Ga naar inhoud

Bijou

Lid
  • Items

    11
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door Bijou

  1. gelukt! probleem opgelost - nogmaals bedankt!
  2. ik heb meerdere malen een zoekopdracht gestart op mystart en incredibar, aantal dingen nog verwijderd en NOG krijg ik die mystart pagina in firefox bij een nieuw tab en nog steeds kan ik dat veranderen maar als ik firefox opniew opstart is het er weer
  3. is al weg neem ik aan - geen zoekresultaten.
  4. # AdwCleaner v1.801 - Logfile created 08/29/2012 at 19:57:18 # Updated 14/08/2012 by Xplode # Operating system : Windows Vista Home Premium Service Pack 2 (32 bits) # User : Bijou - PC_VAN_BIJOU # Boot Mode : Normal # Running from : C:\Users\Bijou\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Users\Bijou\AppData\LocalLow\BabylonToolbar Folder Deleted : C:\Users\Bijou\AppData\LocalLow\boost_interprocess Folder Deleted : C:\Users\Bijou\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Bijou\AppData\LocalLow\SweetIM Folder Deleted : C:\Users\Jan\AppData\LocalLow\boost_interprocess Folder Deleted : C:\Users\Jan\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Jan\AppData\LocalLow\SweetIM Folder Deleted : C:\Users\Jan\AppData\LocalLow\Vuze_Remote Folder Deleted : C:\Users\Gerda\AppData\LocalLow\SweetIM Folder Deleted : C:\Users\Bijou\AppData\Roaming\Mozilla\Firefox\Profiles\re5nm11e.default\Conduit Folder Deleted : C:\Users\Bijou\AppData\Roaming\Mozilla\Firefox\Profiles\re5nm11e.default\ConduitEngine Folder Deleted : C:\ProgramData\Trymedia Folder Deleted : C:\Program Files\Conduit File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml ***** [Registry] ***** [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091 Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\SweetIm Key Deleted : HKLM\SOFTWARE\Babylon Key Deleted : HKLM\SOFTWARE\BabylonToolbar Key Deleted : HKLM\SOFTWARE\Conduit Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Deleted : HKLM\SOFTWARE\SweetIM Key Deleted : HKLM\SOFTWARE\Web Assistant Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.19298 [OK] Registry is clean. -\\ Mozilla Firefox v15.0 (nl) Profile name : default File : C:\Users\Bijou\AppData\Roaming\Mozilla\Firefox\Profiles\re5nm11e.default\prefs.js C:\Users\Bijou\AppData\Roaming\Mozilla\Firefox\Profiles\re5nm11e.default\user.js ... Deleted ! Deleted : user_pref("CT2365905.CTID", "CT2365905"); Deleted : user_pref("CT2365905.DialogsAlignMode", "LTR"); Deleted : user_pref("CT2365905.EMailNotifierPollDate", "Tue Feb 02 2010 16:50:11 GMT+0100"); Deleted : user_pref("CT2365905.FeedLastCount128460900971181341", 166); Deleted : user_pref("CT2365905.FeedPollDate128460898315556274", "Tue Feb 02 2010 16:50:09 GMT+0100"); Deleted : user_pref("CT2365905.FeedPollDate128460899415556929", "Tue Feb 02 2010 16:50:09 GMT+0100"); Deleted : user_pref("CT2365905.FeedPollDate128460899564463182", "Tue Feb 02 2010 16:50:09 GMT+0100"); Deleted : user_pref("CT2365905.FeedPollDate128460899661963361", "Tue Feb 02 2010 16:50:09 GMT+0100"); Deleted : user_pref("CT2365905.FeedPollDate128460899768994715", "Tue Feb 02 2010 16:50:09 GMT+0100"); Deleted : user_pref("CT2365905.FeedPollDate128479826070094154", "Tue Feb 02 2010 16:50:10 GMT+0100"); Deleted : user_pref("CT2365905.FeedTTL128460898315556274", 5); Deleted : user_pref("CT2365905.FeedTTL128460899415556929", 20); Deleted : user_pref("CT2365905.FeedTTL128460899564463182", 30); Deleted : user_pref("CT2365905.FeedTTL128460899661963361", 15); Deleted : user_pref("CT2365905.FirstTime", true); Deleted : user_pref("CT2365905.FirstTimeFF3", true); Deleted : user_pref("CT2365905.FixPageNotFoundErrors", true); Deleted : user_pref("CT2365905.Initialize", true); Deleted : user_pref("CT2365905.InitializeCommonPrefs", true); Deleted : user_pref("CT2365905.InstalledDate", "Tue Feb 02 2010 16:50:10 GMT+0100"); Deleted : user_pref("CT2365905.InvalidateCache", false); Deleted : user_pref("CT2365905.IsGrouping", false); Deleted : user_pref("CT2365905.IsMulticommunity", false); Deleted : user_pref("CT2365905.IsOpenThankYouPage", true); Deleted : user_pref("CT2365905.IsOpenUninstallPage", true); Deleted : user_pref("CT2365905.LanguagePackLastCheckTime", "Tue Feb 02 2010 16:50:10 GMT+0100"); Deleted : user_pref("CT2365905.Locale", "en-us"); Deleted : user_pref("CT2365905.MCDetectTooltipHeight", "83"); Deleted : user_pref("CT2365905.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Deleted : user_pref("CT2365905.MCDetectTooltipWidth", "295"); Deleted : user_pref("CT2365905.RadioLastCheckTime", "Tue Feb 02 2010 16:50:11 GMT+0100"); Deleted : user_pref("CT2365905.RadioLastUpdateIPServer", "0"); Deleted : user_pref("CT2365905.SHRINK_TOOLBAR", 1); Deleted : user_pref("CT2365905.SearchFromAddressBarIsInit", true); Deleted : user_pref("CT2365905.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT236[...] Deleted : user_pref("CT2365905.SettingsCheckIntervalMin", 120); Deleted : user_pref("CT2365905.SettingsLastCheckTime", "Tue Feb 02 2010 16:50:06 GMT+0100"); Deleted : user_pref("CT2365905.SettingsLastUpdate", "1265116750"); Deleted : user_pref("CT2365905.ThirdPartyComponentsInterval", 504); Deleted : user_pref("CT2365905.ThirdPartyComponentsLastCheck", "Tue Feb 02 2010 16:50:05 GMT+0100"); Deleted : user_pref("CT2365905.ThirdPartyComponentsLastUpdate", "1265116750"); Deleted : user_pref("CT2365905.WeatherNetwork", ""); Deleted : user_pref("CT2365905.WeatherPollDate", "Tue Feb 02 2010 16:50:09 GMT+0100"); Deleted : user_pref("CT2365905.WeatherUnit", "C"); Deleted : user_pref("CT2365905.alertChannelId", "760943"); Deleted : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Deleted : user_pref("CT2504091.CTID", "CT2504091"); Deleted : user_pref("CT2504091.CurrentServerDate", "1-8-2010"); Deleted : user_pref("CT2504091.DialogsAlignMode", "LTR"); Deleted : user_pref("CT2504091.EMailNotifierPollDate", "Sun Aug 01 2010 21:24:36 GMT+0200"); Deleted : user_pref("CT2504091.FeedLastCount129079840422964131", 10); Deleted : user_pref("CT2504091.FeedPollDate128891351169457132", "Sun Aug 01 2010 21:24:34 GMT+0200"); Deleted : user_pref("CT2504091.FeedPollDate129079840422964131", "Sun Aug 01 2010 21:24:34 GMT+0200"); Deleted : user_pref("CT2504091.FeedTTL128891351169457132", 40); Deleted : user_pref("CT2504091.FirstServerDate", "11-4-2010"); Deleted : user_pref("CT2504091.FirstTime", true); Deleted : user_pref("CT2504091.FirstTimeFF3", true); Deleted : user_pref("CT2504091.FixPageNotFoundErrors", true); Deleted : user_pref("CT2504091.GroupingServerCheckInterval", 1440); Deleted : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Deleted : user_pref("CT2504091.Initialize", true); Deleted : user_pref("CT2504091.InitializeCommonPrefs", true); Deleted : user_pref("CT2504091.InstalledDate", "Sun Apr 11 2010 12:06:49 GMT+0200"); Deleted : user_pref("CT2504091.IsGrouping", false); Deleted : user_pref("CT2504091.IsMulticommunity", false); Deleted : user_pref("CT2504091.IsOpenThankYouPage", false); Deleted : user_pref("CT2504091.IsOpenUninstallPage", false); Deleted : user_pref("CT2504091.LanguagePackLastCheckTime", "Sun Aug 01 2010 21:24:37 GMT+0200"); Deleted : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440); Deleted : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Deleted : user_pref("CT2504091.LastLogin_2.5.8.6", "Sun Aug 01 2010 21:24:35 GMT+0200"); Deleted : user_pref("CT2504091.LatestVersion", "2.1.0.18"); Deleted : user_pref("CT2504091.Locale", "en-us"); Deleted : user_pref("CT2504091.LoginCache", 4); Deleted : user_pref("CT2504091.MCDetectTooltipHeight", "83"); Deleted : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Deleted : user_pref("CT2504091.MCDetectTooltipWidth", "295"); Deleted : user_pref("CT2504091.SHRINK_TOOLBAR", 1); Deleted : user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...] Deleted : user_pref("CT2504091.SearchFromAddressBarIsInit", true); Deleted : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...] Deleted : user_pref("CT2504091.SearchInNewTabEnabled", true); Deleted : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440); Deleted : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Sun Aug 01 2010 21:24:34 GMT+0200"); Deleted : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Deleted : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Deleted : user_pref("CT2504091.SettingsCheckIntervalMin", 120); Deleted : user_pref("CT2504091.SettingsLastCheckTime", "Sun Aug 01 2010 21:24:34 GMT+0200"); Deleted : user_pref("CT2504091.SettingsLastUpdate", "1265745383"); Deleted : user_pref("CT2504091.ThirdPartyComponentsInterval", 504); Deleted : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Sun Aug 01 2010 21:24:34 GMT+0200"); Deleted : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1265745383"); Deleted : user_pref("CT2504091.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...] Deleted : user_pref("CT2504091.UserID", "UN55622913330882520"); Deleted : user_pref("CT2504091.ValidationData_Toolbar", 1); Deleted : user_pref("CT2504091.alertChannelId", "897164"); Deleted : user_pref("CT2504091.clientLogIsEnabled", true); Deleted : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Deleted : user_pref("CT2504091.myStuffEnabled", true); Deleted : user_pref("CT2504091.myStuffPublihserMinWidth", 400); Deleted : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Deleted : user_pref("CT2504091.myStuffServiceIntervalMM", 1440); Deleted : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Deleted : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...] Deleted : user_pref("CommunityToolbar.EngineOwner", ""); Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", ""); Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", ""); Deleted : user_pref("CommunityToolbar.IsEngineShown", true); Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", ""); Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", ""); Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", ""); Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://flvdirect.iamwired.net/websearch.[...] Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2365905,CT2504091,ConduitEngine"); Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2365905,CT2504091"); Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60); Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Feb 02 2010 16:50:09 GMT+0100"); Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Deleted : user_pref("CommunityToolbar.alert.locale", "en"); Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Feb 02 2010 16:50:06 GMT+0100"); Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1234796400"); Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false); Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Deleted : user_pref("CommunityToolbar.alert.userId", "{95bb9ba9-96c1-4f6c-929a-ff9a06f77cdd}"); Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sat Mar 26 2011 12:56:49 GMT+0100"); Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Mar 26 2011 12:56:39 GMT+0100"); Deleted : user_pref("ConduitEngine.FirstServerDate", "03/26/2011 14"); Deleted : user_pref("ConduitEngine.FirstTimeFF3", true); Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true); Deleted : user_pref("ConduitEngine.Initialize", true); Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true); Deleted : user_pref("ConduitEngine.InstalledDate", "Sat Mar 26 2011 12:56:40 GMT+0100"); Deleted : user_pref("ConduitEngine.IsMulticommunity", false); Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false); Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true); Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Mar 26 2011 12:56:39 GMT+0100"); Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Mar 26 2011 12:56:40 GMT+0100"); Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Mar 26 2011 12:56:38 GMT+0100"); Deleted : user_pref("ConduitEngine.Uninstall", true); Deleted : user_pref("ConduitEngine.UserID", "UN41179696711756928"); Deleted : user_pref("ConduitEngine.engineLocale", "nl"); Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Mar 26 2011 12:56:39 GMT+0100"); Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Mar 26 2011 12:56:40 GMT+0100"); Deleted : user_pref("ConduitEngine.initDone", true); Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true); Deleted : user_pref("ConduitEngine.usagesFlag", 2); Deleted : user_pref("extensions.BabylonToolbar.babExt", ""); Deleted : user_pref("extensions.BabylonToolbar.babTrack", ""); Deleted : user_pref("extensions.BabylonToolbar.babext", ""); Deleted : user_pref("extensions.BabylonToolbar.babtrack", ""); Deleted : user_pref("extensions.BabylonToolbar.bbdpng", 0); Deleted : user_pref("extensions.BabylonToolbar.cntry", ""); Deleted : user_pref("extensions.BabylonToolbar.dfltsrch", ""); Deleted : user_pref("extensions.BabylonToolbar.envrmnt", ""); Deleted : user_pref("extensions.BabylonToolbar.firstrun", false); Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", ""); Deleted : user_pref("extensions.BabylonToolbar.hmpg", false); Deleted : user_pref("extensions.BabylonToolbar.hrdid", ""); Deleted : user_pref("extensions.BabylonToolbar.isdcmntcmplt", true); Deleted : user_pref("extensions.BabylonToolbar.keywordurl", ""); Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", ""); Deleted : user_pref("extensions.BabylonToolbar.lastdp", 0); Deleted : user_pref("extensions.BabylonToolbar.mntrvrsn", ""); Deleted : user_pref("extensions.BabylonToolbar.newTab", false); Deleted : user_pref("extensions.BabylonToolbar.newtab", "false"); Deleted : user_pref("extensions.BabylonToolbar.newtaburl", ""); Deleted : user_pref("extensions.BabylonToolbar.savedVrsnTs", ""); Deleted : user_pref("extensions.BabylonToolbar.sg", ""); Deleted : user_pref("extensions.BabylonToolbar.smplGrp", ""); Deleted : user_pref("extensions.BabylonToolbar.smplgrp", ""); Deleted : user_pref("extensions.BabylonToolbar.srcExt", ""); Deleted : user_pref("extensions.BabylonToolbar.srcext", ""); Deleted : user_pref("extensions.BabylonToolbar.srch", ""); Deleted : user_pref("extensions.BabylonToolbar.srchprvdr", ""); Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", ""); Deleted : user_pref("extensions.BabylonToolbar.vrsnts", ""); Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", ""); Deleted : user_pref("extensions.incredibar.admin", false); Deleted : user_pref("extensions.incredibar.aflt", ""); Deleted : user_pref("extensions.incredibar.cntry", ""); Deleted : user_pref("extensions.incredibar.dfltLng", ""); Deleted : user_pref("extensions.incredibar.dfltSrch", false); Deleted : user_pref("extensions.incredibar.did", ""); Deleted : user_pref("extensions.incredibar.envrmnt", ""); Deleted : user_pref("extensions.incredibar.excTlbr", false); Deleted : user_pref("extensions.incredibar.hdrMd5", ""); Deleted : user_pref("extensions.incredibar.hmpg", false); Deleted : user_pref("extensions.incredibar.id", ""); Deleted : user_pref("extensions.incredibar.installerproductid", ""); Deleted : user_pref("extensions.incredibar.instlDay", ""); Deleted : user_pref("extensions.incredibar.instlRef", ""); Deleted : user_pref("extensions.incredibar.isDcmntCmplt", false); Deleted : user_pref("extensions.incredibar.lastVrsnTs", ""); Deleted : user_pref("extensions.incredibar.mntrvrsn", ""); Deleted : user_pref("extensions.incredibar.newTab", false); Deleted : user_pref("extensions.incredibar.noFFXTlbr", false); Deleted : user_pref("extensions.incredibar.ppd", ""); Deleted : user_pref("extensions.incredibar.prdct", ""); Deleted : user_pref("extensions.incredibar.productid", ""); Deleted : user_pref("extensions.incredibar.prtnrId", ""); Deleted : user_pref("extensions.incredibar.sg", ""); Deleted : user_pref("extensions.incredibar.smplGrp", ""); Deleted : user_pref("extensions.incredibar.tlbrId", ""); Deleted : user_pref("extensions.incredibar.tlbrSrchUrl", ""); Deleted : user_pref("extensions.incredibar.upn2", ""); Deleted : user_pref("extensions.incredibar.upn2n", ""); Deleted : user_pref("extensions.incredibar.vrsn", ""); Deleted : user_pref("extensions.incredibar.vrsnTs", ""); Deleted : user_pref("extensions.incredibar.vrsni", ""); Profile name : default File : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\ui18vpv2.default\prefs.js [OK] File is clean. Profile name : default File : C:\Users\Gerda\AppData\Roaming\Mozilla\Firefox\Profiles\5swzus3g.default\prefs.js [OK] File is clean. -\\ Google Chrome v21.0.1180.83 File : C:\Users\Bijou\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. File : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[s1].txt - [21023 octets] - [29/08/2012 19:57:18] ########## EOF - C:\AdwCleaner[s1].txt - [21152 octets] ########## ik krijg nog steeds mystart.incredibar.com/mb139?a=6R8DgWpuvo&loc=FF_NT als ik een nieuw tab open in firefox wat ik weer kan wijzigen via about:config maar dan ook weer terug is zodra ik firefox herstart. De rest is weg - alleen dit nog.
  5. dat heb ik gedaan. Ik krijg als ik bv zoek op incredibar een hele rits extensions.incredibar.nog iets, daarvan heb ik alle string waarden weggehaald (er staat ook boolean dat kan ik alleen van false naar true veranderen) - en die blijven dan ook weg - ook na opnieuw opstarten van firefox. alleen de browser.newtab.url geeft dan weer mystart aan. ook al heb ik daarvoor google of wat dan ook ingevoerd - zodra ik firefox herstart is het weer terug.
  6. Hoe verwijder ik dat dan? Behalve rechts klikken en dan wissen wat er in het pop upje staat - want dat werkt niet. Telkens als ik de mystart url verander in iets anders voor de nieuwe tabs duurt dat maar zolang als firefox actief is. zodra ik het sluit en later weer start is het weer terug.
  7. Het is toch nog niet helemaal weg. ik kan via about:config in firefox de website voor de tabs veranderen maar zodra ik de browser dan sluit (en later weer start) is die mystart pagina weer terug in de nieuwe tabs. ook zie ik in de lijst die ik krijg na about:config in te voeren nog mystart dingen staan. mystart, babylon, web assistant.
  8. ja, nog steeds die startpagina als ik een nieuw tab open in firefox.
  9. Hij is niet opnieuw opgestart maar dit is de nieuwe log van combofix ComboFix 12-08-25.04 - Bijou 27-08-2012 18:36:18.4.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3071.1876 [GMT 2:00] Gestart vanuit: c:\users\Bijou\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Bijou\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "C:\user.js" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Babylon c:\programdata\InstallMate c:\programdata\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\_Setup.dll c:\programdata\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\_Setupx.dll c:\programdata\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\20120826194345.log c:\programdata\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\Setup.dat c:\programdata\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\Setup.exe c:\programdata\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\Setup.ico c:\programdata\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\TsuDll.dll c:\programdata\InstallMate\71064EA2\cfg\1.ini c:\programdata\InstallMate\71064EA2\cfg\1_1.ini c:\programdata\InstallMate\71064EA2\cfg\1_1_1.ini c:\programdata\Premium c:\users\Bijou\AppData\Roaming\Babylon c:\users\Bijou\AppData\Roaming\Babylon\log_file.txt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-27 to 2012-08-27 )))))))))))))))))))))))))))))) . . 2012-08-27 16:45 . 2012-08-27 16:45 -------- d-----w- c:\users\TEMP\AppData\Local\temp 2012-08-27 16:45 . 2012-08-27 16:45 -------- d-----w- c:\users\Jan\AppData\Local\temp 2012-08-27 16:45 . 2012-08-27 16:45 -------- d-----w- c:\users\Gerda\AppData\Local\temp 2012-08-27 16:45 . 2012-08-27 16:45 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-24 10:00 . 2012-08-01 22:51 7023536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ABAC2417-8775-4BEE-B72C-ABA14E19144F}\mpengine.dll 2012-08-16 00:39 . 2012-07-04 14:02 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-08-15 21:33 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll 2012-08-09 12:55 . 2012-08-26 17:50 758 ----a-w- C:\user.js 2012-08-05 20:26 . 2012-08-05 20:26 -------- d-----w- c:\programdata\Vizzed 2012-08-05 20:26 . 2012-08-05 20:26 -------- d-----w- c:\program files\Vizzed . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-21 09:13 . 2011-05-20 22:49 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-08-21 09:13 . 2008-04-03 10:03 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-08-21 09:13 . 2008-04-03 10:03 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-08-21 09:13 . 2008-04-03 10:03 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-08-21 09:13 . 2008-04-03 10:02 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-08-21 09:13 . 2008-04-03 10:03 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-08-21 09:12 . 2010-06-29 12:50 41224 ----a-w- c:\windows\avastSS.scr 2012-08-21 09:12 . 2008-04-03 10:02 227648 ----a-w- c:\windows\system32\aswBoot.exe 2012-07-09 17:44 . 2012-07-09 17:44 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-03 11:46 . 2012-06-13 14:20 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-21 10:25 . 2012-06-21 10:26 476936 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-06-21 10:25 . 2011-12-09 15:41 472840 ----a-w- c:\windows\system32\deployJava1.dll 2012-06-12 10:37 . 2012-06-12 10:37 887888 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-06-05 16:47 . 2012-07-11 20:58 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 16:47 . 2012-07-11 20:58 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 15:26 . 2012-07-11 20:58 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 22:19 . 2012-06-23 11:37 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-23 11:37 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-23 11:36 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-23 11:36 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:19 . 2012-06-23 11:37 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:12 . 2012-06-23 11:37 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:12 . 2012-06-23 11:36 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-23 11:36 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:12 . 2012-06-23 11:36 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 00:04 . 2012-07-11 20:58 278528 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 00:03 . 2012-07-11 20:58 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-05-31 10:25 . 2009-10-02 23:33 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-07-14 00:15 . 2012-08-26 19:50 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2008-09-22 17:16 . 2007-12-24 10:15 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-08-21 09:12 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 1120568] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-30 39408] "MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 4390912] "MSPService"="c:\program files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe" [2007-06-12 102400] "toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672] "ACTIVBOARD"="c:\program files\Packard Bell\FIJI\aboard.exe" [2007-01-18 79416] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240] "MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-08 240992] "Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280] "TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2012-05-20 296056] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776] . c:\users\Bijou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"="" "FirewallOverride"="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-10-17 15:46] . 2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-10-17 15:46] . 2012-08-27 c:\windows\Tasks\Recovery DVD Creator.job - c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2007-12-24 16:34] . 2012-08-27 c:\windows\Tasks\Uitgebreide garantie.job - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-12-24 16:38] . 2012-08-27 c:\windows\Tasks\User_Feed_Synchronization-{0FBE96B4-EB3C-44EA-A55F-B8C24E08D3E7}.job - c:\windows\system32\msfeedssync.exe [2012-08-15 08:18] . 2012-08-27 c:\windows\Tasks\User_Feed_Synchronization-{3F4C6E0D-1F58-4A59-B5CF-C223289C3D9D}.job - c:\windows\system32\msfeedssync.exe [2012-08-15 08:18] . . ------- Bijkomende Scan ------- . mStart Page = hxxp://www.tropal.net/ uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 Trusted Zone: vizzed.com\www TCP: DhcpNameServer = 213.46.228.196 62.179.104.196 DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://www.shockwave.com/content/doggiedash/sis/DoggieDash.1.0.0.6.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game05.zylom.com/activex/zylomgamesplayer.cab DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} - hxxp://www.shockwave.com/content/petshophop/sis/petshophopweb.1.0.0.17.cab FF - ProfilePath - c:\users\Bijou\AppData\Roaming\Mozilla\Firefox\Profiles\re5nm11e.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=VIATDF&PC=VIATDF&q= FF - prefs.js: browser.startup.homepage - hxxp://nl.msn.com/ FF - prefs.js: network.proxy.http - 173.45.229.79 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.type - 0 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-08-27 18:46 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Voltooingstijd: 2012-08-27 18:48:10 ComboFix-quarantined-files.txt 2012-08-27 16:48 ComboFix2.txt 2012-08-27 13:42 ComboFix3.txt 2012-08-27 12:39 ComboFix4.txt 2012-08-26 21:31 . Pre-Run: 212.128.243.712 bytes beschikbaar Post-Run: 212.108.746.752 bytes beschikbaar . - - End Of File - - 29F1D6E550BBF3815EF221E1D37DF2AF en dit is het nieuwste logje van HijackThis ogfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:50:39, on 27-8-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19298) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Packard Bell\FIJI\ABoard.exe C:\Program Files\Packard Bell\FIJI\AOSD.exe C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\real\realplayer\Update\realsched.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\Apple\Internet Services\ubd.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\conime.exe C:\Windows\system32\notepad.exe C:\Windows\explorer.exe C:\Users\Bijou\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = tropal.net R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [MSPService] C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O15 - Trusted Zone: Vizzed Board O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://domino-199.portfolio4u.nl/qp2.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab O16 - DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} (CPlayFirstDoggieDashControl Object) - http://www.shockwave.com/content/doggiedash/sis/DoggieDash.1.0.0.6.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} (CPlayFirstPetShopHopControl Object) - http://www.shockwave.com/content/petshophop/sis/petshophopweb.1.0.0.17.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - Unknown owner - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (file missing) O23 - Service: stllssvr - Unknown owner - C:\\Program Files\\Common Files\\SureThing Shared\\stllssvr.exe (file missing) -- End of file - 10955 bytes
  10. Hallo, ik heb sinds gister mystart incredibar op m'n computer en ik kom er maar niet vanaf. Ik heb al via instructies op dit forum het een en ander geprobeerd maar als ik een nieuw tabblad open in firefox heb ik weer die mystart zoekmachine pagina. dit is de laatste scan van HijackThis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:05:45, on 27-8-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19298) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Packard Bell\FIJI\ABoard.exe C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\real\realplayer\Update\realsched.exe C:\Program Files\Packard Bell\FIJI\AOSD.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\Apple\Internet Services\ubd.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\conime.exe C:\Windows\Explorer.exe C:\Windows\system32\notepad.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\Bijou\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = tropal.net R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (file missing) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [MSPService] C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Sonic INSTALLit! Setup.lnk = C:\Users\Bijou\AppData\Local\Temp\VIES4542\setup.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O15 - Trusted Zone: Vizzed Board O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://domino-199.portfolio4u.nl/qp2.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab O16 - DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} (CPlayFirstDoggieDashControl Object) - http://www.shockwave.com/content/doggiedash/sis/DoggieDash.1.0.0.6.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} (CPlayFirstPetShopHopControl Object) - http://www.shockwave.com/content/petshophop/sis/petshophopweb.1.0.0.17.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - Unknown owner - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (file missing) O23 - Service: stllssvr - Unknown owner - C:\\Program Files\\Common Files\\SureThing Shared\\stllssvr.exe (file missing) -- End of file - 11835 bytes en dit is het resultaat van combofix ComboFix 12-08-25.04 - Bijou 27-08-2012 15:30:55.3.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3071.1361 [GMT 2:00] Gestart vanuit: c:\users\Bijou\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Bijou\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "C:\user.js" . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-27 to 2012-08-27 )))))))))))))))))))))))))))))) . . 2012-08-27 13:40 . 2012-08-27 13:40 -------- d-----w- c:\users\TEMP\AppData\Local\temp 2012-08-27 13:40 . 2012-08-27 13:40 -------- d-----w- c:\users\Jan\AppData\Local\temp 2012-08-27 13:40 . 2012-08-27 13:40 -------- d-----w- c:\users\Gerda\AppData\Local\temp 2012-08-27 13:40 . 2012-08-27 13:40 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-26 17:44 . 2012-08-26 17:44 -------- d-----w- c:\programdata\Premium 2012-08-26 17:43 . 2012-08-26 17:48 -------- d-----w- c:\programdata\InstallMate 2012-08-24 10:00 . 2012-08-01 22:51 7023536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ABAC2417-8775-4BEE-B72C-ABA14E19144F}\mpengine.dll 2012-08-16 00:39 . 2012-07-04 14:02 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-08-15 21:33 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll 2012-08-09 12:55 . 2012-08-26 17:50 758 ----a-w- C:\user.js 2012-08-09 12:54 . 2012-08-09 12:54 -------- d-----w- c:\users\Bijou\AppData\Roaming\Babylon 2012-08-09 12:54 . 2012-08-09 12:54 -------- d-----w- c:\programdata\Babylon 2012-08-05 20:26 . 2012-08-05 20:26 -------- d-----w- c:\programdata\Vizzed 2012-08-05 20:26 . 2012-08-05 20:26 -------- d-----w- c:\program files\Vizzed . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-21 09:13 . 2011-05-20 22:49 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-08-21 09:13 . 2008-04-03 10:03 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-08-21 09:13 . 2008-04-03 10:03 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-08-21 09:13 . 2008-04-03 10:03 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-08-21 09:13 . 2008-04-03 10:02 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-08-21 09:13 . 2008-04-03 10:03 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-08-21 09:12 . 2010-06-29 12:50 41224 ----a-w- c:\windows\avastSS.scr 2012-08-21 09:12 . 2008-04-03 10:02 227648 ----a-w- c:\windows\system32\aswBoot.exe 2012-07-09 17:44 . 2012-07-09 17:44 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-03 11:46 . 2012-06-13 14:20 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-21 10:25 . 2012-06-21 10:26 476936 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-06-21 10:25 . 2011-12-09 15:41 472840 ----a-w- c:\windows\system32\deployJava1.dll 2012-06-12 10:37 . 2012-06-12 10:37 887888 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-06-05 16:47 . 2012-07-11 20:58 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 16:47 . 2012-07-11 20:58 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 15:26 . 2012-07-11 20:58 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 22:19 . 2012-06-23 11:37 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-23 11:37 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-23 11:36 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-23 11:36 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:19 . 2012-06-23 11:37 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:12 . 2012-06-23 11:37 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:12 . 2012-06-23 11:36 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-23 11:36 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:12 . 2012-06-23 11:36 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 00:04 . 2012-07-11 20:58 278528 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 00:03 . 2012-07-11 20:58 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-05-31 10:25 . 2009-10-02 23:33 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-07-14 00:15 . 2012-08-26 19:50 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2008-09-22 17:16 . 2007-12-24 10:15 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-08-21 09:12 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 1120568] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-30 39408] "MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 4390912] "MSPService"="c:\program files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe" [2007-06-12 102400] "toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672] "ACTIVBOARD"="c:\program files\Packard Bell\FIJI\aboard.exe" [2007-01-18 79416] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240] "MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-08 240992] "Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280] "TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2012-05-20 296056] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776] . c:\users\Bijou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] Sonic INSTALLit! Setup.lnk - c:\users\Bijou\AppData\Local\Temp\VIES4542\setup.exe [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"="" "FirewallOverride"="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-10-17 15:46] . 2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-10-17 15:46] . 2012-08-27 c:\windows\Tasks\Recovery DVD Creator.job - c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2007-12-24 16:34] . 2012-08-27 c:\windows\Tasks\Uitgebreide garantie.job - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-12-24 16:38] . 2012-08-27 c:\windows\Tasks\User_Feed_Synchronization-{0FBE96B4-EB3C-44EA-A55F-B8C24E08D3E7}.job - c:\windows\system32\msfeedssync.exe [2012-08-15 08:18] . 2012-08-27 c:\windows\Tasks\User_Feed_Synchronization-{3F4C6E0D-1F58-4A59-B5CF-C223289C3D9D}.job - c:\windows\system32\msfeedssync.exe [2012-08-15 08:18] . . ------- Bijkomende Scan ------- . mStart Page = hxxp://www.tropal.net/ uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 Trusted Zone: vizzed.com\www TCP: DhcpNameServer = 213.46.228.196 62.179.104.196 DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://www.shockwave.com/content/doggiedash/sis/DoggieDash.1.0.0.6.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game05.zylom.com/activex/zylomgamesplayer.cab DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} - hxxp://www.shockwave.com/content/petshophop/sis/petshophopweb.1.0.0.17.cab FF - ProfilePath - c:\users\Bijou\AppData\Roaming\Mozilla\Firefox\Profiles\re5nm11e.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=VIATDF&PC=VIATDF&q= FF - prefs.js: browser.search.selectedEngine - FF - prefs.js: browser.startup.homepage - hxxp://nl.msn.com/ FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=90eddfbf000000000000001c25504218&tlver=1.6.4.6&instlRef=sst&babTrack&q= FF - prefs.js: network.proxy.http - 173.45.229.79 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.type - 0 FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.BabylonToolbar_i.babTrack, affID=111881&tt=3212_5 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q= FF - user.js: extensions.BabylonToolbar.id - 90eddfbf000000000000001c25504218 FF - user.js: extensions.BabylonToolbar.instlDay - 15561 FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.4.6 FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.4.6 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.4.614:55 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - base FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8DgWpuvo&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - 90eddfbf000000000000001c25504218 FF - user.js: extensions.incredibar_i.instlDay - 15578 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1419:50 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6R8DgWpuvo FF - user.js: extensions.incredibar_i.upn2n - 92824948520846506 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10650 FF - user.js: extensions.incredibar_i.ppd - 169%5F3 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-08-27 15:40 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Voltooingstijd: 2012-08-27 15:42:49 ComboFix-quarantined-files.txt 2012-08-27 13:42 ComboFix2.txt 2012-08-27 12:39 ComboFix3.txt 2012-08-26 21:31 . Pre-Run: 211.919.118.336 bytes beschikbaar Post-Run: 211.907.969.024 bytes beschikbaar . - - End Of File - - 974F25AFC68B46523F3D9DCBDB7F3DF6 Kan iemand mij helpen?
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.