linda123
-
Items
8 -
Registratiedatum
-
Laatst bezocht
linda123's prestaties
-
Ik heb dankzij jou gelukkig geen last meer van de pop ups, heel erg bedankt nog voor je hulp ermee. Groetjes Linda
-
ComboFix 12-11-02.02 - Eigenaar 02-11-2012 17:19:29.2.4 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.3071.2156 [GMT 1:00] Gestart vanuit: c:\users\Eigenaar\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Eigenaar\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-10-02 to 2012-11-02 )))))))))))))))))))))))))))))) . . 2012-11-02 16:27 . 2012-11-02 16:27 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-11-02 16:27 . 2012-11-02 16:27 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-02 16:17 . 2012-11-02 16:17 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{90602FF0-91DE-41D0-A73A-754BE595BC6B}\MpKsl92b4f87d.sys 2012-11-02 16:15 . 2012-11-02 16:15 -------- d-----w- c:\windows\nl 2012-11-02 16:14 . 2010-06-02 03:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll 2012-11-02 16:14 . 2010-06-02 03:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll 2012-11-02 16:14 . 2010-05-26 10:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll 2012-11-02 16:14 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll 2012-11-02 16:13 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2012-11-02 16:13 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2012-11-01 09:17 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{90602FF0-91DE-41D0-A73A-754BE595BC6B}\mpengine.dll 2012-10-31 13:17 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-10-31 13:07 . 2012-11-02 16:27 -------- d-----w- c:\users\Eigenaar\AppData\Local\temp 2012-10-27 14:44 . 2012-10-27 14:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-10-27 14:44 . 2012-09-29 17:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-20 02:17 . 2012-09-27 04:42 740784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{024B978F-208F-4981-839C-404C86E62FBE}\gapaengine.dll 2012-10-17 04:40 . 2012-10-27 14:56 -------- d-----w- c:\windows\Sun 2012-10-17 04:28 . 2012-10-17 04:28 -------- d-----w- c:\program files\Common Files\Adobe 2012-10-17 04:26 . 2012-10-17 04:26 -------- d-----w- c:\program files\Common Files\Adobe AIR 2012-10-12 08:50 . 2012-10-12 08:50 -------- d-----w- c:\program files\Common Files\Simple Adblock 2012-10-09 21:01 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll 2012-10-09 21:01 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-10-09 21:01 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-20 08:49 . 2012-04-06 02:06 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-20 08:49 . 2011-05-18 04:32 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-09-27 04:42 . 2011-03-25 20:20 740784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-09-12 15:07 . 2012-09-12 15:07 58368 ----a-w- c:\windows\system32\sirenacm.dll 2012-09-12 14:57 . 2012-09-12 14:57 322048 ----a-w- c:\windows\WLXPGSS.SCR 2012-09-01 09:03 . 2012-09-01 09:03 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-09-01 09:03 . 2012-07-03 10:19 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-09-01 09:03 . 2011-07-06 15:17 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-08-30 20:03 . 2012-08-30 20:03 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-08-30 20:03 . 2010-10-24 20:25 99272 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-08-24 06:59 . 2012-09-22 16:25 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-08-24 06:51 . 2012-09-22 16:25 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-08-24 06:51 . 2012-09-22 16:25 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-24 06:47 . 2012-09-22 16:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-08-24 06:47 . 2012-09-22 16:25 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-08-24 06:43 . 2012-09-22 16:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-08-22 17:16 . 2012-09-12 01:04 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-08-22 17:16 . 2012-09-12 01:04 712048 ----a-w- c:\windows\system32\drivers\ndis.sys 2012-08-22 17:16 . 2012-09-12 01:04 240496 ----a-w- c:\windows\system32\drivers\netio.sys 2012-08-22 17:16 . 2012-09-12 01:04 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-08-21 20:12 . 2012-09-25 19:16 245760 ----a-w- c:\windows\system32\OxpsConverter.exe 2012-08-14 18:07 . 2012-08-14 18:07 63344640 ----a-w- c:\users\Eigenaar\AppData\Roaming\Bjhyhz.exe 2012-08-12 14:04 . 2012-08-12 14:04 1565859 ----a-w- c:\windows\Fishdom H2O - Hidden Odyssey Uninstaller.exe 2012-10-27 21:30 . 2012-10-27 21:29 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-09-17 3077528] "Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-17 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2012-02-27 801792] "ExpressFiles"="c:\program files\ExpressFiles\ExpressFiles.exe" [2012-01-02 326776] "SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-02-03 103896] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-03 767312] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-07-19 2567272] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Google Update"="c:\users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe" /c "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" "MSC"="c:\program files\Microsoft Security Client\msseces.exe" -hide -runkey "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW . R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x] R4 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x] R4 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [x] R4 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [x] S1 MpKsl92b4f87d;MpKsl92b4f87d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{90602FF0-91DE-41D0-A73A-754BE595BC6B}\MpKsl92b4f87d.sys [x] S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MPKSL92B4F87D . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map . 2012-11-02 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 08:49] . 2012-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-09-17 10:29] . 2012-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-09-17 10:29] . 2012-05-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4253276374-3521184392-2154863504-1000Core.job - c:\users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-10 14:53] . 2012-05-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4253276374-3521184392-2154863504-1000UA.job - c:\users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-10 14:53] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ IE: &Verzenden naar OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.2.254 FF - ProfilePath - c:\users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\dejzt0t6.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.google.nl/ FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q= FF - prefs.js: network.proxy.type - 0 . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-11-02 17:29:25 ComboFix-quarantined-files.txt 2012-11-02 16:29 ComboFix2.txt 2012-10-31 13:13 . Pre-Run: 440.153.432.064 bytes beschikbaar Post-Run: 440.160.845.824 bytes beschikbaar . - - End Of File - - 79A398D5708A80E702F831F88F371FB9
-
ComboFix 12-10-31.03 - Eigenaar 31-10-2012 14:00:23.1.4 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.3071.2101 [GMT 1:00] Gestart vanuit: c:\users\Eigenaar\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\100 c:\users\Eigenaar\AppData\Roaming\mIRC\logs\status.log . . (((((((((((((((((((( Bestanden Gemaakt van 2012-09-28 to 2012-10-31 )))))))))))))))))))))))))))))) . . 2012-10-31 13:07 . 2012-10-31 13:09 -------- d-----w- c:\users\Eigenaar\AppData\Local\temp 2012-10-31 13:07 . 2012-10-31 13:07 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-10-31 08:37 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2761B58A-D06B-481F-B159-16A070819403}\mpengine.dll 2012-10-30 06:24 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-10-27 14:44 . 2012-10-27 14:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-10-27 14:44 . 2012-09-29 17:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-20 02:17 . 2012-09-27 04:42 740784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{024B978F-208F-4981-839C-404C86E62FBE}\gapaengine.dll 2012-10-17 04:40 . 2012-10-27 14:56 -------- d-----w- c:\windows\Sun 2012-10-17 04:28 . 2012-10-17 04:28 -------- d-----w- c:\program files\Common Files\Adobe 2012-10-17 04:26 . 2012-10-17 04:26 -------- d-----w- c:\program files\Common Files\Adobe AIR 2012-10-12 08:50 . 2012-10-12 08:50 -------- d-----w- c:\program files\Common Files\Simple Adblock 2012-10-09 21:01 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll 2012-10-09 21:01 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-10-09 21:01 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-20 08:49 . 2012-04-06 02:06 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-20 08:49 . 2011-05-18 04:32 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-09-27 04:42 . 2011-03-25 20:20 740784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-09-01 09:03 . 2012-09-01 09:03 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-09-01 09:03 . 2012-07-03 10:19 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-09-01 09:03 . 2011-07-06 15:17 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-08-30 20:03 . 2012-08-30 20:03 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-08-30 20:03 . 2010-10-24 20:25 99272 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-08-24 06:59 . 2012-09-22 16:25 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-08-24 06:51 . 2012-09-22 16:25 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-08-24 06:51 . 2012-09-22 16:25 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-24 06:47 . 2012-09-22 16:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-08-24 06:47 . 2012-09-22 16:25 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-08-24 06:43 . 2012-09-22 16:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-08-22 17:16 . 2012-09-12 01:04 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-08-22 17:16 . 2012-09-12 01:04 712048 ----a-w- c:\windows\system32\drivers\ndis.sys 2012-08-22 17:16 . 2012-09-12 01:04 240496 ----a-w- c:\windows\system32\drivers\netio.sys 2012-08-22 17:16 . 2012-09-12 01:04 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-08-21 20:12 . 2012-09-25 19:16 245760 ----a-w- c:\windows\system32\OxpsConverter.exe 2012-08-14 18:07 . 2012-08-14 18:07 63344640 ----a-w- c:\users\Eigenaar\AppData\Roaming\Bjhyhz.exe 2012-08-12 14:04 . 2012-08-12 14:04 1565859 ----a-w- c:\windows\Fishdom H2O - Hidden Odyssey Uninstaller.exe 2012-08-02 16:57 . 2012-09-12 01:04 490496 ----a-w- c:\windows\system32\d3d10level9.dll 2012-10-27 21:30 . 2012-10-27 21:29 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{26A7CA19-7D58-411D-B2DA-F1B0324CBFFC}] 2012-09-12 09:59 1624576 ----a-w- c:\program files\Gamers Unite! Snag Bar\Toolbar.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d2ab2732-a124-4fb2-8da5-4a6a9e379331}] 2010-06-13 17:10 2734688 ----a-w- c:\program files\Messenger_Plus_Live_Netherlands\tbMess.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{d2ab2732-a124-4fb2-8da5-4a6a9e379331}"= "c:\program files\Messenger_Plus_Live_Netherlands\tbMess.dll" [2010-06-13 2734688] "{25515A79-C1C7-4B97-97F8-31A711694487}"= "c:\program files\Gamers Unite! Snag Bar\Toolbar.dll" [2012-09-12 1624576] . [HKEY_CLASSES_ROOT\clsid\{d2ab2732-a124-4fb2-8da5-4a6a9e379331}] . [HKEY_CLASSES_ROOT\clsid\{25515a79-c1c7-4b97-97f8-31a711694487}] [HKEY_CLASSES_ROOT\FCTB000062781.IEToolbar.1] [HKEY_CLASSES_ROOT\TypeLib\{017D1380-106D-43D5-97DC-81E8A527FD73}] [HKEY_CLASSES_ROOT\FCTB000062781.IEToolbar] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D2AB2732-A124-4FB2-8DA5-4A6A9E379331}"= "c:\program files\Messenger_Plus_Live_Netherlands\tbMess.dll" [2010-06-13 2734688] "{25515A79-C1C7-4B97-97F8-31A711694487}"= "c:\program files\Gamers Unite! Snag Bar\Toolbar.dll" [2012-09-12 1624576] . [HKEY_CLASSES_ROOT\clsid\{d2ab2732-a124-4fb2-8da5-4a6a9e379331}] . [HKEY_CLASSES_ROOT\clsid\{25515a79-c1c7-4b97-97f8-31a711694487}] [HKEY_CLASSES_ROOT\FCTB000062781.IEToolbar.1] [HKEY_CLASSES_ROOT\TypeLib\{017D1380-106D-43D5-97DC-81E8A527FD73}] [HKEY_CLASSES_ROOT\FCTB000062781.IEToolbar] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-09-17 3077528] "Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-17 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2012-02-27 801792] "ExpressFiles"="c:\program files\ExpressFiles\ExpressFiles.exe" [2012-01-02 326776] "SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-02-03 103896] "Sweetpacks Communicator"="c:\program files\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-02-26 295728] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-03 767312] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-07-19 2567272] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Google Update"="c:\users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe" /c "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" "MSC"="c:\program files\Microsoft Security Client\msseces.exe" -hide -runkey "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW . R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x] R4 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [x] R4 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x] R4 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [x] R4 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [x] S1 MpKsl03c3cdf1;MpKsl03c3cdf1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2761B58A-D06B-481F-B159-16A070819403}\MpKsl03c3cdf1.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map . 2012-10-31 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 08:49] . 2012-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-09-17 10:29] . 2012-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-09-17 10:29] . 2012-05-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4253276374-3521184392-2154863504-1000Core.job - c:\users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-10 14:53] . 2012-05-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4253276374-3521184392-2154863504-1000UA.job - c:\users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-10 14:53] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ IE: &Verzenden naar OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.2.254 FF - ProfilePath - c:\users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\dejzt0t6.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2843458&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxps://www.google.nl/ FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q= FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.BabylonToolbar_i.id - 9abd55490000000000000015af18c97d FF - user.js: extensions.BabylonToolbar_i.hardId - 9abd55490000000000000015af18c97d FF - user.js: extensions.BabylonToolbar_i.instlDay - 15391 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111304&tt=120812_bandext_3312_7 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q= FF - user.js: extensions.BabylonToolbar.id - 9abd55490000000000000015af18c97d FF - user.js: extensions.BabylonToolbar.instlDay - 15565 FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.4.6 FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.4.6 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.4.621:09 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - base FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{38542454-DFB6-44F5-B052-D4E071A3D073} - (no file) WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\Microsoft Security Client\MsMpEng.exe c:\program files\NVIDIA Corporation\Display\nvxdsync.exe c:\windows\system32\nvvsvc.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe c:\windows\system32\taskhost.exe c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe c:\windows\system32\conhost.exe c:\windows\system32\sppsvc.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE . ************************************************************************** . Voltooingstijd: 2012-10-31 14:13:20 - machine werd herstart ComboFix-quarantined-files.txt 2012-10-31 13:13 . Pre-Run: 440.202.752.000 bytes beschikbaar Post-Run: 440.184.442.880 bytes beschikbaar . - - End Of File - - 88E685706FC2EA38AC617F22B9DC735C Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:15:45, on 31-10-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe C:\Windows\Explorer.exe C:\Users\Eigenaar\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: FCTBPos00Pos - {26A7CA19-7D58-411D-B2DA-F1B0324CBFFC} - C:\Program Files\Gamers Unite! Snag Bar\Toolbar.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AdblockIE - {90EFF544-3981-4d46-85C9-C0361D0931D6} - mscoree.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Messenger Plus Live Netherlands Toolbar - {d2ab2732-a124-4fb2-8da5-4a6a9e379331} - C:\Program Files\Messenger_Plus_Live_Netherlands\tbMess.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll O3 - Toolbar: Messenger Plus Live Netherlands Toolbar - {d2ab2732-a124-4fb2-8da5-4a6a9e379331} - C:\Program Files\Messenger_Plus_Live_Netherlands\tbMess.dll O3 - Toolbar: Gamers Unite! Snag Bar - {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Program Files\Gamers Unite! Snag Bar\Toolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [ExpressFiles] "C:\Program Files\ExpressFiles\ExpressFiles.exe" -tray O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe O4 - HKLM\..\Run: [sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- End of file - 9902 bytes
-
Ik heb nu al een tijdje geen popups meer gehad kun je mss uitleggen waarvoor combofix is?
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:59:32, on 27-10-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\Eigenaar\Downloads\HijackThis.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Mozilla Firefox\firefox.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: FCTBPos00Pos - {26A7CA19-7D58-411D-B2DA-F1B0324CBFFC} - C:\Program Files\Gamers Unite! Snag Bar\Toolbar.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AdblockIE - {90EFF544-3981-4d46-85C9-C0361D0931D6} - mscoree.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Messenger Plus Live Netherlands Toolbar - {d2ab2732-a124-4fb2-8da5-4a6a9e379331} - C:\Program Files\Messenger_Plus_Live_Netherlands\tbMess.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll O3 - Toolbar: Messenger Plus Live Netherlands Toolbar - {d2ab2732-a124-4fb2-8da5-4a6a9e379331} - C:\Program Files\Messenger_Plus_Live_Netherlands\tbMess.dll O3 - Toolbar: Gamers Unite! Snag Bar - {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Program Files\Gamers Unite! Snag Bar\Toolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [ExpressFiles] "C:\Program Files\ExpressFiles\ExpressFiles.exe" -tray O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe O4 - HKLM\..\Run: [sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- End of file - 10628 bytes
-
Malwarebytes Anti-Malware 1.65.1.1000 Malwarebytes : Free anti-malware download Databaseversie: v2012.10.27.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Eigenaar :: EIGENAAR-PC [administrator] 27-10-2012 16:46:11 mbam-log-2012-10-27 (16-46-11).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 220853 Verstreken tijd: 5 minuut/minuten, 45 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 14 HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 7 C:\ProgramData\TheBflix (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\data (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\BROWSERCOMPANION (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Eigenaar\Local Settings\Application Data\RavenBleuSA (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Eigenaar\Local Settings\Application Data\RavenBleuSA\bin (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Eigenaar\Local Settings\Application Data\RavenBleuSA\bin\1.0.11.0 (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Eigenaar\Local Settings\Application Data\RavenBleuSA\data (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 14 C:\Users\Eigenaar\Documents\wincln.exe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\background.html (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\bdmkmnjlliodibplcplaffjdiempemfo.crx (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\bhoclass.dll (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\content.js (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\settings.ini (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\data\content.js (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\ProgramData\TheBflix\data\jsondb.js (PUP.BFlix) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\BROWSERCOMPANION\BLABBERS-FF-FULL.XPI (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\BROWSERCOMPANION\blabbers-ch.crx (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Eigenaar\Local Settings\Application Data\RavenBleuSA\bin\1.0.11.0\copyright.txt (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Eigenaar\Local Settings\Application Data\RavenBleuSA\data\RavenBleuSA.dat (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Eigenaar\Local Settings\Application Data\RavenBleuSA\data\RavenBleuSAau.dat (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Eigenaar\Local Settings\Application Data\RavenBleuSA\data\RavenBleuSA_kyf.dat (Adware.Hotbar.RB) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:26:15, on 26-10-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\Eigenaar\Documents\wincln.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACVA94FE\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: Messenger Plus Live Netherlands Toolbar - {d2ab2732-a124-4fb2-8da5-4a6a9e379331} - C:\Program Files\Messenger_Plus_Live_Netherlands\tbMess.dll R3 - URLSearchHook: (no name) - {38542454-dfb6-44f5-b052-d4e071a3d073} - (no file) R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: FCTBPos00Pos - {26A7CA19-7D58-411D-B2DA-F1B0324CBFFC} - C:\Program Files\Gamers Unite! Snag Bar\Toolbar.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AdblockIE - {90EFF544-3981-4d46-85C9-C0361D0931D6} - mscoree.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Messenger Plus Live Netherlands Toolbar - {d2ab2732-a124-4fb2-8da5-4a6a9e379331} - C:\Program Files\Messenger_Plus_Live_Netherlands\tbMess.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll O3 - Toolbar: Messenger Plus Live Netherlands Toolbar - {d2ab2732-a124-4fb2-8da5-4a6a9e379331} - C:\Program Files\Messenger_Plus_Live_Netherlands\tbMess.dll O3 - Toolbar: Gamers Unite! Snag Bar - {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Program Files\Gamers Unite! Snag Bar\Toolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [ExpressFiles] "C:\Program Files\ExpressFiles\ExpressFiles.exe" -tray O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe O4 - HKLM\..\Run: [sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [bjhyhz] C:\Users\Eigenaar\AppData\Roaming\Bjhyhz.exe O4 - HKCU\..\Run: [idle32] C:\Users\Eigenaar\Documents\wincln.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- End of file - 12344 bytes
-
Hoi IK heb sins een tijdje steeds last van popups die uit het niks opkomen deze komen alleen via internet exploier zelfs als ik deze niet gebruik ik heb Microsoft security als anti virtus en verder CCleaner ik heb een aantal van de links gekopiert die steeds opkomen maar het zijn heel veel verschilende hoop dat iemand weet hoe ik deze popups voorgoed kan verwijdere en het liefs zonder van alles te moeten downloaden (1) Neue Chat-Anfrage von Els http://1stnewsliner.com/limits/alarm-lacks-list_point.php Sex.nl Golden 7 Online Casino & Online Poker Room - 888.com bet-at-home.com 5 Free, Spin to Win, 1,000,000
