Ga naar inhoud

bm.silverlake

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    147

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door bm.silverlake

  1. bm.silverlake
    Hallo daar ben ik weer. Ik heb de hijack this gedownload en geinstalleerd nadat ik eerst de waarschuwing van veiligheidsredenen en blokkades had gekregen. Nu heb ik de "scan"aangeklikt,en ik krijg deze melding: "You have a particulary large amount of hijacked domains.Its probably better to delete the file itself then to fix each item (and create a back up) If u see the same ip adress in all reported O1 items, consider deleting your host file wich is located at C:WINDOWS SYSTEM32 drivers etc hosts.
  2. bm.silverlake
    Hoi de adviezen van ccleaner ,de systeemfouten,en herstel problemen heb ik uitgevoerd,en daarna opnieuw opgestart,maar de pc en internet worden er niet sneller op.(de pc maakt overigens nu wel een net iets adner geluid-maar miniem) Voor vandaag heb ik t wel even gehad,en ga morgen verder met de hijack this-optie. Fijne avond iedereen, bm.silverlake
  3. bm.silverlake
    OK, nu zijn er nog maar 7 foutieve en lege bestandsklasse-probleempjes. nu weer "herstel geselecteerde problemen" kiezen? en dan daarna opneuw opstarten?.of defragmenteren???
  4. bm.silverlake
    ok, dat heb ik nu gedaan,en het resultaat is een zeer lange lijst (ik schat zn stuk of 1000) met -ik neem maar aan-problemen.Ik kan nu kiezen voor herstel geselecteerde problemen. Maar: moet ik gewoon alles aanvinken?
  5. bm.silverlake
    ccleaner heb ik gevonden,maar iets met "systeemfouten"kan ik niet vinden.
  6. bm.silverlake
    Hallo Iedereen, Sinds kort heb ik diverse problemen met de pc en met internet. -trage pc..Opstarten gaat traag en iets simpels openen als "deze pc" of als "configuratiescherm//software" dat duurt minuten lang. - traag internet. Defragmenteren van externe schijf (een western digital ,1.5 tb aan capaciteit ,waarvan 360 GB gebruikt ) blijft haken op 54 % . Ik vermoed een virus,maar de Microsoft Security Essentials geeft bij een snelle scan geen geinfecteerde of kwalijke bestanden weer. De volledige scan, een paar dagen geleden bleef na een uurtje of 6 ook haken,maar gaf tot wat ie dan had gescand, geen schadelijke of kwalijke bestanden weer. Deze pc is een HG computer (real pro,intel core 2CPU ,4400@2.00 gHz met een kloksnelheid van 200GHz,100GB)) en heeft Windows XP. Verder staat er standaard Vuze/Azareus op,en dat is het enige dat wel supersnel opstart. Lijken deze problemen tesamen op een virus,en kan ik gaan doen wat ik een paar dagen geleden ook deed ( hijack this,adawarecleaner,antimalware ,en combifix) of zijn dit problemen van een andere orde? het is niet mijn eigen pc,vandaar dat ik t vraag,voor ik verder ga. met vriendelijke groeten bm.silverlake
  7. bm.silverlake
    Eerst had ik last van , en na het probleem in "de groep"te hebben gegooid,.werd ik door het geduld en de perfecte adviezen van doktor :alberteinstein:prima richting "pc-apotheek" geleid. De aldus voorgeschreven pc hulptroepen liet ik het ene :fight:na het andere :fight:uitvoeren,en na een korte hevige 3 daagse bits,bytes en virus oorlog kan ik meedelen dat de pc-:evil: tot dusver met succes verslagen (lijken te) zijn. Dat beloofde bloemetje stond niet in de smileylijst. Er stond wel iets met een bloemetje--maar dan wordt t meteen een date !
  8. bm.silverlake
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:24:57, on 31-7-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17110) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Jeroen\Bureaublad\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Documents and Settings\Jeroen\Bureaublad\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Jeroen\Bureaublad\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Documents and Settings\Jeroen\Bureaublad\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1177163796093 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177163853093 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ASP.NET-statusservice (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Documents and Settings\Jeroen\Bureaublad\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- End of file - 6777 bytes
  9. bm.silverlake
    Malwarebytes Anti-Malware (-evaluatieversie-) 1.62.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2012.07.31.10 Windows XP Service Pack 3 x86 NTFS Internet Explorer 7.0.5730.11 Jeroen :: BMSILVERLAKE [administrator] Realtime bescherming: Ingeschakeld 31-7-2012 20:05:15 mbam-log-2012-07-31 (20-05-15).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 199801 Verstreken tijd: 4 minuut/minuten, 21 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 12 HKCR\CLSID\{5ADF3862-9E2E-4ad3-86F7-4510E6550CD0} (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5ADF3862-9E2E-4AD3-86F7-4510E6550CD0} (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1F6581D5-AA53-4B73-A6F9-41420C6B61F1} (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C24493F-3D23-4258-9426-42C5FC3B8211} (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\aldd (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\CAC (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\DomainService (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\System\CurrentControlSet\Services\DomainService (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks|{7C24493F-3D23-4258-9426-42C5FC3B8211} (Trojan.Vundo) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{7C24493F-3D23-4258-9426-42C5FC3B8211} (Trojan.Vundo) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\Documents and Settings\Jeroen\Local Settings\Temp\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  10. bm.silverlake
    Hoi ik heb het dan over AdwCleaner. Omdat er bij de instructies als 2e staat: rechtsclick op AdwCleaner en selecteer als "administrator uitvoeren" Dan vraagt ie administrators `wachtwoord,en dat accepteert ie niet. Nu heb ik deze stap dan maa rovergeslagen en gewoon direct op stap 3 overgegaan en dan is dit het resultaat: # AdwCleaner v1.703 - Logfile created 07/31/2012 at 18:46:40 # Updated 20/07/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : Jeroen - BMSILVERLAKE # Running from : C:\Documents and Settings\Joyce\Mijn documenten\Downloads\adwcleaner(1).exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Documents and Settings\Jeroen\Local Settings\Application Data\Conduit Folder Deleted : C:\Documents and Settings\Jeroen\Application Data\Mozilla\Firefox\Profiles\87d23u2r.default\ConduitCommon Folder Deleted : C:\Program Files\BrowserCompanion Folder Deleted : C:\Program Files\Conduit File Deleted : C:\Documents and Settings\Jeroen\Application Data\Mozilla\Firefox\Profiles\87d23u2r.default\searchplugins\Conduit.xml ***** [Registry] ***** [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2849859 Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\BrowserCompanion Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\ConduitSearchScopes Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Toolbar Key Deleted : HKLM\SOFTWARE\Babylon Key Deleted : HKLM\SOFTWARE\Conduit Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} ***** [internet Browsers] ***** -\\ Internet Explorer v7.0.5730.11 [OK] Registry is clean. -\\ Mozilla Firefox v12.0 (nl) Profile name : default File : C:\Documents and Settings\Jeroen\Application Data\Mozilla\Firefox\Profiles\87d23u2r.default\prefs.js C:\Documents and Settings\Jeroen\Application Data\Mozilla\Firefox\Profiles\87d23u2r.default\user.js ... Deleted ! Deleted : user_pref("CT2849859..clientLogIsEnabled", false); Deleted : user_pref("CT2849859..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Deleted : user_pref("CT2849859..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Deleted : user_pref("CT2849859.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); Deleted : user_pref("CT2849859.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Deleted : user_pref("CT2849859.AppTrackingLastCheckTime", "Wed Aug 01 2012 01:37:49 GMT+0200"); Deleted : user_pref("CT2849859.BrowserCompStateIsOpen_129642291941260919", true); Deleted : user_pref("CT2849859.CTID", "CT2849859"); Deleted : user_pref("CT2849859.CurrentServerDate", "27-7-2012"); Deleted : user_pref("CT2849859.DSInstall", true); Deleted : user_pref("CT2849859.DialogsAlignMode", "LTR"); Deleted : user_pref("CT2849859.DialogsGetterLastCheckTime", "Wed Aug 01 2012 01:37:45 GMT+0200"); Deleted : user_pref("CT2849859.DownloadReferralCookieData", ""); Deleted : user_pref("CT2849859.EMailNotifierPollDate", "Wed Aug 01 2012 12:22:33 GMT+0200"); Deleted : user_pref("CT2849859.EnableSearchHistory", false); Deleted : user_pref("CT2849859.EnableSearchSuggest", false); Deleted : user_pref("CT2849859.FeedLastCount129349798534969678", 501); Deleted : user_pref("CT2849859.FeedPollDate129313974171006416", "Wed Aug 01 2012 12:09:02 GMT+0200"); Deleted : user_pref("CT2849859.FeedPollDate129313975698350231", "Wed Aug 01 2012 12:09:02 GMT+0200"); Deleted : user_pref("CT2849859.FeedPollDate129313976370850190", "Wed Aug 01 2012 11:37:40 GMT+0200"); Deleted : user_pref("CT2849859.FeedPollDate129313976648818968", "Wed Aug 01 2012 11:37:40 GMT+0200"); Deleted : user_pref("CT2849859.FeedPollDate129313977444757117", "Wed Aug 01 2012 11:37:41 GMT+0200"); Deleted : user_pref("CT2849859.FeedPollDate129313980389131455", "Wed Aug 01 2012 11:37:41 GMT+0200"); Deleted : user_pref("CT2849859.FeedPollDate129313980655381977", "Wed Aug 01 2012 12:09:02 GMT+0200"); Deleted : user_pref("CT2849859.FeedPollDate129313980886163259", "Wed Aug 01 2012 12:09:02 GMT+0200"); Deleted : user_pref("CT2849859.FeedPollDate129313981234756535", "Wed Aug 01 2012 11:37:42 GMT+0200"); Deleted : user_pref("CT2849859.FeedPollDate129313983226631720", "Wed Aug 01 2012 11:37:42 GMT+0200"); Deleted : user_pref("CT2849859.FeedPollDate129313983607725691", "Wed Aug 01 2012 11:37:42 GMT+0200"); Deleted : user_pref("CT2849859.FeedTTL129313974171006416", 10); Deleted : user_pref("CT2849859.FeedTTL129313977444757117", 15); Deleted : user_pref("CT2849859.FeedTTL129313980655381977", 5); Deleted : user_pref("CT2849859.FeedTTL129313981234756535", 5); Deleted : user_pref("CT2849859.FirstServerDate", "28-2-2012"); Deleted : user_pref("CT2849859.FirstTime", true); Deleted : user_pref("CT2849859.FirstTimeFF3", true); Deleted : user_pref("CT2849859.FixPageNotFoundErrors", true); Deleted : user_pref("CT2849859.GroupingServerCheckInterval", 1440); Deleted : user_pref("CT2849859.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Deleted : user_pref("CT2849859.HPChangedManually", false); Deleted : user_pref("CT2849859.HPInstall", true); Deleted : user_pref("CT2849859.HasUserGlobalKeys", true); Deleted : user_pref("CT2849859.HomePageProtectorEnabled", false); Deleted : user_pref("CT2849859.HomepageBeforeUnload", "hxxps://www.ixquick.com/ned/"); Deleted : user_pref("CT2849859.Initialize", true); Deleted : user_pref("CT2849859.InitializeCommonPrefs", true); Deleted : user_pref("CT2849859.InstallationAndCookieDataSentCount", 3); Deleted : user_pref("CT2849859.InstallationId", "ConduitXPEIntegration"); Deleted : user_pref("CT2849859.InstallationType", "ConduitXPEIntegration"); Deleted : user_pref("CT2849859.InstalledDate", "Tue Feb 28 2012 21:25:28 GMT+0100"); Deleted : user_pref("CT2849859.IsAlertDBUpdated", true); Deleted : user_pref("CT2849859.IsGrouping", false); Deleted : user_pref("CT2849859.IsInitSetupIni", true); Deleted : user_pref("CT2849859.IsMulticommunity", false); Deleted : user_pref("CT2849859.IsOpenThankYouPage", true); Deleted : user_pref("CT2849859.IsOpenUninstallPage", false); Deleted : user_pref("CT2849859.IsProtectorsInit", true); Deleted : user_pref("CT2849859.LanguagePackLastCheckTime", "Thu Jul 26 2012 21:06:02 GMT+0200"); Deleted : user_pref("CT2849859.LanguagePackReloadIntervalMM", 1440); Deleted : user_pref("CT2849859.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Deleted : user_pref("CT2849859.LastLogin_3.10.0.1", "Wed Apr 18 2012 00:20:02 GMT+0200"); Deleted : user_pref("CT2849859.LastLogin_3.12.0.7", "Thu Apr 26 2012 18:43:51 GMT+0200"); Deleted : user_pref("CT2849859.LastLogin_3.12.2.3", "Fri Jul 27 2012 07:41:46 GMT+0200"); Deleted : user_pref("CT2849859.LastLogin_3.9.0.3", "Thu Mar 01 2012 19:19:00 GMT+0100"); Deleted : user_pref("CT2849859.LatestVersion", "3.14.1.0"); Deleted : user_pref("CT2849859.Locale", "nl"); Deleted : user_pref("CT2849859.MCDetectTooltipHeight", "83"); Deleted : user_pref("CT2849859.MCDetectTooltipShow", false); Deleted : user_pref("CT2849859.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Deleted : user_pref("CT2849859.MCDetectTooltipWidth", "295"); Deleted : user_pref("CT2849859.MyStuffEnabledAtInstallation", true); Deleted : user_pref("CT2849859.OriginalFirstVersion", "3.9.0.3"); Deleted : user_pref("CT2849859.SHRINK_TOOLBAR", 1); Deleted : user_pref("CT2849859.SavedHomepage", "chrome://branding/locale/browserconfig.properties"); Deleted : user_pref("CT2849859.SearchCaption", "BittorrentBar_NL Customized Web Search"); Deleted : user_pref("CT2849859.SearchEngineBeforeUnload", "BittorrentBar_NL Customized Web Search"); Deleted : user_pref("CT2849859.SearchFromAddressBarIsInit", true); Deleted : user_pref("CT2849859.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT284[...] Deleted : user_pref("CT2849859.SearchInNewTabEnabled", true); Deleted : user_pref("CT2849859.SearchInNewTabIntervalMM", 1440); Deleted : user_pref("CT2849859.SearchInNewTabLastCheckTime", "Fri Jul 27 2012 08:19:30 GMT+0200"); Deleted : user_pref("CT2849859.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Deleted : user_pref("CT2849859.SearchProtectorEnabled", true); Deleted : user_pref("CT2849859.SearchProtectorToolbarDisabled", false); Deleted : user_pref("CT2849859.SendProtectorDataViaLogin", true); Deleted : user_pref("CT2849859.ServiceMapLastCheckTime", "Fri Jul 27 2012 08:19:31 GMT+0200"); Deleted : user_pref("CT2849859.SettingsLastCheckTime", "Wed Aug 01 2012 12:09:02 GMT+0200"); Deleted : user_pref("CT2849859.SettingsLastUpdate", "1337169810"); Deleted : user_pref("CT2849859.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2849859&SearchSource=13"); Deleted : user_pref("CT2849859.ThirdPartyComponentsInterval", 504); Deleted : user_pref("CT2849859.ThirdPartyComponentsLastCheck", "Wed Aug 01 2012 01:37:33 GMT+0200"); Deleted : user_pref("CT2849859.ThirdPartyComponentsLastUpdate", "1331805997"); Deleted : user_pref("CT2849859.ToolbarShrinkedFromSetup", false); Deleted : user_pref("CT2849859.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2849859"); Deleted : user_pref("CT2849859.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Deleted : user_pref("CT2849859.UserID", "UN86857935207247580"); Deleted : user_pref("CT2849859.ValidationData_Search", 1); Deleted : user_pref("CT2849859.ValidationData_Toolbar", 2); Deleted : user_pref("CT2849859.WeatherNetwork", ""); Deleted : user_pref("CT2849859.WeatherPollDate", "Wed Aug 01 2012 12:10:44 GMT+0200"); Deleted : user_pref("CT2849859.WeatherUnit", "C"); Deleted : user_pref("CT2849859.alertChannelId", "1241900"); Deleted : user_pref("CT2849859.approveUntrustedApps", false); Deleted : user_pref("CT2849859.autoDisableScopes", -1); Deleted : user_pref("CT2849859.backendstorage.cb_firstuse0100", "31"); Deleted : user_pref("CT2849859.backendstorage.cb_user_id_000", "43423134323831373133343336305F46697265666F78")[...] Deleted : user_pref("CT2849859.backendstorage.cbcountry_000", "4E4C"); Deleted : user_pref("CT2849859.backendstorage.cbfirsttime", "5475652046656220323820323031322032313A32353A33342[...] Deleted : user_pref("CT2849859.backendstorage.pairingkey", "36393835423231363946343245343743353331383041463331[...] Deleted : user_pref("CT2849859.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...] Deleted : user_pref("CT2849859.backendstorage.url_history0001", "687474703A2F2F7777772E6D6F7669656D657465722E6[...] Deleted : user_pref("CT2849859.backendstorage.uttorrents", "7B226275696C64223A32363736342C226C6162656C223A5B5D[...] Deleted : user_pref("CT2849859.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Deleted : user_pref("CT2849859.globalFirstTimeInfoLastCheckTime", "Wed Aug 01 2012 01:37:45 GMT+0200"); Deleted : user_pref("CT2849859.homepageProtectorEnableByLogin", true); Deleted : user_pref("CT2849859.initDone", true); Deleted : user_pref("CT2849859.isAppTrackingManagerOn", true); Deleted : user_pref("CT2849859.myStuffEnabled", true); Deleted : user_pref("CT2849859.myStuffPublihserMinWidth", 400); Deleted : user_pref("CT2849859.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Deleted : user_pref("CT2849859.myStuffServiceIntervalMM", 1440); Deleted : user_pref("CT2849859.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Deleted : user_pref("CT2849859.oldAppsList", "129349798532782160,129349798533094661,1000234,129791463124091731[...] Deleted : user_pref("CT2849859.revertSettingsEnabled", true); Deleted : user_pref("CT2849859.searchProtectorDialogDelayInSec", 10); Deleted : user_pref("CT2849859.searchProtectorEnableByLogin", true); Deleted : user_pref("CT2849859.testingCtid", ""); Deleted : user_pref("CT2849859.toolbarAppMetaDataLastCheckTime", "Fri Jul 27 2012 08:19:31 GMT+0200"); Deleted : user_pref("CT2849859.toolbarContextMenuLastCheckTime", "Wed Aug 01 2012 01:37:45 GMT+0200"); Deleted : user_pref("CT2849859.usagesFlag", 2); Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2849859&Search[...] Deleted : user_pref("CommunityToolbar.ConduitSearchList", "BittorrentBar_NL Customized Web Search"); Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2849859/CT2849859[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1241900/1237573/NL", "\"0\"[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2849859", [...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2849859",[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=nl", "\"938[...] Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Jeroen\\Applicatio[...] Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3"); Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", ""); Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2849859"); Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2849859"); Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2849859"); Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Apr 17 2012 16:19:59 GMT+0200"); Deleted : user_pref("CommunityToolbar.globalUserId", "18c69e5b-22c1-4e28-a391-128e37f0a00b"); Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2849859"); Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Aug 01 2012 01:37:4[...] Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440); Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Jul 31 2012 14:36:02 GMT+020[...] Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.locale", "en"); Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Jul 31 2012 14:35:53 GMT+0200"); Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Deleted : user_pref("CommunityToolbar.notifications.userId", "6c575579-e3e2-4fee-b2b2-42b3da0b2449"); Deleted : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties"); Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...] Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Deleted : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=112542&tt=3012_7&babsrc=NT_ss&mntr[...] Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)"); Deleted : user_pref("browser.search.defaultthis.engineName", "BittorrentBar_NL Customized Web Search"); Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2849859&Sea[...] Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)"); Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)"); Deleted : user_pref("extensions.BabylonToolbar.admin", false); Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false); Deleted : user_pref("extensions.BabylonToolbar.id", "4c71050d00000000000000110970f512"); Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15547"); Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q="); Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1"); Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1"); Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Deleted : user_pref("extensions.BabylonToolbar_i.babExt", ""); Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112542&tt=3012_7"); Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "4c71050d00000000000000110970f512"); Deleted : user_pref("extensions.BabylonToolbar_i.id", "4c71050d00000000000000110970f512"); Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15500"); Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true); Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=112542&tt=3012_[...] Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.29.11:11:34"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2849859&SearchSource=2&q=[...] -\\ Google Chrome v20.0.1132.57 File : C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences Deleted : "homepage": "hxxp://search.babylon.com/?affID=112542&tt=3012_7&babsrc=HP_ss&mntrId=4c71050d000[...] Deleted : "urls_to_restore_on_startup": [ "hxxp://search.babylon.com/?affID=112542&tt=3012_7&babsrc=H[...] Deleted : "icon_url": "hxxp://www.babylon.com/favicon.ico", Deleted : "keyword": "babylon.com", Deleted : "name": "Search the web (Babylon)", Deleted : "search_url": "hxxp://search.babylon.com/?q={searchTerms}&affID=112542&tt=3012_7&babsrc=SP_ss&[...] Deleted : "scriptable_host": [ "hxxp://*/*", "hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdC[...] Deleted : "matches": [ "hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdController.html*", "[...] Deleted : "path": "plugins/ConduitChromeApiPlugin.dll", Deleted : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT284985[...] Deleted : "homepage": "hxxp://search.babylon.com/?affID=112542&tt=3012_7&babsrc=HP_ss&mntrId=4c71050d000000[...] Deleted : "urls_to_restore_on_startup": [ "hxxp://search.babylon.com/?affID=112542&tt=3012_7&babsrc=HP_s[...] ************************* AdwCleaner[s1].txt - [21537 octets] - [31/07/2012 18:46:40] ########## EOF - C:\AdwCleaner[s1].txt - [21666 octets] ##########
  11. bm.silverlake
    Hallo, Ok,Ik heb dit gedaan,en dat werkt totdat `t bij "uitvoeren als administrator",een wachtworod vraagt. Mijn wachtwoord accepteert ie niet. Daar klopt iets niet! Hoe fix ik dat nu weer? ( en...Zit er soms iemand mee te kijken met wat ik op de pc doe?)
  12. bm.silverlake
    Hallo, Er is nog meer nieuws!. Gisteren kreeg ik de meldingen dat MBAM niet geinstalleerd werd,en dat er windows NT 4 of hoger werd vereist,en vandaag stond ie er gewoon op t bureaublad.(2 keer!) Ik heb t gecontroleerd bij "configuratiescherm//Software,..en ook daar staat ie gewoon in de lijst. Ik snap dit niet,maar t staat er nu dus wel op!. Net heb ik de "addons"lijst gecontroleerd,en daar is "oberon" (dus babylon) uit verdwenen. En ik heb niets verwijderd!. Van baylon echter,ben ik nog niet af. vandaag kwam t er niet echt van,maar met MBAM ga ik morgen uitvoeren wat me is geadviseerd. Daarna horen jullie meer. groeten,en fijne avond. bm.silverlake
  13. bm.silverlake
    Hallo , Daar ben ik weer;-) ik heb toch nog eerst een vraag: Wanneer ik naar configuratiescherm ga,en dan '"software"" ga,dan krijg ik uiteraard die lijst met programmas. Maar links is een kolom waar 4 icoontjes onder elkaar staan. Icoontje 1: programmas wijzigen of evrwijderen Icoontje 2: Nieuwe programmas toevoegegn Icoontje 3: Windows onderdelen toevoegen of verwijderen Icoontje 4: Programma toegang- en instellingen. Wanner ik nu Icoontje 4 kies dan krijg ik: 3 configuraties onder elkaar: -Microsoft Windows (ZONDER " xp" of andere toevoegingen erachter) -Niet Microsoft -Aangepast. Ik zie dat die laatste aangevinkt is. Helpt het als ik daar juist "microsoft Windows"aanvink? En dat dan Microsoft/Windows (in gedachten automatisch aangevuld met "xp") wel werkt?
  14. bm.silverlake
    Hallo, dank dat je zo laat nog antwoordt! Morgenvroeg ga ik met frisse moed doen wat je me adviseert.Ben nu wel n beetje moe. Wanneer dit gedoe voorbij is,kan je me vertellen waar ik t bloemetje naartoe kan sturen! Fijne avond nog, bm silverlake
  15. bm.silverlake
    Hallo, Bij de tip die je geeft kreeg ik de melding: combifix ondersteunt niet langer windows 2000. Wat op zich vreemd is,omdat de laatste windows update volgens configuratiescherm/software- is wel gewoon voor xp,op 11-07-2012. Heb ook gezocht op windows 2000..maar dat is natuurlijk onvindbaar.
  16. bm.silverlake
    Hallo, Ook daar krijg ik helaas dezelfde melding. Wel ben ik er inmiddels achter dat via deze pc//eigenschappen//tabblad algemeen mij verteld dat deze pc uit 2002 komt,en dat er microsoft windows xp ,professional,als systeem heeft,met daarbij "servicepack 3. Verder is dit een AMD Athlon 64 Processor 3000+ met een kloksnelheid van 2.00GHz. 1.93GB met de extensie van een fysiek adres. Misschien heb je er iets aan,en dat je me een precieze tip kan geven? ;-) bij voorbaat dank.
  17. bm.silverlake
    Hallo, Stap 1 met de hijackthis/scan/items selecteren en "fixchecked"ging prima. Stap 2 ,Bij het downloaden van MBAM malwarebytes Anti Malware (set up-exe-)krijg ik deze melding: "dit programma vereist Windows NT versie 4.0 of hoger"
  18. bm.silverlake
    hallo, dank je wel. Het was even knutselen met dat logje,maar het is gelukt. Ik heb wel een klein foutje gemaakt: ik heb sinds kort geen "google" meer,maar "ixquick"als opstartpagina,en dat msn messenger nu ook problemen ondervindt.Niet met het openen,maar met "nieuw bericht sturen"of "reageren op een email"wel. Dan crashen msn en firefox samen,en moet ik firefox opnieuw openen. (ook te zien in dat logje: alles van msn is rood ;-(
  19. bm.silverlake
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:23:04, on 29-7-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17110) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://ixquick.com/ned/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/nokiafreeunlockcalculator/{DB024E3E-EE86-4FEC-BDF9-D84526CAD3A8} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R3 - URLSearchHook: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\prxtbBitt.dll (file missing) O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BittorrentBar_NL - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\prxtbBitt.dll (file missing) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\prxtbBitt.dll (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1177163796093 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177163853093 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ASP.NET-statusservice (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- End of file - 7328 bytes
  20. bm.silverlake
    Hallo iedereen, Onlangs heb ik iets van nokia gedownload,en er gratis "babylon"bijgekregen. Inmiddels heb ik van alles gedaan om babylon (ook bekend als oberon) eraf te krijgen,maar tot nu toe lukt dit niet. Wat ik gedaan heb is dit: 1.computer scannen met avast,en alle gevonden schadelijke bestanden eraf gegooid,en onieuw opgestart 2.bij de add ons en de plug ins : oberon en babylon uitgeschakeld. 3. start/configuratiescherm/software : alles van babylon/oberon verwijderd. 4. onder deze pc/c/programm files en onder alle downloads van nokia/babylon/oberon verwijderd. bij "zoeken"alle programmas van oberon/babylon/nokia verwijderd. 5. opnieuw pc gescand,opnieuw opgestart 6.bij internetopties baylon als startpagina verwijderd,en er weer google voor in de plaats gezet. En het enige resultaat tot nu toe is dat de startpagina wel in google opstart,maar dat het tweede tabblad toch weer babylon pakt. Wie o wie kan mij helpen om deze ongewenste babylon voorgoed van mijn pc te krijgen? overige informatie: -ik heb avast als anti virus programma -de pc heeft Firefox en geen internet explorer mvg bm.silverlake
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.