\ConduitEngine Folder Deleted : C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\extensions\ffxtlbr@babylon.com Folder Deleted : C:\ProgramData\AVG Secure Search Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\Program Files (x86)\Application Updater Folder Deleted : C:\Program Files (x86)\AVG Secure Search Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\ConduitEngine Folder Deleted : C:\Program Files (x86)\HyperCam Toolbar Folder Deleted : C:\Program Files (x86)\YouTube Downloader Toolbar Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Deleted : C:\Program Files (x86)\Common Files\spigot File Deleted : C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\searchplugins\Askcom.xml File Deleted : C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\searchplugins\Conduit.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\extensions\wtxpcom@mybrowserbar.com File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml ***** [Registry] ***** [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2680363 [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2865317 Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings Key Deleted : HKCU\Software\AppDataLow\Software\searchqutb Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\BabylonToolbar Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\IGearSettings Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\Somoto Toolbar Key Deleted : HKLM\SOFTWARE\Application Updater Key Deleted : HKLM\SOFTWARE\AVG Secure Search Key Deleted : HKLM\SOFTWARE\Babylon Key Deleted : HKLM\SOFTWARE\BabylonToolbar Key Deleted : HKLM\SOFTWARE\bandoo Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1 Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1 Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1 Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1 Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\SOFTWARE\Conduit Key Deleted : HKLM\SOFTWARE\conduitEngine Key Deleted : HKLM\SOFTWARE\DT Soft Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} [x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC} [x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12} [x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} [x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080} ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v3.6.3 (nl) Profile name : default File : C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\prefs.js C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\user.js ... Deleted ! Deleted : user_pref("CT2865317..clientLogIsEnabled", false); Deleted : user_pref("CT2865317..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Deleted : user_pref("CT2865317..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Deleted : user_pref("CT2865317.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Deleted : user_pref("CT2865317.CTID", "CT2865317"); Deleted : user_pref("CT2865317.CurrentServerDate", "30-5-2011"); Deleted : user_pref("CT2865317.DialogsAlignMode", "LTR"); Deleted : user_pref("CT2865317.DownloadReferralCookieData", ""); Deleted : user_pref("CT2865317.EMailNotifierPollDate", "Mon May 30 2011 16:50:15 GMT+0200"); Deleted : user_pref("CT2865317.FeedLastCount5397019970362056034", 139); Deleted : user_pref("CT2865317.FeedPollDate129363015634713160", "Mon May 30 2011 16:50:16 GMT+0200"); Deleted : user_pref("CT2865317.FeedPollDate129363015634713166", "Mon May 30 2011 16:50:16 GMT+0200"); Deleted : user_pref("CT2865317.FeedPollDate129363015634713172", "Mon May 30 2011 16:50:16 GMT+0200"); Deleted : user_pref("CT2865317.FeedPollDate129363015634713178", "Mon May 30 2011 16:50:16 GMT+0200"); Deleted : user_pref("CT2865317.FeedPollDate129363015634713184", "Mon May 30 2011 16:50:16 GMT+0200"); Deleted : user_pref("CT2865317.FeedPollDate129363015634713190", "Mon May 30 2011 16:50:16 GMT+0200"); Deleted : user_pref("CT2865317.FeedPollDate129363015634713196", "Mon May 30 2011 16:50:17 GMT+0200"); Deleted : user_pref("CT2865317.FeedPollDate129363015634713202", "Mon May 30 2011 16:50:17 GMT+0200"); Deleted : user_pref("CT2865317.FeedPollDate129363015634713208", "Mon May 30 2011 16:50:17 GMT+0200"); Deleted : user_pref("CT2865317.FeedPollDate129363015634713214", "Mon May 30 2011 16:50:17 GMT+0200"); Deleted : user_pref("CT2865317.FeedPollDate129363015634713220", "Mon May 30 2011 16:50:17 GMT+0200"); Deleted : user_pref("CT2865317.FeedTTL129363015634713160", 10); Deleted : user_pref("CT2865317.FeedTTL129363015634713184", 15); Deleted : user_pref("CT2865317.FeedTTL129363015634713196", 5); Deleted : user_pref("CT2865317.FeedTTL129363015634713208", 5); Deleted : user_pref("CT2865317.FirstServerDate", "30-5-2011"); Deleted : user_pref("CT2865317.FirstTime", true); Deleted : user_pref("CT2865317.FirstTimeFF3", true); Deleted : user_pref("CT2865317.FixPageNotFoundErrors", false); Deleted : user_pref("CT2865317.GroupingServerCheckInterval", 1440); Deleted : user_pref("CT2865317.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Deleted : user_pref("CT2865317.HasUserGlobalKeys", true); Deleted : user_pref("CT2865317.Initialize", true); Deleted : user_pref("CT2865317.InitializeCommonPrefs", true); Deleted : user_pref("CT2865317.InstallationAndCookieDataSentCount", 1); Deleted : user_pref("CT2865317.InstallationType", "UnknownIntegration"); Deleted : user_pref("CT2865317.InstalledDate", "Mon May 30 2011 16:50:15 GMT+0200"); Deleted : user_pref("CT2865317.IsGrouping", false); Deleted : user_pref("CT2865317.IsMulticommunity", false); Deleted : user_pref("CT2865317.IsOpenThankYouPage", true); Deleted : user_pref("CT2865317.IsOpenUninstallPage", false); Deleted : user_pref("CT2865317.LanguagePackLastCheckTime", "Mon May 30 2011 16:52:20 GMT+0200"); Deleted : user_pref("CT2865317.LanguagePackReloadIntervalMM", 1440); Deleted : user_pref("CT2865317.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Deleted : user_pref("CT2865317.LastLogin_3.2.5.2", "Mon May 30 2011 16:50:15 GMT+0200"); Deleted : user_pref("CT2865317.LatestVersion", "3.3.3.2"); Deleted : user_pref("CT2865317.Locale", "nl"); Deleted : user_pref("CT2865317.MCDetectTooltipHeight", "83"); Deleted : user_pref("CT2865317.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Deleted : user_pref("CT2865317.MCDetectTooltipWidth", "295"); Deleted : user_pref("CT2865317.SavedHomepage", "hxxp://search.conduit.com/?ctid=&SearchSource=13"); Deleted : user_pref("CT2865317.SearchFromAddressBarIsInit", true); Deleted : user_pref("CT2865317.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT286[...] Deleted : user_pref("CT2865317.SearchInNewTabEnabled", true); Deleted : user_pref("CT2865317.SearchInNewTabIntervalMM", 1440); Deleted : user_pref("CT2865317.SearchInNewTabLastCheckTime", "Mon May 30 2011 16:50:15 GMT+0200"); Deleted : user_pref("CT2865317.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Deleted : user_pref("CT2865317.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Deleted : user_pref("CT2865317.ServiceMapLastCheckTime", "Mon May 30 2011 16:50:13 GMT+0200"); Deleted : user_pref("CT2865317.SettingsLastCheckTime", "Mon May 30 2011 16:50:13 GMT+0200"); Deleted : user_pref("CT2865317.SettingsLastUpdate", "1306530423"); Deleted : user_pref("CT2865317.ThirdPartyComponentsInterval", 504); Deleted : user_pref("CT2865317.ThirdPartyComponentsLastCheck", "Mon May 30 2011 16:50:13 GMT+0200"); Deleted : user_pref("CT2865317.ThirdPartyComponentsLastUpdate", "1256026239"); Deleted : user_pref("CT2865317.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID"); Deleted : user_pref("CT2865317.UserID", "UN73184184613982564"); Deleted : user_pref("CT2865317.WeatherNetwork", ""); Deleted : user_pref("CT2865317.WeatherPollDate", "Mon May 30 2011 16:50:17 GMT+0200"); Deleted : user_pref("CT2865317.WeatherUnit", "C"); Deleted : user_pref("CT2865317.alertChannelId", "1257316"); Deleted : user_pref("CT2865317.backendstorage.enableinj", ""); Deleted : user_pref("CT2865317.myStuffEnabled", true); Deleted : user_pref("CT2865317.myStuffPublihserMinWidth", 400); Deleted : user_pref("CT2865317.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Deleted : user_pref("CT2865317.myStuffServiceIntervalMM", 1440); Deleted : user_pref("CT2865317.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Deleted : user_pref("CT2865317.testingCtid", ""); Deleted : user_pref("CT2865317.toolbarAppMetaDataLastCheckTime", "Mon May 30 2011 16:50:15 GMT+0200"); Deleted : user_pref("CT2865317.toolbarContextMenuLastCheckTime", "Mon May 30 2011 16:50:17 GMT+0200"); Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1257316/1252989/NL", "\"0\"[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/NL", "\"0\"")[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2865317", [...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63441682370827[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2865317/CT2865317[...] Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2865317"); Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{87775fdb-6972-41f9-ae51-8326e38cb206}"); Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar_nl"); Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2865317"); Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{87775fdb-6972-41f9-ae51-8326e38cb206}"); Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar_nl"); Deleted : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2865317"); Deleted : user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine,CT2865317"); Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60); Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon May 30 2011 16:50:15 GMT+0200"); Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Deleted : user_pref("CommunityToolbar.alert.locale", "en"); Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon May 30 2011 16:50:12 GMT+0200"); Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559"); Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false); Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Deleted : user_pref("CommunityToolbar.alert.userId", "08477866-cd7b-40cb-b614-5159c465ef2c"); Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon May 30 2011 16:50:19 GMT+0200"); Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2865317"); Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine"); Deleted : user_pref("ConduitEngine.FirstServerDate", "05/30/2011 17"); Deleted : user_pref("ConduitEngine.FirstTime", true); Deleted : user_pref("ConduitEngine.FirstTimeFF3", true); Deleted : user_pref("ConduitEngine.FixPageNotFoundErrors", false); Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true); Deleted : user_pref("ConduitEngine.Initialize", true); Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true); Deleted : user_pref("ConduitEngine.InstallationType", "UnknownIntegration"); Deleted : user_pref("ConduitEngine.InstalledDate", "Mon May 30 2011 16:50:13 GMT+0200"); Deleted : user_pref("ConduitEngine.IsMulticommunity", false); Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false); Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", false); Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon May 30 2011 16:50:14 GMT+0200"); Deleted : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Mon May 30 2011 16:50:14 GMT+0200"); Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0); Deleted : user_pref("ConduitEngine.SavedHomepage", "hxxp://www.searchqu.com/"); Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); Deleted : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...] Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Mon May 30 2011 16:50:13 GMT+0200"); Deleted : user_pref("ConduitEngine.UserID", "UN84534695647900489"); Deleted : user_pref("ConduitEngine.engineLocale", "nl"); Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon May 30 2011 16:50:14 GMT+0200"); Deleted : user_pref("ConduitEngine.initDone", true); Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Deleted : user_pref("browser.search.defaultengine", "Ask.com"); Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search"); Deleted : user_pref("browser.search.defaultthis.engineName", "uTorrentBar_NL Customized Web Search"); Deleted : user_pref("browser.search.order.1", "Ask.com"); Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search"); -\\ Google Chrome v20.0.1132.57 File : C:\Users\Erik\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[s1].txt - [31385 octets] - [24/07/2012 10:12:51] ########## EOF - C:\AdwCleaner[s1].txt - [31514 octets] ##########
-
Alles lijkt mij in orde, nog even twee dingen: 1: Ik had laatst ook last van het 'politievirus', heb hem weg weten te krijgen met systeemherstel. Kan ik er zeker van zijn dat hier geen sporen meer van zijn? 2: Ik heb de Conduit Engine op mijn pc, schijnt een vervelend programmatje te zijn. Kan hem niet weg krijgen via de deinstalleer programma's optie van CCleaner. Ideeen om deze weg te krijgen? Alvast bedankt, Erik
-
Internet gaat weer prima op dit moment... Maar dat was vanmiddag ook al zo. Dus even afwachten. Over RGSClauncher, dat lijkt met niet zo'n probleem. Rockstar Games Social Club doet het ook normaal. Erik
-
Na het herstarten van de pc kreeg ik een melding van Windows, dat RGSClauncher.exe (ofzo, weet de precieze naam niet meer) een fout had, en dat ik op ok moest klikken om de toepassing te beeindigen. Heb op ok geklikt, en niets meer van gehoord. RGSClauncher.exe hoort volgens mij bij de Rockstar Games Social Club, dus dat lijkt me geen probleem. Erik
-
Blijkbaar ging ComboFix nog door. Hij heeft weer een log geproduceerd, dus mijn vorige post is overbodig. Hierbij de log: ComboFix 12-07-21.01 - Erik 23-07-2012 18:57:21.4.2 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.4092.2548 [GMT 2:00] Gestart vanuit: c:\users\Erik\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Erik\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\adawaretb c:\program files (x86)\adawaretb\adawareDx.dll c:\program files (x86)\adawaretb\adawaretb.dll c:\program files (x86)\adawaretb\adawaretb.xml c:\program files (x86)\adawaretb\chrome\content\custom.js c:\program files (x86)\adawaretb\chrome\content\lib\about.xml c:\program files (x86)\adawaretb\chrome\content\lib\dtxpanel.xul c:\program files (x86)\adawaretb\chrome\content\lib\dtxpaneltransparent.xul c:\program files (x86)\adawaretb\chrome\content\lib\dtxpanelwin.xul c:\program files (x86)\adawaretb\chrome\content\lib\dtxprefwin.xul c:\program files (x86)\adawaretb\chrome\content\lib\dtxtransparentwin.xul c:\program files (x86)\adawaretb\chrome\content\lib\dtxwin.xul c:\program files (x86)\adawaretb\chrome\content\lib\emailnotifierproviders.xml c:\program files (x86)\adawaretb\chrome\content\lib\external.js c:\program files (x86)\adawaretb\chrome\content\lib\neterror.xhtml c:\program files (x86)\adawaretb\chrome\content\lib\rsspreview.html c:\program files (x86)\adawaretb\chrome\content\lib\rsswin.xml c:\program files (x86)\adawaretb\chrome\content\lib\rsswin.xsl c:\program files (x86)\adawaretb\chrome\content\modules\datastore.jsm c:\program files (x86)\adawaretb\chrome\content\modules\nsDragAndDrop.js c:\program files (x86)\adawaretb\chrome\content\newtab\images\bullet.gif c:\program files (x86)\adawaretb\chrome\content\newtab\images\field_bg.gif c:\program files (x86)\adawaretb\chrome\content\newtab\images\powered_by_yahoo.gif c:\program files (x86)\adawaretb\chrome\content\newtab\newtab.html c:\program files (x86)\adawaretb\chrome\content\preferences.xml c:\program files (x86)\adawaretb\chrome\content\toolbar.htm c:\program files (x86)\adawaretb\chrome\content\toolbar.xul c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\ClearBrowserDataDialog.xml c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\tb_icon.png c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\widget.js c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\widget.xml c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.ToolbarCleaner\tb_icon.png c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.ToolbarCleaner\widget.js c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.ToolbarCleaner\widget.xml c:\program files (x86)\adawaretb\chrome\data\search\engines.xml c:\program files (x86)\adawaretb\chrome\data\search\search.xsl c:\program files (x86)\adawaretb\chrome\locale\lib\de.js c:\program files (x86)\adawaretb\chrome\locale\lib\en.js c:\program files (x86)\adawaretb\chrome\locale\lib\es.js c:\program files (x86)\adawaretb\chrome\locale\lib\fr.js c:\program files (x86)\adawaretb\chrome\locale\lib\it.js c:\program files (x86)\adawaretb\chrome\locale\toolbar\de.js c:\program files (x86)\adawaretb\chrome\locale\toolbar\en.js c:\program files (x86)\adawaretb\chrome\locale\toolbar\es.js c:\program files (x86)\adawaretb\chrome\locale\toolbar\fr.js c:\program files (x86)\adawaretb\chrome\locale\toolbar\it.js c:\program files (x86)\adawaretb\chrome\skin\blekko16.png c:\program files (x86)\adawaretb\chrome\skin\bluelite.gif c:\program files (x86)\adawaretb\chrome\skin\bluesky.gif c:\program files (x86)\adawaretb\chrome\skin\btn-safe-de.png c:\program files (x86)\adawaretb\chrome\skin\btn-safe-en.png c:\program files (x86)\adawaretb\chrome\skin\btn-safe-es.png c:\program files (x86)\adawaretb\chrome\skin\btn-safe-fr.png c:\program files (x86)\adawaretb\chrome\skin\btn-safe-it.png c:\program files (x86)\adawaretb\chrome\skin\btn-safe.png c:\program files (x86)\adawaretb\chrome\skin\btn-search-de.png c:\program files (x86)\adawaretb\chrome\skin\btn-search-en.png c:\program files (x86)\adawaretb\chrome\skin\btn-search-es.png c:\program files (x86)\adawaretb\chrome\skin\btn-search-fr.png c:\program files (x86)\adawaretb\chrome\skin\btn-search-it.png c:\program files (x86)\adawaretb\chrome\skin\btn-settings-over.png c:\program files (x86)\adawaretb\chrome\skin\btn-settings.png c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe-de.png c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe-en.png c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe-es.png c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe-fr.png c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe-it.png c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe.png c:\program files (x86)\adawaretb\chrome\skin\custom.css c:\program files (x86)\adawaretb\chrome\skin\dictionary.png c:\program files (x86)\adawaretb\chrome\skin\downloadcom.png c:\program files (x86)\adawaretb\chrome\skin\facebook.png c:\program files (x86)\adawaretb\chrome\skin\games.png c:\program files (x86)\adawaretb\chrome\skin\grey.gif c:\program files (x86)\adawaretb\chrome\skin\ico-cleaner.png c:\program files (x86)\adawaretb\chrome\skin\ico-clear.png c:\program files (x86)\adawaretb\chrome\skin\images.png c:\program files (x86)\adawaretb\chrome\skin\lib\add.png c:\program files (x86)\adawaretb\chrome\skin\lib\aol.png c:\program files (x86)\adawaretb\chrome\skin\lib\arrow-dn.gif c:\program files (x86)\adawaretb\chrome\skin\lib\arrow-right-disabled.gif c:\program files (x86)\adawaretb\chrome\skin\lib\arrow-right.gif c:\program files (x86)\adawaretb\chrome\skin\lib\arrow-up.gif c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btn-end.png c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btn-mdl.png c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btn-mdl_ff.png c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btn-start.png c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btnover-end.png c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btnover-mdl.png c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btnover-mdl_ff.png c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btnover-start.png c:\program files (x86)\adawaretb\chrome\skin\lib\blank.gif c:\program files (x86)\adawaretb\chrome\skin\lib\btnback-down-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\btnback-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\btnleft-down-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\btnleft-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\btnright-down-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\btnright-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\button-splitter-down-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\button-splitter-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\checkmark.png c:\program files (x86)\adawaretb\chrome\skin\lib\chevron.png c:\program files (x86)\adawaretb\chrome\skin\lib\collapse.png c:\program files (x86)\adawaretb\chrome\skin\lib\comcast.png c:\program files (x86)\adawaretb\chrome\skin\lib\dtx.css c:\program files (x86)\adawaretb\chrome\skin\lib\edit-back-hot.png c:\program files (x86)\adawaretb\chrome\skin\lib\edit-back.png c:\program files (x86)\adawaretb\chrome\skin\lib\expand.png c:\program files (x86)\adawaretb\chrome\skin\lib\found.png c:\program files (x86)\adawaretb\chrome\skin\lib\gmail.png c:\program files (x86)\adawaretb\chrome\skin\lib\highlight.png c:\program files (x86)\adawaretb\chrome\skin\lib\highlight_blue.png c:\program files (x86)\adawaretb\chrome\skin\lib\highlight_cyan.png c:\program files (x86)\adawaretb\chrome\skin\lib\highlight_lime.png c:\program files (x86)\adawaretb\chrome\skin\lib\highlight_magenta.png c:\program files (x86)\adawaretb\chrome\skin\lib\highlight_yellow.png c:\program files (x86)\adawaretb\chrome\skin\lib\hotmail.png c:\program files (x86)\adawaretb\chrome\skin\lib\imap.png c:\program files (x86)\adawaretb\chrome\skin\lib\lastsearch-thumb-back.gif c:\program files (x86)\adawaretb\chrome\skin\lib\loadingMid.gif c:\program files (x86)\adawaretb\chrome\skin\lib\lock.png c:\program files (x86)\adawaretb\chrome\skin\lib\mailcom.png c:\program files (x86)\adawaretb\chrome\skin\lib\menu_bg-basic.png c:\program files (x86)\adawaretb\chrome\skin\lib\menu_separator_bar.png c:\program files (x86)\adawaretb\chrome\skin\lib\menuitem-splitter.png c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemback-down-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemback-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemleft-down-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemleft-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemright-down-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemright-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\modify.png c:\program files (x86)\adawaretb\chrome\skin\lib\move.gif c:\program files (x86)\adawaretb\chrome\skin\lib\movetarget.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\css\popupAbout.css c:\program files (x86)\adawaretb\chrome\skin\lib\panels\css\popupWidgets.css c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\css\dialog.css c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\bg.gif c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\btn-wide-close-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\btn-wide-close.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\default.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\transparent.gif c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\win-btm-left.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\win-btm-mdl.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\win-btm-right-resize.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\win-btm-right.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\main.html c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\scripts\defscript.js c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\arrow-sml-drop.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\arrow-sml.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\arrowr-bluew5.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\bg-aboutbox.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\bg-btnover.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\bg-pnl520x390.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-addtoolbar-left.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-addtoolbar-right.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-close-grey.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-close-greyover.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-drag.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-mdl-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-mdl.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-next-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-next.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-previous-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-previous.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-right-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-search-pnlbtm.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\gamethumb-on.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ico-calendar.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ico-download.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ico-tags.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\icon-Add.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\icon-Info.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\menul-bgon.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\menul-bgover.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\panel-botm-noscroll.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scroll-bg-206.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scroll-bg.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scroll-topwin.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollb-disable.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollb-down.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollb-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollb.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollt-disable.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollt-down.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollt-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollt.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\searchbox-pnlbtm.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\star_x_grey.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\star_x_orange.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\throbber.gif c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\TRUSTe_about.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\view-detailed-on.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\view-detailed-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\view-thumb-on.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\view-thumb-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\widgets-square-16px.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\widgets-square-24px.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\popupWidgets.html c:\program files (x86)\adawaretb\chrome\skin\lib\pop.png c:\program files (x86)\adawaretb\chrome\skin\lib\radio.png c:\program files (x86)\adawaretb\chrome\skin\lib\reload.png c:\program files (x86)\adawaretb\chrome\skin\lib\remove.png c:\program files (x86)\adawaretb\chrome\skin\lib\rename.gif c:\program files (x86)\adawaretb\chrome\skin\lib\resize-box.gif c:\program files (x86)\adawaretb\chrome\skin\lib\rss.png c:\program files (x86)\adawaretb\chrome\skin\lib\rsschannelback.png c:\program files (x86)\adawaretb\chrome\skin\lib\RSSLogo.png c:\program files (x86)\adawaretb\chrome\skin\lib\rsstabdivider.gif c:\program files (x86)\adawaretb\chrome\skin\lib\scroll-left.png c:\program files (x86)\adawaretb\chrome\skin\lib\scroll-right.png c:\program files (x86)\adawaretb\chrome\skin\lib\search-go.png c:\program files (x86)\adawaretb\chrome\skin\lib\search.png c:\program files (x86)\adawaretb\chrome\skin\lib\text-ellipsis.xml c:\program files (x86)\adawaretb\chrome\skin\lib\throbber.gif c:\program files (x86)\adawaretb\chrome\skin\lib\toolbarsplitter.gif c:\program files (x86)\adawaretb\chrome\skin\lib\transparent_1px.gif c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_02.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_03.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_04.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_06.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_07.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_08.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_09.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_10.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_11.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_12.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_13.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_14.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_15.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_16.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_18.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_19.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_20.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_21.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\btn-close-grey.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\btn-close-greyover.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\close-hot.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\close-normal.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\loadingMid.gif c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\paneltemplate.html c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\proxy.html c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\template.html c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\template.xml c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\templateFF.html c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\throbber.gif c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\icons\cond999.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\icons\icons.xml c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\icons\na-s.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\icons\na.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\icons\weather.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\add.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\box-check.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\ico-check.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\options-weather.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\over-blue.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\over-orange.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\popupWeather.css c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\popupWeather.html c:\program files (x86)\adawaretb\chrome\skin\lib\yahoo.png c:\program files (x86)\adawaretb\chrome\skin\lichen.gif c:\program files (x86)\adawaretb\chrome\skin\logo-about.png c:\program files (x86)\adawaretb\chrome\skin\logo.png c:\program files (x86)\adawaretb\chrome\skin\modify-save.png c:\program files (x86)\adawaretb\chrome\skin\modify.png c:\program files (x86)\adawaretb\chrome\skin\music.png c:\program files (x86)\adawaretb\chrome\skin\news.png c:\program files (x86)\adawaretb\chrome\skin\options\options-main.png c:\program files (x86)\adawaretb\chrome\skin\options\options-search.png c:\program files (x86)\adawaretb\chrome\skin\options\options-weather.png c:\program files (x86)\adawaretb\chrome\skin\options\options-widgets.png c:\program files (x86)\adawaretb\chrome\skin\orange.gif c:\program files (x86)\adawaretb\chrome\skin\search-background.png c:\program files (x86)\adawaretb\chrome\skin\shopping.png c:\program files (x86)\adawaretb\chrome\skin\skin-bluelite.png c:\program files (x86)\adawaretb\chrome\skin\skin-bluesky.png c:\program files (x86)\adawaretb\chrome\skin\skin-grey.png c:\program files (x86)\adawaretb\chrome\skin\skin-lichen.png c:\program files (x86)\adawaretb\chrome\skin\skin-orange.png c:\program files (x86)\adawaretb\chrome\skin\skin-yellow.png c:\program files (x86)\adawaretb\chrome\skin\technorati.png c:\program files (x86)\adawaretb\chrome\skin\throbber.gif c:\program files (x86)\adawaretb\chrome\skin\toolbarsplitter.png c:\program files (x86)\adawaretb\chrome\skin\web.png c:\program files (x86)\adawaretb\chrome\skin\wikipedia.png c:\program files (x86)\adawaretb\chrome\skin\yellow.gif c:\program files (x86)\adawaretb\chrome\skin\youtube.png c:\program files (x86)\adawaretb\components\windowmediator.js c:\program files (x86)\adawaretb\dtUser.exe c:\program files (x86)\adawaretb\ieUtils.exe c:\program files (x86)\adawaretb\install.ico c:\program files (x86)\adawaretb\manifest.xml c:\program files (x86)\adawaretb\search.ico c:\program files (x86)\adawaretb\uninstall.exe c:\programdata\Ad-Aware Browsing Protection c:\programdata\Ad-Aware Browsing Protection\adawarebp.dll c:\programdata\Ad-Aware Browsing Protection\adawarebp.dll.nsm7F13.tmp c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe.nsm7F13.tmp c:\programdata\Ad-Aware Browsing Protection\guid.dat c:\programdata\Ad-Aware Browsing Protection\uninstall.exe c:\programdata\Ad-Aware Browsing Protection\uninstall.exe.nsm7F13.tmp . ---- Voorgaande Run ------- . c:\program files (x86)\Mozilla Firefox\searchplugins\SearchquWebSearch.xml c:\program files (x86)\Uninstall.exe c:\users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\searchplugins\SearchquWebSearch.xml c:\windows\iun6002.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-23 to 2012-07-23 )))))))))))))))))))))))))))))) . . 2012-07-23 17:58 . 2012-07-23 17:58 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-07-23 17:58 . 2012-07-23 17:58 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-23 17:58 . 2012-07-23 17:58 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2012-07-22 08:23 . 2012-07-22 08:23 388096 ----a-r- c:\users\Erik\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-07-22 08:23 . 2012-07-22 08:23 -------- d-----w- c:\program files (x86)\Trend Micro 2012-07-16 08:45 . 2012-07-16 08:45 -------- d-----w- c:\program files (x86)\Oracle 2012-07-14 08:30 . 2012-07-14 08:30 -------- d-----w- c:\users\Erik\AppData\Local\AVG Secure Search 2012-07-14 08:29 . 2012-07-14 08:30 -------- d-----w- c:\programdata\AVG Secure Search 2012-07-14 08:29 . 2012-07-16 08:22 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search 2012-07-14 08:29 . 2012-07-14 08:30 -------- d-----w- c:\program files (x86)\AVG Secure Search 2012-07-14 08:28 . 2012-07-14 08:28 -------- d-----w- c:\windows\SysWow64\drivers\AVG 2012-07-14 08:28 . 2012-07-23 15:28 -------- d-----w- c:\windows\system32\drivers\AVG 2012-07-14 08:09 . 2012-07-14 08:09 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi 2012-07-11 17:42 . 2012-06-12 03:02 3147264 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 06:46 . 2012-06-06 05:50 2003968 ----a-w- c:\windows\system32\msxml6.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-11 17:38 . 2010-02-15 09:11 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-07-05 20:06 . 2012-06-01 14:57 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-07-05 20:06 . 2010-04-30 06:48 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-07-03 11:46 . 2012-06-13 14:40 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-23 07:27 . 2012-06-23 07:27 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-06-02 22:19 . 2012-06-23 08:27 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-23 08:28 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-23 08:28 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-23 08:28 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-23 08:27 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-23 08:28 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-23 08:27 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-23 08:27 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-23 08:27 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-05-08 17:02 . 2012-06-08 14:59 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{39AAABF1-2C9B-49D1-A41B-9E05587D2894}\mpengine.dll 2012-05-04 10:52 . 2012-06-13 13:16 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 10:08 . 2012-06-13 13:16 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:08 . 2012-06-13 13:16 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-02 05:32 . 2012-06-13 13:16 208896 ----a-w- c:\windows\system32\profsvc.dll 2012-04-28 03:50 . 2012-06-13 13:16 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-26 05:34 . 2012-06-13 13:17 76288 ----a-w- c:\windows\system32\rdpwsx.dll 2012-04-26 05:34 . 2012-06-13 13:17 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-04-26 05:28 . 2012-06-13 13:17 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2010-06-15 01:54 . 2010-06-15 01:54 153008 ----a-w- c:\program files (x86)\fraps64.dll 2010-06-15 01:54 . 2010-06-15 01:54 206768 ----a-w- c:\program files (x86)\fraps32.dll 2010-06-15 01:54 . 2010-06-15 01:54 74672 ----a-w- c:\program files (x86)\fraps64.dat 2010-06-15 01:54 . 2010-06-15 01:54 2320304 ----a-w- c:\program files (x86)\fraps.exe 2010-06-15 01:46 . 2010-06-15 01:46 163840 ----a-w- c:\program files (x86)\frapslcd.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-07-23_12.15.45 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-07-22 08:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-07-23 12:15 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-07-22 08:12 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-07-23 12:15 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-07-22 08:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-07-23 12:15 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-07-23 17:59 . 2012-07-23 17:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-07-23 12:15 . 2012-07-23 12:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-07-23 12:15 . 2012-07-23 12:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-07-23 17:59 . 2012-07-23 17:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 05:01 . 2012-07-23 12:13 401944 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-07-23 17:58 401944 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2010-02-04 23:23 . 2012-07-23 17:58 9398515 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3138168355-341146757-651766743-1001-8192.dat - 2010-02-04 23:23 . 2012-07-23 12:13 9398515 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3138168355-341146757-651766743-1001-8192.dat + 2009-07-14 02:34 . 2012-07-23 12:30 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat - 2009-07-14 02:34 . 2012-07-23 09:17 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-07-14 08:29 2074208 ----a-w- c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-14 2074208] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] "HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048] "RGSC"="c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-17 39408] "Steam"="c:\program files (x86)\Steam\steam.exe" [2011-08-02 1242448] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304] "HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 323640] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-09-02 60464] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 500792] "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456] "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-07-14 1107552] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-22 868848] R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 135664] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-05-03 158856] R3 dump_wmimmc;dump_wmimmc;c:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 135664] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1255736] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-05 203264] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520] S2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-07-14 935008] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 215040] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-03-09 36408] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 09:55] . 2012-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 09:55] . 2012-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3138168355-341146757-651766743-1001Core.job - c:\users\Erik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-23 11:52] . 2012-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3138168355-341146757-651766743-1001UA.job - c:\users\Erik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-23 11:52] . 2012-07-16 c:\windows\Tasks\HPCeeScheduleForErik.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 610872] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-27 171520] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.lauwerscollege.nl/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll FF - ProfilePath - c:\users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_1&u=AFBB9A88CC87736C2EF0A64FD4E5DFBC FF - prefs.js: keyword.URL - hxxp://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p= FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) AddRemove-Ad-Aware Browsing Protection - c:\programdata\Ad-Aware Browsing Protection\uninstall.exe AddRemove-adawaretb - c:\program files (x86)\adawaretb\uninstall.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3138168355-341146757-651766743-1001\Software\SecuROM\License information*] "datasecu"=hex:d8,95,bd,fa,31,76,95,54,d0,a8,ec,40,dc,49,2b,0e,4d,fc,7a,9d,92, 61,4e,fd,b1,9e,7f,a6,ed,70,98,cb,25,d1,74,46,27,2c,5f,a7,2c,3a,dc,6d,6d,78,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\program files (x86)\CyberLink\Shared files\RichVideo.exe c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe . ************************************************************************** . Voltooingstijd: 2012-07-23 20:06:19 - machine werd herstart ComboFix-quarantined-files.txt 2012-07-23 18:06 ComboFix2.txt 2012-06-14 14:16 . Pre-Run: 150.341.365.760 bytes beschikbaar Post-Run: 150.271.287.296 bytes beschikbaar . - - End Of File - - 0AA7C11B4ABE695AB23FD3A7D064FD7B Erik
-
Even een vraag over ComboFix: hij is nu bezig, en staat al een tijdje op Voltooid Deel_4. Is hij nu klaar of moet ik hem laten staan? Erik
-
Heb een tijdje AdAware gehad, daarna weggehaald. Blijkbaar is die dus niet helemaal weg. Als u een manier weet om die weg te halen, vertel het maar! Erik
-
Ah. Misschien is dit hem, in de map van ComboFix op de C-schijf. Hier is ie dan: ComboFix 12-07-21.01 - Erik 23-07-2012 14:03:55.3.2 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.4092.2748 [GMT 2:00] Gestart vanuit: C:\Users\Erik\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchquWebSearch.xml C:\Program Files (x86)\Uninstall.exe C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\searchplugins\SearchquWebSearch.xml C:\Windows\iun6002.exe (((((((((((((((((((( Bestanden Gemaakt van 2012-06-23 to 2012-07-23 )))))))))))))))))))))))))))))) 2012-07-23 12:13:24 . 2012-07-23 12:13:24 -------- d-----w- C:\Users\Public\AppData\Local\temp 2012-07-23 12:13:24 . 2012-07-23 12:13:24 -------- d-----w- C:\Users\Default\AppData\Local\temp 2012-07-23 12:13:24 . 2012-07-23 12:13:24 -------- d-----w- C:\Users\Administrator\AppData\Local\temp 2012-07-22 08:23:22 . 2012-07-22 08:23:22 388096 ----a-r- C:\Users\Erik\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-07-22 08:23:22 . 2012-07-22 08:23:22 -------- d-----w- C:\Program Files (x86)\Trend Micro 2012-07-16 08:45:31 . 2012-07-16 08:45:31 -------- d-----w- C:\Program Files (x86)\Oracle 2012-07-14 08:30:24 . 2012-07-14 08:30:24 -------- d-----w- C:\Users\Erik\AppData\Local\AVG Secure Search 2012-07-14 08:29:51 . 2012-07-14 08:30:05 -------- d-----w- C:\ProgramData\AVG Secure Search 2012-07-14 08:29:49 . 2012-07-16 08:22:24 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search 2012-07-14 08:29:49 . 2012-07-14 08:30:04 -------- d-----w- C:\Program Files (x86)\AVG Secure Search 2012-07-14 08:28:52 . 2012-07-14 08:28:52 -------- d-----w- C:\Windows\SysWow64\drivers\AVG 2012-07-14 08:28:15 . 2012-07-23 09:08:50 -------- d-----w- C:\Windows\system32\drivers\AVG 2012-07-14 08:09:01 . 2012-07-14 08:09:02 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi 2012-07-11 17:42:01 . 2012-06-12 03:02:52 3147264 ----a-w- C:\Windows\system32\win32k.sys 2012-07-11 06:46:58 . 2012-06-06 05:50:50 2003968 ----a-w- C:\Windows\system32\msxml6.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) 2012-07-11 17:38:47 . 2010-02-15 09:11:00 59701280 ----a-w- C:\Windows\system32\MRT.exe 2012-07-05 20:06:30 . 2012-06-01 14:57:32 772544 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-07-05 20:06:20 . 2010-04-30 06:48:26 687544 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-07-03 11:46:44 . 2012-06-13 14:40:57 24904 ----a-w- C:\Windows\system32\drivers\mbam.sys 2012-06-23 07:27:30 . 2012-06-23 07:27:45 19736 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-06-02 22:19:46 . 2012-06-23 08:27:59 38424 ----a-w- C:\Windows\system32\wups.dll 2012-06-02 22:19:43 . 2012-06-23 08:28:20 2428952 ----a-w- C:\Windows\system32\wuaueng.dll 2012-06-02 22:19:42 . 2012-06-23 08:28:21 57880 ----a-w- C:\Windows\system32\wuauclt.exe 2012-06-02 22:19:42 . 2012-06-23 08:28:21 44056 ----a-w- C:\Windows\system32\wups2.dll 2012-06-02 22:19:23 . 2012-06-23 08:27:59 701976 ----a-w- C:\Windows\system32\wuapi.dll 2012-06-02 22:15:31 . 2012-06-23 08:28:20 2622464 ----a-w- C:\Windows\system32\wucltux.dll 2012-06-02 22:15:08 . 2012-06-23 08:27:59 99840 ----a-w- C:\Windows\system32\wudriver.dll 2012-06-02 13:19:42 . 2012-06-23 08:27:43 186752 ----a-w- C:\Windows\system32\wuwebv.dll 2012-06-02 13:15:12 . 2012-06-23 08:27:43 36864 ----a-w- C:\Windows\system32\wuapp.exe 2012-05-08 17:02:23 . 2012-06-08 14:59:48 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{39AAABF1-2C9B-49D1-A41B-9E05587D2894}\mpengine.dll 2012-05-04 10:52:22 . 2012-06-13 13:16:57 5505392 ----a-w- C:\Windows\system32\ntoskrnl.exe 2012-05-04 10:08:16 . 2012-06-13 13:16:55 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:08:15 . 2012-06-13 13:16:56 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-02 05:32:43 . 2012-06-13 13:16:50 208896 ----a-w- C:\Windows\system32\profsvc.dll 2012-04-28 03:50:40 . 2012-06-13 13:16:29 204800 ----a-w- C:\Windows\system32\drivers\rdpwd.sys 2012-04-26 05:34:38 . 2012-06-13 13:17:05 76288 ----a-w- C:\Windows\system32\rdpwsx.dll 2012-04-26 05:34:37 . 2012-06-13 13:17:05 149504 ----a-w- C:\Windows\system32\rdpcorekmts.dll 2012-04-26 05:28:32 . 2012-06-13 13:17:03 9216 ----a-w- C:\Windows\system32\rdrmemptylst.exe 2010-06-15 01:54:36 . 2010-06-15 01:54:36 153008 ----a-w- C:\Program Files (x86)\fraps64.dll 2010-06-15 01:54:34 . 2010-06-15 01:54:34 206768 ----a-w- C:\Program Files (x86)\fraps32.dll 2010-06-15 01:54:32 . 2010-06-15 01:54:32 74672 ----a-w- C:\Program Files (x86)\fraps64.dat 2010-06-15 01:54:22 . 2010-06-15 01:54:22 2320304 ----a-w- C:\Program Files (x86)\fraps.exe 2010-06-15 01:46:32 . 2010-06-15 01:46:32 163840 ----a-w- C:\Program Files (x86)\frapslcd.dll ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}] 2012-04-11 20:08:22 87440 ----a-w- C:\Program Files (x86)\adawaretb\adawareDx.dll [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-07-14 08:29:49 2074208 ----a-w- C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "C:\Program Files (x86)\adawaretb\adawareDx.dll" [2012-04-11 20:08:22 87440] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-14 08:29:49 2074208] [HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}] [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 12:25:58 2363392] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-07-14 01:39:41 1475072] "HPADVISOR"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 14:26:44 1685048] "RGSC"="C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 13:35:36 305064] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-17 09:48:58 39408] "Steam"="C:\Program Files (x86)\Steam\steam.exe" [2011-08-02 08:34:14 1242448] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 21:17:16 98304] "HPCam_Menu"="c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-19 21:16:16 222504] "QlbCtrl.exe"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 12:19:48 323640] "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 16:10:28 35696] "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" [2009-09-02 11:00:00 60464] "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 13:50:04 54576] "WirelessAssistant"="C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 11:47:08 500792] "VirtualCloneDrive"="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 13:33:08 89456] "Ad-Aware Browsing Protection"="C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 09:09:36 198032] "LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 10:29:26 1996200] "AVG_TRAY"="C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 03:12:34 2587008] "vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe" [2012-07-14 08:29:49 1107552] "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 09:07:54 252296] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" R0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [2010-02-22 10:15:59 868848] R1 SBRE;SBRE;C:\Windows\system32\drivers\SBREdrv.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576] R2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 09:55:54 135664] R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-05-03 06:31:10 158856] R3 dump_wmimmc;dump_wmimmc;C:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys [x] R3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 09:55:54 135664] R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-21 03:39:22 140712] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 20:35:28 5434368] R3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des [x] R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 21:01:11 292864] R3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 21:01:11 1485312] R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 21:01:11 740864] R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-15 14:38:12 1255736] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys [2009-06-10 20:35:33 389120] S0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys [2012-04-19 02:50:26 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 02:46:48 36944] S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys [2012-02-22 03:25:32 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 11:32:14 47696] S1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys [2012-03-19 03:17:26 383808] S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 00:07:22 59904] S2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 21:42:58 89600] S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [2009-08-05 04:44:56 203264] S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 15:25:54 5160568] S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 02:53:38 193288] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 10:29:24 2369960] S2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe [2009-07-08 12:49:02 30520] S2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-07-14 08:29:50 935008] S3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 11:31:58 124496] S3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 11:32:04 29776] S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 12:21:32 227896] S3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 18:17:00 70656] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 06:52:30 215040] S3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys [2009-03-09 05:49:08 36408] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 00:07:28 17920] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-08-20 12:24:06 451872 ----a-w- C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe Inhoud van de 'Gedeelde Taken' map 2012-07-23 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 09:56:01 . 2010-08-17 09:55:54] 2012-07-23 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 09:56:01 . 2010-08-17 09:55:54] 2012-07-21 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3138168355-341146757-651766743-1001Core.job - C:\Users\Erik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-23 13:52:52 . 2012-03-28 11:52:50] 2012-07-23 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3138168355-341146757-651766743-1001UA.job - C:\Users\Erik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-23 13:52:52 . 2012-03-28 11:52:50] 2012-07-16 C:\Windows\Tasks\HPCeeScheduleForErik.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22:28 . 2009-10-07 03:22:28] --------- X64 Entries ----------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [2009-07-22 01:33:32 450048] "SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 08:48:50 610872] "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-11-27 23:02:16 171520] ------- Bijkomende Scan ------- uStart Page = hxxp://www.lauwerscollege.nl/ uLocal Page = C:\Windows\system32\blank.htm mLocal Page = C:\Windows\SysWOW64\blank.htm IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll FF - ProfilePath - C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2865317&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_1&u=AFBB9A88CC87736C2EF0A64FD4E5DFBC FF - prefs.js: keyword.URL - hxxp://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p= FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false - - - - ORPHANS VERWIJDERD - - - - WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) HKLM-Run-SynTPEnh - C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-Adobe Shockwave Player - C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-EasyBits Magic Desktop - C:\Windows\system32\ezMDUninstall.exe AddRemove-Fraps - C:\Program Files (x86)\uninstall.exe AddRemove-SAMSUNG CDMA Modem - C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe AddRemove-SAMSUNG Mobile USB Modem - C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe AddRemove-SAMSUNG Mobile USB Modem 1.0 - C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
-
Heb gescand met ComboFix, maar kan het logje niet terugvinden......
-
Oke, volgens mij hebben we te vroeg gejuicht. Het internet is nu weer even traag als voorheen.
-
Heb ik gedaan, ik weet niet of die meldingen nu weer terug gaan komen, maar mijn internet was de laatste tijd wel heel wat trager, en nu lijkt het heel wat sneller te gaan. Dus ik neem aan dat het opgelost is! Ik markeer het topic wel als opgelost, en als het terugkeert dan markeer ik hem wel weer als niet opgelost. (Ik markeer hem als opgelost als u dat ook goed vindt, i.v.m. het opruimen van gebruikte tools.) Geweldig! xD Hartelijk bedankt! Erik
-
Ik kreeg de melding voor het eerst twee weken geleden ongeveer, op google volgens mij. Heb er wat informatie over kunnen vinden en het weg kunnen krijgen met CCleaner. Sindsdien zie ik de melding zo nu en dan terugkomen als ik naar een site ga, dan haal ik hem weer weg met CCleaner. Maar dan komt de melding niet op google, dus niet op een specifieke website.
-
Heb gescand met MBAM, hierbij het logje: Malwarebytes Anti-Malware 1.62.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2012.07.23.05 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Erik :: ERIK-LAPTOP [administrator] 23-7-2012 11:14:56 mbam-log-2012-07-23 (11-14-56).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 216130 Verstreken tijd: 5 minuut/minuten, 2 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Erik
-
Hallo, Een paar weken geleden kreeg ik de melding: 'Welcome to Nginx!' als ik naar google ging. Even wat erover opgezocht en het bleek dat dit wegging door even te CCleanen. Toen was ik er vanaf. Maar sindsdien zie ik zo nu en dan weer Nginx verschijnen. Steeds weer geCCleaned. Maar nu toch maar even hier kijken of het door malware komt. Dus zou u er a.u.b. even naar kunnen kijken? HJT-logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:26:42, on 22-7-2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Users\Erik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Erik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Erik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Erik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Erik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Erik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Erik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Erik\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Lauwers College R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = This message is from the Microsoft Safety & Security Center R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\Erik\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14508 bytes Bedankt, Erik
-
Trojaans Paard PSW.Generic9
Erikm reageerde op Erikm's topic in Archief Bestrijding malware & virussen
OK, nogmaals hartelijk dank voor het fixen en de tips. Nu kan ik 'Opgelost' klikken! Erik ---------- Post toegevoegd om 19:45 ---------- Vorige post was om 19:44 ---------- OK. Hartelijk dank nogmaals voor het verwijderen van de Trojans en ook voor de tips! Nu op 'Opgelost' klikken! ---------- Post toegevoegd om 19:45 ---------- Vorige post was om 19:45 ---------- Hmm. Blijkbaar was het bericht toch verzonden nadat ik een tijdje al uitgelogd stond... Daarom dus het dubbele bericht, een beetje te snel gekeken. Erik -
Trojaans Paard PSW.Generic9
Erikm reageerde op Erikm's topic in Archief Bestrijding malware & virussen
HiJackThis is verwijderd, bedankt voor de site ook nog. Alles lijkt nu opgelost. Heeft u nog wat tips om mijn PC in de toekomst vrij te houden van Trojans/andere virussen? Erik -
Trojaans Paard PSW.Generic9
Erikm reageerde op Erikm's topic in Archief Bestrijding malware & virussen
OK. Ik heb nog wel HiJackThis op de laptop staan, die moet ik deinstalleren neem ik aan. Ook had ik nog wat vragen, ik zou het op prijs stellen als u die even zou kunnen beantwoorden: Waarom hebben alle Trojan Horses een andere extensie? (Slaat op zich helemaal nergens op ) Is het mogelijk om iemands PC te hacken via MSN? Hoe komen Trojans in een PC? Ik weet dat ze via gedownloade bestanden binnenkomen, maar kan het ook op andere manieren? Hartelijk bedankt voor het fixen van de laptop, geweldig! Erik -
Trojaans Paard PSW.Generic9
Erikm reageerde op Erikm's topic in Archief Bestrijding malware & virussen
Dat had ik ook al uitgevonden, maar bij alle 3 de processen staat geen gebruiker en omschrijving. Daarom viel me dat dus op.
