Bijou
-
Items
11 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Bijou
-
-
ik heb meerdere malen een zoekopdracht gestart op mystart en incredibar, aantal dingen nog verwijderd en NOG krijg ik die mystart pagina in firefox bij een nieuw tab en nog steeds kan ik dat veranderen maar als ik firefox opniew opstart is het er weer
-
is al weg neem ik aan - geen zoekresultaten.
-
# AdwCleaner v1.801 - Logfile created 08/29/2012 at 19:57:18
# Updated 14/08/2012 by Xplode
# Operating system : Windows Vista Home Premium Service Pack 2 (32 bits)
# User : Bijou - PC_VAN_BIJOU
# Boot Mode : Normal
# Running from : C:\Users\Bijou\Desktop\adwcleaner.exe
# Option [Delete]
***** [services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Users\Bijou\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Bijou\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Bijou\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Bijou\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Jan\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Jan\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jan\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Jan\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\Users\Gerda\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Bijou\AppData\Roaming\Mozilla\Firefox\Profiles\re5nm11e.default\Conduit
Folder Deleted : C:\Users\Bijou\AppData\Roaming\Mozilla\Firefox\Profiles\re5nm11e.default\ConduitEngine
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Program Files\Conduit
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\Web Assistant
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
***** [Registre - GUID] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
***** [internet Browsers] *****
-\\ Internet Explorer v8.0.6001.19298
[OK] Registry is clean.
-\\ Mozilla Firefox v15.0 (nl)
Profile name : default
File : C:\Users\Bijou\AppData\Roaming\Mozilla\Firefox\Profiles\re5nm11e.default\prefs.js
C:\Users\Bijou\AppData\Roaming\Mozilla\Firefox\Profiles\re5nm11e.default\user.js ... Deleted !
Deleted : user_pref("CT2365905.CTID", "CT2365905");
Deleted : user_pref("CT2365905.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2365905.EMailNotifierPollDate", "Tue Feb 02 2010 16:50:11 GMT+0100");
Deleted : user_pref("CT2365905.FeedLastCount128460900971181341", 166);
Deleted : user_pref("CT2365905.FeedPollDate128460898315556274", "Tue Feb 02 2010 16:50:09 GMT+0100");
Deleted : user_pref("CT2365905.FeedPollDate128460899415556929", "Tue Feb 02 2010 16:50:09 GMT+0100");
Deleted : user_pref("CT2365905.FeedPollDate128460899564463182", "Tue Feb 02 2010 16:50:09 GMT+0100");
Deleted : user_pref("CT2365905.FeedPollDate128460899661963361", "Tue Feb 02 2010 16:50:09 GMT+0100");
Deleted : user_pref("CT2365905.FeedPollDate128460899768994715", "Tue Feb 02 2010 16:50:09 GMT+0100");
Deleted : user_pref("CT2365905.FeedPollDate128479826070094154", "Tue Feb 02 2010 16:50:10 GMT+0100");
Deleted : user_pref("CT2365905.FeedTTL128460898315556274", 5);
Deleted : user_pref("CT2365905.FeedTTL128460899415556929", 20);
Deleted : user_pref("CT2365905.FeedTTL128460899564463182", 30);
Deleted : user_pref("CT2365905.FeedTTL128460899661963361", 15);
Deleted : user_pref("CT2365905.FirstTime", true);
Deleted : user_pref("CT2365905.FirstTimeFF3", true);
Deleted : user_pref("CT2365905.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2365905.Initialize", true);
Deleted : user_pref("CT2365905.InitializeCommonPrefs", true);
Deleted : user_pref("CT2365905.InstalledDate", "Tue Feb 02 2010 16:50:10 GMT+0100");
Deleted : user_pref("CT2365905.InvalidateCache", false);
Deleted : user_pref("CT2365905.IsGrouping", false);
Deleted : user_pref("CT2365905.IsMulticommunity", false);
Deleted : user_pref("CT2365905.IsOpenThankYouPage", true);
Deleted : user_pref("CT2365905.IsOpenUninstallPage", true);
Deleted : user_pref("CT2365905.LanguagePackLastCheckTime", "Tue Feb 02 2010 16:50:10 GMT+0100");
Deleted : user_pref("CT2365905.Locale", "en-us");
Deleted : user_pref("CT2365905.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2365905.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2365905.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2365905.RadioLastCheckTime", "Tue Feb 02 2010 16:50:11 GMT+0100");
Deleted : user_pref("CT2365905.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT2365905.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2365905.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2365905.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT236[...]
Deleted : user_pref("CT2365905.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2365905.SettingsLastCheckTime", "Tue Feb 02 2010 16:50:06 GMT+0100");
Deleted : user_pref("CT2365905.SettingsLastUpdate", "1265116750");
Deleted : user_pref("CT2365905.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2365905.ThirdPartyComponentsLastCheck", "Tue Feb 02 2010 16:50:05 GMT+0100");
Deleted : user_pref("CT2365905.ThirdPartyComponentsLastUpdate", "1265116750");
Deleted : user_pref("CT2365905.WeatherNetwork", "");
Deleted : user_pref("CT2365905.WeatherPollDate", "Tue Feb 02 2010 16:50:09 GMT+0100");
Deleted : user_pref("CT2365905.WeatherUnit", "C");
Deleted : user_pref("CT2365905.alertChannelId", "760943");
Deleted : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2504091.CTID", "CT2504091");
Deleted : user_pref("CT2504091.CurrentServerDate", "1-8-2010");
Deleted : user_pref("CT2504091.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2504091.EMailNotifierPollDate", "Sun Aug 01 2010 21:24:36 GMT+0200");
Deleted : user_pref("CT2504091.FeedLastCount129079840422964131", 10);
Deleted : user_pref("CT2504091.FeedPollDate128891351169457132", "Sun Aug 01 2010 21:24:34 GMT+0200");
Deleted : user_pref("CT2504091.FeedPollDate129079840422964131", "Sun Aug 01 2010 21:24:34 GMT+0200");
Deleted : user_pref("CT2504091.FeedTTL128891351169457132", 40);
Deleted : user_pref("CT2504091.FirstServerDate", "11-4-2010");
Deleted : user_pref("CT2504091.FirstTime", true);
Deleted : user_pref("CT2504091.FirstTimeFF3", true);
Deleted : user_pref("CT2504091.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2504091.Initialize", true);
Deleted : user_pref("CT2504091.InitializeCommonPrefs", true);
Deleted : user_pref("CT2504091.InstalledDate", "Sun Apr 11 2010 12:06:49 GMT+0200");
Deleted : user_pref("CT2504091.IsGrouping", false);
Deleted : user_pref("CT2504091.IsMulticommunity", false);
Deleted : user_pref("CT2504091.IsOpenThankYouPage", false);
Deleted : user_pref("CT2504091.IsOpenUninstallPage", false);
Deleted : user_pref("CT2504091.LanguagePackLastCheckTime", "Sun Aug 01 2010 21:24:37 GMT+0200");
Deleted : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2504091.LastLogin_2.5.8.6", "Sun Aug 01 2010 21:24:35 GMT+0200");
Deleted : user_pref("CT2504091.LatestVersion", "2.1.0.18");
Deleted : user_pref("CT2504091.Locale", "en-us");
Deleted : user_pref("CT2504091.LoginCache", 4);
Deleted : user_pref("CT2504091.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2504091.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2504091.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...]
Deleted : user_pref("CT2504091.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Sun Aug 01 2010 21:24:34 GMT+0200");
Deleted : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2504091.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2504091.SettingsLastCheckTime", "Sun Aug 01 2010 21:24:34 GMT+0200");
Deleted : user_pref("CT2504091.SettingsLastUpdate", "1265745383");
Deleted : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Sun Aug 01 2010 21:24:34 GMT+0200");
Deleted : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1265745383");
Deleted : user_pref("CT2504091.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT2504091.UserID", "UN55622913330882520");
Deleted : user_pref("CT2504091.ValidationData_Toolbar", 1);
Deleted : user_pref("CT2504091.alertChannelId", "897164");
Deleted : user_pref("CT2504091.clientLogIsEnabled", true);
Deleted : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2504091.myStuffEnabled", true);
Deleted : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://flvdirect.iamwired.net/websearch.[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2365905,CT2504091,ConduitEngine");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2365905,CT2504091");
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Feb 02 2010 16:50:09 GMT+0100");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Feb 02 2010 16:50:06 GMT+0100");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1234796400");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "{95bb9ba9-96c1-4f6c-929a-ff9a06f77cdd}");
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sat Mar 26 2011 12:56:49 GMT+0100");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Mar 26 2011 12:56:39 GMT+0100");
Deleted : user_pref("ConduitEngine.FirstServerDate", "03/26/2011 14");
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Sat Mar 26 2011 12:56:40 GMT+0100");
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Mar 26 2011 12:56:39 GMT+0100");
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Mar 26 2011 12:56:40 GMT+0100");
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Mar 26 2011 12:56:38 GMT+0100");
Deleted : user_pref("ConduitEngine.Uninstall", true);
Deleted : user_pref("ConduitEngine.UserID", "UN41179696711756928");
Deleted : user_pref("ConduitEngine.engineLocale", "nl");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Mar 26 2011 12:56:39 GMT+0100");
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Mar 26 2011 12:56:40 GMT+0100");
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("ConduitEngine.usagesFlag", 2);
Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar.babTrack", "");
Deleted : user_pref("extensions.BabylonToolbar.babext", "");
Deleted : user_pref("extensions.BabylonToolbar.babtrack", "");
Deleted : user_pref("extensions.BabylonToolbar.bbdpng", 0);
Deleted : user_pref("extensions.BabylonToolbar.cntry", "");
Deleted : user_pref("extensions.BabylonToolbar.dfltsrch", "");
Deleted : user_pref("extensions.BabylonToolbar.envrmnt", "");
Deleted : user_pref("extensions.BabylonToolbar.firstrun", false);
Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "");
Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
Deleted : user_pref("extensions.BabylonToolbar.hrdid", "");
Deleted : user_pref("extensions.BabylonToolbar.isdcmntcmplt", true);
Deleted : user_pref("extensions.BabylonToolbar.keywordurl", "");
Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "");
Deleted : user_pref("extensions.BabylonToolbar.lastdp", 0);
Deleted : user_pref("extensions.BabylonToolbar.mntrvrsn", "");
Deleted : user_pref("extensions.BabylonToolbar.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar.newtab", "false");
Deleted : user_pref("extensions.BabylonToolbar.newtaburl", "");
Deleted : user_pref("extensions.BabylonToolbar.savedVrsnTs", "");
Deleted : user_pref("extensions.BabylonToolbar.sg", "");
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "");
Deleted : user_pref("extensions.BabylonToolbar.smplgrp", "");
Deleted : user_pref("extensions.BabylonToolbar.srcExt", "");
Deleted : user_pref("extensions.BabylonToolbar.srcext", "");
Deleted : user_pref("extensions.BabylonToolbar.srch", "");
Deleted : user_pref("extensions.BabylonToolbar.srchprvdr", "");
Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "");
Deleted : user_pref("extensions.BabylonToolbar.vrsnts", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "");
Deleted : user_pref("extensions.incredibar.admin", false);
Deleted : user_pref("extensions.incredibar.aflt", "");
Deleted : user_pref("extensions.incredibar.cntry", "");
Deleted : user_pref("extensions.incredibar.dfltLng", "");
Deleted : user_pref("extensions.incredibar.dfltSrch", false);
Deleted : user_pref("extensions.incredibar.did", "");
Deleted : user_pref("extensions.incredibar.envrmnt", "");
Deleted : user_pref("extensions.incredibar.excTlbr", false);
Deleted : user_pref("extensions.incredibar.hdrMd5", "");
Deleted : user_pref("extensions.incredibar.hmpg", false);
Deleted : user_pref("extensions.incredibar.id", "");
Deleted : user_pref("extensions.incredibar.installerproductid", "");
Deleted : user_pref("extensions.incredibar.instlDay", "");
Deleted : user_pref("extensions.incredibar.instlRef", "");
Deleted : user_pref("extensions.incredibar.isDcmntCmplt", false);
Deleted : user_pref("extensions.incredibar.lastVrsnTs", "");
Deleted : user_pref("extensions.incredibar.mntrvrsn", "");
Deleted : user_pref("extensions.incredibar.newTab", false);
Deleted : user_pref("extensions.incredibar.noFFXTlbr", false);
Deleted : user_pref("extensions.incredibar.ppd", "");
Deleted : user_pref("extensions.incredibar.prdct", "");
Deleted : user_pref("extensions.incredibar.productid", "");
Deleted : user_pref("extensions.incredibar.prtnrId", "");
Deleted : user_pref("extensions.incredibar.sg", "");
Deleted : user_pref("extensions.incredibar.smplGrp", "");
Deleted : user_pref("extensions.incredibar.tlbrId", "");
Deleted : user_pref("extensions.incredibar.tlbrSrchUrl", "");
Deleted : user_pref("extensions.incredibar.upn2", "");
Deleted : user_pref("extensions.incredibar.upn2n", "");
Deleted : user_pref("extensions.incredibar.vrsn", "");
Deleted : user_pref("extensions.incredibar.vrsnTs", "");
Deleted : user_pref("extensions.incredibar.vrsni", "");
Profile name : default
File : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\ui18vpv2.default\prefs.js
[OK] File is clean.
Profile name : default
File : C:\Users\Gerda\AppData\Roaming\Mozilla\Firefox\Profiles\5swzus3g.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v21.0.1180.83
File : C:\Users\Bijou\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
File : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[s1].txt - [21023 octets] - [29/08/2012 19:57:18]
########## EOF - C:\AdwCleaner[s1].txt - [21152 octets] ##########
ik krijg nog steeds mystart.incredibar.com/mb139?a=6R8DgWpuvo&loc=FF_NT als ik een nieuw tab open in firefox wat ik weer kan wijzigen via about:config maar dan ook weer terug is zodra ik firefox herstart. De rest is weg - alleen dit nog.
-
dat heb ik gedaan. Ik krijg als ik bv zoek op incredibar een hele rits extensions.incredibar.nog iets, daarvan heb ik alle string waarden weggehaald (er staat ook boolean dat kan ik alleen van false naar true veranderen) - en die blijven dan ook weg - ook na opnieuw opstarten van firefox. alleen de browser.newtab.url geeft dan weer mystart aan. ook al heb ik daarvoor google of wat dan ook ingevoerd - zodra ik firefox herstart is het weer terug.
-
Hoe verwijder ik dat dan? Behalve rechts klikken en dan wissen wat er in het pop upje staat - want dat werkt niet. Telkens als ik de mystart url verander in iets anders voor de nieuwe tabs duurt dat maar zolang als firefox actief is. zodra ik het sluit en later weer start is het weer terug.
-
Het is toch nog niet helemaal weg. ik kan via about:config in firefox de website voor de tabs veranderen maar zodra ik de browser dan sluit (en later weer start) is die mystart pagina weer terug in de nieuwe tabs. ook zie ik in de lijst die ik krijg na about:config in te voeren nog mystart dingen staan. mystart, babylon, web assistant.
-
gelukt! bedankt voor de hulp!
-
ja, nog steeds die startpagina als ik een nieuw tab open in firefox.
-
Hij is niet opnieuw opgestart maar dit is de nieuwe log van combofix
ComboFix 12-08-25.04 - Bijou 27-08-2012 18:36:18.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3071.1876 [GMT 2:00]
Gestart vanuit: c:\users\Bijou\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Bijou\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"C:\user.js"
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Babylon
c:\programdata\InstallMate
c:\programdata\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\_Setup.dll
c:\programdata\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\_Setupx.dll
c:\programdata\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\20120826194345.log
c:\programdata\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\Setup.dat
c:\programdata\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\Setup.exe
c:\programdata\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\Setup.ico
c:\programdata\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\TsuDll.dll
c:\programdata\InstallMate\71064EA2\cfg\1.ini
c:\programdata\InstallMate\71064EA2\cfg\1_1.ini
c:\programdata\InstallMate\71064EA2\cfg\1_1_1.ini
c:\programdata\Premium
c:\users\Bijou\AppData\Roaming\Babylon
c:\users\Bijou\AppData\Roaming\Babylon\log_file.txt
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-07-27 to 2012-08-27 ))))))))))))))))))))))))))))))
.
.
2012-08-27 16:45 . 2012-08-27 16:45 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2012-08-27 16:45 . 2012-08-27 16:45 -------- d-----w- c:\users\Jan\AppData\Local\temp
2012-08-27 16:45 . 2012-08-27 16:45 -------- d-----w- c:\users\Gerda\AppData\Local\temp
2012-08-27 16:45 . 2012-08-27 16:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-24 10:00 . 2012-08-01 22:51 7023536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ABAC2417-8775-4BEE-B72C-ABA14E19144F}\mpengine.dll
2012-08-16 00:39 . 2012-07-04 14:02 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 21:33 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll
2012-08-09 12:55 . 2012-08-26 17:50 758 ----a-w- C:\user.js
2012-08-05 20:26 . 2012-08-05 20:26 -------- d-----w- c:\programdata\Vizzed
2012-08-05 20:26 . 2012-08-05 20:26 -------- d-----w- c:\program files\Vizzed
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-21 09:13 . 2011-05-20 22:49 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2008-04-03 10:03 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2008-04-03 10:03 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2008-04-03 10:03 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-21 09:13 . 2008-04-03 10:02 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2008-04-03 10:03 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2010-06-29 12:50 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2008-04-03 10:02 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-09 17:44 . 2012-07-09 17:44 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-03 11:46 . 2012-06-13 14:20 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-21 10:25 . 2012-06-21 10:26 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-21 10:25 . 2011-12-09 15:41 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-12 10:37 . 2012-06-12 10:37 887888 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 16:47 . 2012-07-11 20:58 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 16:47 . 2012-07-11 20:58 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 15:26 . 2012-07-11 20:58 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 22:19 . 2012-06-23 11:37 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-23 11:37 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-23 11:36 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-23 11:36 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-23 11:37 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-23 11:37 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-23 11:36 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-23 11:36 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-23 11:36 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 00:04 . 2012-07-11 20:58 278528 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 00:03 . 2012-07-11 20:58 204288 ----a-w- c:\windows\system32\ncrypt.dll
2012-05-31 10:25 . 2009-10-02 23:33 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-07-14 00:15 . 2012-08-26 19:50 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2008-09-22 17:16 . 2007-12-24 10:15 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 1120568]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-30 39408]
"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 4390912]
"MSPService"="c:\program files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe" [2007-06-12 102400]
"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
"ACTIVBOARD"="c:\program files\Packard Bell\FIJI\aboard.exe" [2007-01-18 79416]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-08 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2012-05-20 296056]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
c:\users\Bijou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=""
"FirewallOverride"=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhoud van de 'Gedeelde Taken' map
.
2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-17 15:46]
.
2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-17 15:46]
.
2012-08-27 c:\windows\Tasks\Recovery DVD Creator.job
- c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2007-12-24 16:34]
.
2012-08-27 c:\windows\Tasks\Uitgebreide garantie.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-12-24 16:38]
.
2012-08-27 c:\windows\Tasks\User_Feed_Synchronization-{0FBE96B4-EB3C-44EA-A55F-B8C24E08D3E7}.job
- c:\windows\system32\msfeedssync.exe [2012-08-15 08:18]
.
2012-08-27 c:\windows\Tasks\User_Feed_Synchronization-{3F4C6E0D-1F58-4A59-B5CF-C223289C3D9D}.job
- c:\windows\system32\msfeedssync.exe [2012-08-15 08:18]
.
.
------- Bijkomende Scan -------
.
mStart Page = hxxp://www.tropal.net/
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: vizzed.com\www
TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://www.shockwave.com/content/doggiedash/sis/DoggieDash.1.0.0.6.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game05.zylom.com/activex/zylomgamesplayer.cab
DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} - hxxp://www.shockwave.com/content/petshophop/sis/petshophopweb.1.0.0.17.cab
FF - ProfilePath - c:\users\Bijou\AppData\Roaming\Mozilla\Firefox\Profiles\re5nm11e.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=VIATDF&PC=VIATDF&q=
FF - prefs.js: browser.startup.homepage - hxxp://nl.msn.com/
FF - prefs.js: network.proxy.http - 173.45.229.79
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-08-27 18:46
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
Voltooingstijd: 2012-08-27 18:48:10
ComboFix-quarantined-files.txt 2012-08-27 16:48
ComboFix2.txt 2012-08-27 13:42
ComboFix3.txt 2012-08-27 12:39
ComboFix4.txt 2012-08-26 21:31
.
Pre-Run: 212.128.243.712 bytes beschikbaar
Post-Run: 212.108.746.752 bytes beschikbaar
.
- - End Of File - - 29F1D6E550BBF3815EF221E1D37DF2AF
en dit is het nieuwste logje van HijackThis
ogfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:50:39, on 27-8-2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19298)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Packard Bell\FIJI\ABoard.exe
C:\Program Files\Packard Bell\FIJI\AOSD.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\real\realplayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\notepad.exe
C:\Windows\explorer.exe
C:\Users\Bijou\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = tropal.net
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [MSPService] C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O15 - Trusted Zone: Vizzed Board
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://domino-199.portfolio4u.nl/qp2.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} (CPlayFirstDoggieDashControl Object) - http://www.shockwave.com/content/doggiedash/sis/DoggieDash.1.0.0.6.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} (CPlayFirstPetShopHopControl Object) - http://www.shockwave.com/content/petshophop/sis/petshophopweb.1.0.0.17.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - Unknown owner - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (file missing)
O23 - Service: stllssvr - Unknown owner - C:\\Program Files\\Common Files\\SureThing Shared\\stllssvr.exe (file missing)
--
End of file - 10955 bytes
-
Hallo, ik heb sinds gister mystart incredibar op m'n computer en ik kom er maar niet vanaf. Ik heb al via instructies op dit forum het een en ander geprobeerd maar als ik een nieuw tabblad open in firefox heb ik weer die mystart zoekmachine pagina.
dit is de laatste scan van HijackThis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:05:45, on 27-8-2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19298)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Packard Bell\FIJI\ABoard.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\real\realplayer\Update\realsched.exe
C:\Program Files\Packard Bell\FIJI\AOSD.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\Bijou\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = tropal.net
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (file missing)
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [MSPService] C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Sonic INSTALLit! Setup.lnk = C:\Users\Bijou\AppData\Local\Temp\VIES4542\setup.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O15 - Trusted Zone: Vizzed Board
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://domino-199.portfolio4u.nl/qp2.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} (CPlayFirstDoggieDashControl Object) - http://www.shockwave.com/content/doggiedash/sis/DoggieDash.1.0.0.6.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} (CPlayFirstPetShopHopControl Object) - http://www.shockwave.com/content/petshophop/sis/petshophopweb.1.0.0.17.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - Unknown owner - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (file missing)
O23 - Service: stllssvr - Unknown owner - C:\\Program Files\\Common Files\\SureThing Shared\\stllssvr.exe (file missing)
--
End of file - 11835 bytes
en dit is het resultaat van combofix
ComboFix 12-08-25.04 - Bijou 27-08-2012 15:30:55.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3071.1361 [GMT 2:00]
Gestart vanuit: c:\users\Bijou\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Bijou\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"C:\user.js"
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-07-27 to 2012-08-27 ))))))))))))))))))))))))))))))
.
.
2012-08-27 13:40 . 2012-08-27 13:40 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2012-08-27 13:40 . 2012-08-27 13:40 -------- d-----w- c:\users\Jan\AppData\Local\temp
2012-08-27 13:40 . 2012-08-27 13:40 -------- d-----w- c:\users\Gerda\AppData\Local\temp
2012-08-27 13:40 . 2012-08-27 13:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-26 17:44 . 2012-08-26 17:44 -------- d-----w- c:\programdata\Premium
2012-08-26 17:43 . 2012-08-26 17:48 -------- d-----w- c:\programdata\InstallMate
2012-08-24 10:00 . 2012-08-01 22:51 7023536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ABAC2417-8775-4BEE-B72C-ABA14E19144F}\mpengine.dll
2012-08-16 00:39 . 2012-07-04 14:02 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 21:33 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll
2012-08-09 12:55 . 2012-08-26 17:50 758 ----a-w- C:\user.js
2012-08-09 12:54 . 2012-08-09 12:54 -------- d-----w- c:\users\Bijou\AppData\Roaming\Babylon
2012-08-09 12:54 . 2012-08-09 12:54 -------- d-----w- c:\programdata\Babylon
2012-08-05 20:26 . 2012-08-05 20:26 -------- d-----w- c:\programdata\Vizzed
2012-08-05 20:26 . 2012-08-05 20:26 -------- d-----w- c:\program files\Vizzed
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-21 09:13 . 2011-05-20 22:49 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2008-04-03 10:03 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2008-04-03 10:03 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2008-04-03 10:03 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-21 09:13 . 2008-04-03 10:02 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2008-04-03 10:03 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2010-06-29 12:50 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2008-04-03 10:02 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-09 17:44 . 2012-07-09 17:44 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-03 11:46 . 2012-06-13 14:20 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-21 10:25 . 2012-06-21 10:26 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-21 10:25 . 2011-12-09 15:41 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-12 10:37 . 2012-06-12 10:37 887888 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 16:47 . 2012-07-11 20:58 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 16:47 . 2012-07-11 20:58 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 15:26 . 2012-07-11 20:58 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 22:19 . 2012-06-23 11:37 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-23 11:37 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-23 11:36 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-23 11:36 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-23 11:37 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-23 11:37 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-23 11:36 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-23 11:36 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-23 11:36 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 00:04 . 2012-07-11 20:58 278528 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 00:03 . 2012-07-11 20:58 204288 ----a-w- c:\windows\system32\ncrypt.dll
2012-05-31 10:25 . 2009-10-02 23:33 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-07-14 00:15 . 2012-08-26 19:50 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2008-09-22 17:16 . 2007-12-24 10:15 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 1120568]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-30 39408]
"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 4390912]
"MSPService"="c:\program files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe" [2007-06-12 102400]
"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
"ACTIVBOARD"="c:\program files\Packard Bell\FIJI\aboard.exe" [2007-01-18 79416]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-08 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2012-05-20 296056]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
c:\users\Bijou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
Sonic INSTALLit! Setup.lnk - c:\users\Bijou\AppData\Local\Temp\VIES4542\setup.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=""
"FirewallOverride"=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhoud van de 'Gedeelde Taken' map
.
2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-17 15:46]
.
2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-17 15:46]
.
2012-08-27 c:\windows\Tasks\Recovery DVD Creator.job
- c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2007-12-24 16:34]
.
2012-08-27 c:\windows\Tasks\Uitgebreide garantie.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-12-24 16:38]
.
2012-08-27 c:\windows\Tasks\User_Feed_Synchronization-{0FBE96B4-EB3C-44EA-A55F-B8C24E08D3E7}.job
- c:\windows\system32\msfeedssync.exe [2012-08-15 08:18]
.
2012-08-27 c:\windows\Tasks\User_Feed_Synchronization-{3F4C6E0D-1F58-4A59-B5CF-C223289C3D9D}.job
- c:\windows\system32\msfeedssync.exe [2012-08-15 08:18]
.
.
------- Bijkomende Scan -------
.
mStart Page = hxxp://www.tropal.net/
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: vizzed.com\www
TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://www.shockwave.com/content/doggiedash/sis/DoggieDash.1.0.0.6.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game05.zylom.com/activex/zylomgamesplayer.cab
DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} - hxxp://www.shockwave.com/content/petshophop/sis/petshophopweb.1.0.0.17.cab
FF - ProfilePath - c:\users\Bijou\AppData\Roaming\Mozilla\Firefox\Profiles\re5nm11e.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=VIATDF&PC=VIATDF&q=
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://nl.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=90eddfbf000000000000001c25504218&tlver=1.6.4.6&instlRef=sst&babTrack&q=
FF - prefs.js: network.proxy.http - 173.45.229.79
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.BabylonToolbar_i.babTrack, affID=111881&tt=3212_5
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=
FF - user.js: extensions.BabylonToolbar.id - 90eddfbf000000000000001c25504218
FF - user.js: extensions.BabylonToolbar.instlDay - 15561
FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.4.6
FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.4.6
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.4.614:55
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8DgWpuvo&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 90eddfbf000000000000001c25504218
FF - user.js: extensions.incredibar_i.instlDay - 15578
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1419:50
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6R8DgWpuvo
FF - user.js: extensions.incredibar_i.upn2n - 92824948520846506
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10650
FF - user.js: extensions.incredibar_i.ppd - 169%5F3
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-08-27 15:40
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
Voltooingstijd: 2012-08-27 15:42:49
ComboFix-quarantined-files.txt 2012-08-27 13:42
ComboFix2.txt 2012-08-27 12:39
ComboFix3.txt 2012-08-26 21:31
.
Pre-Run: 211.919.118.336 bytes beschikbaar
Post-Run: 211.907.969.024 bytes beschikbaar
.
- - End Of File - - 974F25AFC68B46523F3D9DCBDB7F3DF6
Kan iemand mij helpen?
mystart incredibar
in Archief Bestrijding malware & virussen
Geplaatst:
gelukt! probleem opgelost - nogmaals bedankt!