Ga naar inhoud

petervanderweide

Lid
  • Items

    5
  • Registratiedatum

  • Laatst bezocht

petervanderweide's prestaties

  1. dat klopt, ik had het zelf nog niet door omdat ik zo bezig was met instructies opvolgen dat ik vergat te kijken op firefox. dank voor alle inspanningen ook aan de andere helpers. topklasse !!!! peter
  2. Shortcut Cleaner 1.2.2 by Lawrence Abrams (Grinler) Bleeping Computer - Technical Support and Computer Help Copyright 2008-2013 BleepingComputer.com More Information about Shortcut Cleaner can be found at this link: Shortcut Cleaner Download Windows Version: Windows 7 Home Premium Service Pack 1 Program started at: 03/31/2013 11:48:08 PM. Scanning for registry hijacks: * HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs "Tabs" hijacked to 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! Backup Registry file created at: D:\Users\Desktop\sc-cleaner\sc-cleaner-03-31-2013-11-48-08.reg Searching for Hijacked Shortcuts: Searching C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\ Searching C:\ProgramData\Microsoft\Windows\Start Menu\ Searching C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ Searching C:\Users\Public\Desktop\ Searching D:\Users\Desktop 0 bad shortcuts found. Program finished at: 03/31/2013 11:48:08 PM Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s) Zoek.exe Version 4.0.0.2 Updated 30-03-2013 Tool run by Gebruiker on zo 31-03-2013 at 23:34:11,45. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\6xcgcps1.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\6xcgcps1.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2013-03-28 15:11:49 92EB844D90615CB266F84C3202B8786E 24176 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-03-28 09:18:37 FF20F67DD5644BD1D2E7FCD95AF7F03B 158024 ----a-w- C:\Windows\Sysnative\drivers\ssadserd.sys 2013-03-28 09:18:37 FE9FA1AAE4D00CA73ADEF4437CD89679 17224 ----a-w- C:\Windows\Sysnative\drivers\ssadcmnt.sys 2013-03-28 09:18:37 FE9FA1AAE4D00CA73ADEF4437CD89679 17224 ----a-w- C:\Windows\Sysnative\drivers\ssadcm.sys 2013-03-28 09:18:37 D6CFD3B2EABCF9327DE39C62BABFA1E3 21320 ----a-w- C:\Windows\Sysnative\drivers\ssadmdfl.sys 2013-03-28 09:18:37 5EB01E6148742C3EC2185AC92F6D16FD 188232 ----a-w- C:\Windows\Sysnative\drivers\ssadmdm.sys 2013-03-28 09:18:37 52D6F40B50ECFC051979FEC68E74F0F8 169288 ----a-w- C:\Windows\Sysnative\drivers\ssadbus.sys 2013-03-28 09:18:37 0D7B007DEA662EE90C87CB0AEA5D692A 17736 ----a-w- C:\Windows\Sysnative\drivers\ssadwhnt.sys 2013-03-28 09:18:37 0D7B007DEA662EE90C87CB0AEA5D692A 17736 ----a-w- C:\Windows\Sysnative\drivers\ssadwh.sys 2013-03-26 19:21:16 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\Sysnative\drivers\usb8023.sys ====== C:\Windows\Tasks ====== 2013-03-24 10:09:34 2125C3D53BD6884A99302B6C000FED3B 518 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d430fb90-fe50-4a7a-9072-3c3637e8abcf.job 2013-03-24 10:09:33 081CEF60C8491DA2E752C70512856E2B 518 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9edbe015-1ba0-46bd-9070-08f507739446.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-03-24 09:59:49 -------- d-----w- C:\Program Files\Enigma Software Group ======= C:\Program Files (x86) ===== 2013-03-24 21:01:47 -------- d-----w- C:\Program Files (x86)\Trend Micro 2013-03-24 09:59:03 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2013-03-20 15:09:06 -------- d-----w- C:\Program Files (x86)\Common Files\Skype 2013-03-17 20:59:12 -------- d-----w- C:\Program Files (x86)\Mozilla Thunderbird ======= C: ===== 2013-03-31 21:28:33 0F3E09223BC56DBEBAF1F6ABD800D2AF 2334 ----a-w- C:\sc-cleaner.txt 2013-03-31 12:03:38 4EF83A9EEDE5FB2AC22A3F551D161106 6801 ----a-w- C:\AdwCleaner[s1].txt 2013-03-31 11:58:29 201F9C318893A415B04BA984BBC44707 9057 ----a-w- C:\AdwCleaner[R1].txt 2013-03-24 10:00:04 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ====== C:\Users\Gebruiker\AppData\Roaming ====== 2013-03-31 20:48:38 -------- d-----w- C:\users\Gebruiker\AppData\Local\Temp 2013-03-30 17:26:21 18B8B312973D3B066027B556FA318AC1 38465 ----a-w- C:\users\Gebruiker\AppData\Roaming\Door lijstscheidingstekens gescheiden waarden (DOS).ADR 2013-03-30 16:38:05 33695573F41B46AEC70B5591E64F4C3C 38448 ----a-w- C:\users\Gebruiker\AppData\Roaming\Door tabs gescheiden waarden (Windows).ADR 2013-03-28 15:11:28 -------- d-----w- C:\users\Gebruiker\AppData\Local\Programs ====== C:\Users\Gebruiker ====== ====== C: exe-files == 2013-03-30 08:08:35 A996A3FCBD1DD86F908A6304120B3FE6 7548744 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgmfapx.exe 2013-03-30 08:08:35 9F96249A7823C7C2B9E0B6D46A77CAE6 15920 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgrdtestx.exe 2013-03-30 08:08:35 7DDB04EFCA15BEE73286D67270894303 44080 ----a-w- C:\ProgramData\MFAData\SelfUpd\avguirux.exe 2013-03-30 08:08:34 69D812B395637F8FCFEA7C7CC1660AE1 628272 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgntdumpx.exe 2013-03-30 08:08:32 AD6D792FA7A34A5E742ABAE1BE0DECBB 2940496 ----a-w- C:\ProgramData\MFAData\SelfUpd\safeguard.exe 2013-03-30 08:08:32 A207399E698B1AE761300218A5C6C997 189560 ----a-w- C:\ProgramData\MFAData\SelfUpd\fixcfg.exe 2013-03-30 08:08:32 6CDB170214F110345D3DE78D0C189963 408344 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgwsc.exe 2013-03-30 08:08:31 6B72E1E329C4E98C6B6FDD2D265E3BA3 196664 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgwdsvc.exe 2013-03-30 08:08:29 E7A82AA20C6AAC418A7ABFFAB5049149 326264 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgndisa.exe 2013-03-30 08:08:29 DC83C9F4130F447EAD187879708C8035 952952 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgrsa.exe 2013-03-30 08:08:29 BC24870D220DD11CB6E2BD4189F33B43 433272 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsrmax.exe 2013-03-30 08:08:29 B809B20913A473AA204F85FB5BB33DDB 410744 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgscana.exe 2013-03-30 08:08:29 A91E381471BEAD831335D253377D94E3 349304 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgscanx.exe 2013-03-30 08:08:29 9DADF1A809ECEC86F04BDE35190D59FE 3147384 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgui.exe 2013-03-30 08:08:29 88898DBB395E15F084C57533615C4BA6 16504 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgrdtesta.exe 2013-03-30 08:08:29 4D1BE3536D17A1B3862BC998D1834A26 510072 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsrmaa.exe 2013-03-30 08:08:29 2FC6C98A23864B2E50E53B4848939EAF 1354360 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgnsa.exe 2013-03-30 08:08:29 16ED62929808C759270D9720BDAE6135 796792 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgntdumpa.exe 2013-03-30 08:08:29 12003A9A3EFAD99FEC9EEA9B4021444B 2764384 ----a-w- C:\ProgramData\MFAData\SelfUpd\AVGTBInstall.exe 2013-03-30 08:08:28 FF0602E28D69B977F889D435F902545E 952440 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgemca.exe 2013-03-30 08:08:28 DE35D659575C700BA4E8E912671EA4BA 2763896 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgdiagex.exe 2013-03-30 08:08:28 DB34611AFB2647628D215BB215095181 649848 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcmgr.exe 2013-03-30 08:08:28 CF433BC29D4089D264F24A1ED371941D 531576 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcsrva.exe 2013-03-30 08:08:28 BB6F4582FB8D7A2B934E50DC5FBE7ABB 4658296 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcrema.exe 2013-03-30 08:08:28 B2247A6EC9B84C9D50A6571EF7CD6221 825976 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgdumpa.exe 2013-03-30 08:08:28 AFA4960B02E3A9A972B9D7FC03AFCE29 622200 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgdumpx.exe 2013-03-30 08:08:28 99997FA9056ACB38AA388BDA134CEF6E 440440 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcsrvx.exe 2013-03-30 08:08:28 8FE9D01FA51260A9B5373D46E86D4F9D 329848 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcfgex.exe 2013-03-30 08:08:28 4AFC14AFA58878FAA1D249E7E90EA54B 5814904 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgidsagent.exe 2013-03-29 11:50:24 3EB7FAB7C02C427DE97CB0387CDE1BAF 602480 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe 2013-03-28 09:32:42 2D6168D8010C7B6DB1DCBF42B0113056 602480 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe === C: other files == 2013-03-31 20:30:19 EF4119DCE26EF8B1EB4A3C8B91EEE598 767734 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\7919a65a-8c47-47d3-bc11-c593afbc482a.zip 2013-03-31 19:50:01 1A366843249759A9701129387BD6D95A 44758 ----a-w- C:\Users\Public\Desktop\sample_31-03-2013_2149.zip 2013-03-30 08:42:21 A024E6A14F2DB7B937B54D19F7297E1F 1394398 ----a-w- C:\Program Files (x86)\AVG\AVG2013\banners\banners.zip 2013-03-28 15:11:49 92EB844D90615CB266F84C3202B8786E 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-28 09:18:51 F1D8F6471BD4E5C82E05A61CB2BD8A5E 203544 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssuddmgr.sys 2013-03-28 09:18:51 E07BB90071FA944038B0CF3FC050E485 181912 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudobex.sys 2013-03-28 09:18:51 C8BE6ED9243AD3979FE951A5CAE3A43F 203544 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudobex.sys 2013-03-28 09:18:51 B4C983DA20E2970E21893BF0E4EE2AD8 203544 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudmdm.sys 2013-03-28 09:18:51 9247D13A2E698BD21A3C5DBDB888D60A 39192 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudeadb.sys 2013-03-28 09:18:51 6D82CB78DE57A073E95431F3486B1B27 181784 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudmdm.sys 2013-03-28 09:18:51 649705E3DAE598BC0F957BACBF9A2BD5 83864 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudbus.sys 2013-03-28 09:18:51 609380EF89848478E8142E99112B8ADF 203544 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudserd.sys 2013-03-28 09:18:51 5EB966307B86B4EC5887BCE5B9FA0D0D 80664 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudrmnetmp.sys 2013-03-28 09:18:51 5E9A7EB8BDCB3EA53E7C928468CF620F 45336 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudnd5.sys 2013-03-28 09:18:51 5DF217459915F45AFED54451C2115389 92952 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudrmnetmp.sys 2013-03-28 09:18:51 5D8662BA2EC14E912E6627815BAB5435 181912 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssuddmgr.sys 2013-03-28 09:18:51 5A66CCA2AC05AB34E81FC858028A2580 67864 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudrmnet.sys 2013-03-28 09:18:51 4865C6087813D7E75E806974EEAB9863 59160 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudrmnet.sys 2013-03-28 09:18:51 41AC348DBD378F618CB4FDEE54270692 102936 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudbus.sys 2013-03-28 09:18:51 4041AE4CDB45B3C77C325118DFB22615 33176 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudeadb.sys 2013-03-28 09:18:51 373DA4FCFD4737C9227D8A4EDD5D7BC6 181912 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudserd.sys 2013-03-28 09:18:51 0D915778E852534F1630536D68A5B6F5 50968 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudnd5.sys 2013-03-28 09:18:37 FF20F67DD5644BD1D2E7FCD95AF7F03B 158024 ----a-w- C:\Windows\System32\drivers\ssadserd.sys 2013-03-28 09:18:37 FF20F67DD5644BD1D2E7FCD95AF7F03B 158024 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadserd.sys 2013-03-28 09:18:37 FE9FA1AAE4D00CA73ADEF4437CD89679 17224 ----a-w- C:\Windows\System32\drivers\ssadcmnt.sys 2013-03-28 09:18:37 FE9FA1AAE4D00CA73ADEF4437CD89679 17224 ----a-w- C:\Windows\System32\drivers\ssadcm.sys 2013-03-28 09:18:37 FE9FA1AAE4D00CA73ADEF4437CD89679 17224 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadcmnt.sys 2013-03-28 09:18:37 D6CFD3B2EABCF9327DE39C62BABFA1E3 21320 ----a-w- C:\Windows\System32\drivers\ssadmdfl.sys 2013-03-28 09:18:37 D6CFD3B2EABCF9327DE39C62BABFA1E3 21320 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadmdfl.sys 2013-03-28 09:18:37 BB6EDB0257860083193CC1581AC7D485 136904 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\i386\ssadbus.sys 2013-03-28 09:18:37 9EFD9F42795C9E90206C1E9A9B25E8D3 130248 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\i386\ssadserd.sys 2013-03-28 09:18:37 88BBDA3D977429C6DAB0991EC5339A19 15304 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\i386\ssadwhnt.sys 2013-03-28 09:18:37 5EB01E6148742C3EC2185AC92F6D16FD 188232 ----a-w- C:\Windows\System32\drivers\ssadmdm.sys 2013-03-28 09:18:37 5EB01E6148742C3EC2185AC92F6D16FD 188232 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadmdm.sys 2013-03-28 09:18:37 5BCB68F7B62159C07789D3F405750623 17864 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\i386\ssadmdfl.sys 2013-03-28 09:18:37 52D6F40B50ECFC051979FEC68E74F0F8 169288 ----a-w- C:\Windows\System32\drivers\ssadbus.sys 2013-03-28 09:18:37 52D6F40B50ECFC051979FEC68E74F0F8 169288 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadbus.sys 2013-03-28 09:18:37 3CF7A4350C9646D92F147D620EC0D363 38080 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadadb.sys 2013-03-28 09:18:37 370168F1FD1CEF45DA470A44439426CA 15560 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\i386\ssadcmnt.sys 2013-03-28 09:18:37 2F8616646215EEDB28C2E40994DB8E38 32064 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\i386\ssadadb.sys 2013-03-28 09:18:37 1588A89F9CD9E68DE9FCC9F60FDB5C08 153672 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\i386\ssadmdm.sys 2013-03-28 09:18:37 0D7B007DEA662EE90C87CB0AEA5D692A 17736 ----a-w- C:\Windows\System32\drivers\ssadwhnt.sys 2013-03-28 09:18:37 0D7B007DEA662EE90C87CB0AEA5D692A 17736 ----a-w- C:\Windows\System32\drivers\ssadwh.sys 2013-03-28 09:18:37 0D7B007DEA662EE90C87CB0AEA5D692A 17736 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\16_Shrewsbury\amd64\ssadwhnt.sys 2013-03-28 09:18:31 FA03D4C16F2F7ACD43E6317767764E0C 169288 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\amd64\sscebus.sys 2013-03-28 09:18:31 F45937AB7F170570DC40F7A00F65AAF9 16768 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscecm95.sys 2013-03-28 09:18:31 EB5818115562D45A66E23C85C90E9442 158024 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\amd64\ssceserd.sys 2013-03-28 09:18:31 D72A342711D3CB977BE9F2605EE853B5 13184 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscewh95.sys 2013-03-28 09:18:31 9428B5CA620EBB466BF82C834AD90285 10624 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscecr.sys 2013-03-28 09:18:31 82E42B6977C614CC9D036723D410A1DF 153672 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscemdm.sys 2013-03-28 09:18:31 7E7493BBEE5468BB34C9E019A06F5310 15304 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscewhnt.sys 2013-03-28 09:18:31 718442270A7719652DF0BDD5A85B3B46 15560 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscecmnt.sys 2013-03-28 09:18:31 625A76BFBB915F7AE8141A4165F41E88 130376 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\ssceserd.sys 2013-03-28 09:18:31 5D00795AD1BBD618A0CF993E979E0143 17224 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\amd64\sscecmnt.sys 2013-03-28 09:18:31 50C23ED603E5DF8A7CF1D56DDEF31A15 21320 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\amd64\sscemdfl.sys 2013-03-28 09:18:31 33B11FF28DF39D086E3D80ACC0F87D90 136904 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscebus.sys 2013-03-28 09:18:31 2697A4F6BA959FDD45249C9DE1D725E8 17736 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\amd64\sscewhnt.sys 2013-03-28 09:18:31 2635EB2E07E7389977E1F87B2570E655 17864 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\i386\sscemdfl.sys 2013-03-28 09:18:31 1F48814204F6B2C03687A1675772E899 188232 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\04_semseyite\amd64\sscemdm.sys 2013-03-28 09:18:27 DF11D259C10C9D0DFCCBA1093C5DB1BD 169288 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\amd64\sscdbus.sys 2013-03-28 09:18:27 BF6F31B9F5A98400DFB42CDB2C6537E1 130248 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\i386\sscdserd.sys 2013-03-28 09:18:27 96E20FE523F992F96CCA23B2437F5CC7 15304 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\i386\sscdwhnt.sys 2013-03-28 09:18:27 68820F9A67F0D170A6842094EBDCD924 17864 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\i386\sscdmdfl.sys 2013-03-28 09:18:27 6166669C3BC2624EA479A482AE663E21 17736 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\amd64\sscdwhnt.sys 2013-03-28 09:18:27 3EF9386DC95BF2AE60D08367E5E4E785 21320 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\amd64\sscdmdfl.sys 2013-03-28 09:18:27 187C98B48C70400C7CE5F11EC2BB9214 17224 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\amd64\sscdcmnt.sys 2013-03-28 09:18:27 1381D76044350F327539E47B67367992 158024 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\amd64\sscdserd.sys 2013-03-28 09:18:27 0A3B7562002C50F208FCCDEB7380B57B 153672 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\i386\sscdmdm.sys 2013-03-28 09:18:27 00D2AA893C662A9EB9B779F6CA2B0DFB 188232 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\amd64\sscdmdm.sys 2013-03-28 09:18:26 E6CE6348A4F6E06925548F62527F0F99 136776 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\i386\sscdbus.sys 2013-03-28 09:18:26 8F40A62436A05A8963391DFB1D9F2876 15560 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\03_Swallowtail\i386\sscdcmnt.sys 2013-03-26 19:21:16 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3296328746-1987701534-2720084352-1000\Software\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "AirVideoServer"="C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "Yontoo Desktop"="C:\Users\Gebruiker\AppData\Roaming\Yontoo\YontooDesktop.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Aimersoft Helper Compact.exe"="C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY" "vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "AirVideoServer"="C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "Yontoo Desktop"="C:\Users\Gebruiker\AppData\Roaming\Yontoo\YontooDesktop.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [16-03-2013 00:39] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22-11-2012 10:46] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22-11-2012 10:46] C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 9edbe015-1ba0-46bd-9070-08f507739446.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe [04-05-2011 19:52] C:\Windows\tasks\SUPERAntiSpyware Scheduled Task d430fb90-fe50-4a7a-9072-3c3637e8abcf.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe [04-05-2011 19:52] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\6xcgcps1.default 4676A8E1EE37E71486717ECD1E61C17B - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default 47299371607DC2FB234444EEACB1639E - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash 2616B4D6D04F18C579B7861F02B0B592 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.130.20 4676A8E1EE37E71486717ECD1E61C17B - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== Google Docs - Gebruiker - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gebruiker - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gebruiker - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gebruiker - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Gebruiker - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Delta Toolbar - Gebruiker - Default\Extensions\gnnabbonolmdccgncgckdfikehphiknc AVG Safe Search - Gebruiker - Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla AVG Do Not Track - Gebruiker - Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Gmail - Gebruiker - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="http://isearch.avg.com/search?cid={35707DFB-0699-49AE-81ED-DB7B863D3E4A}&mid=8e9a7141a55b47d0b91cc593afbc482a-7d669b3300abb1cc213ad9a6e21d14f10d2b9384〈=nl&ds=AVG&pr=fr&d=2013-01-19" {9BDA8FE9-D368-48D5-8910-A85041D89A97} Bing Url="http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox" ==== Reset Google Chrome ====================== Nothing found to reset ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2012.lnk - C:\Users\Public\Desktop\AVG 2013.lnk - C:\Users\Public\Desktop\calibre - E-book management.lnk - C:\Users\Public\Desktop\Google Earth.lnk - C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Users\Public\Desktop\Skype.lnk - C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk - ==== shortcuts in Users Start Menu ====================== C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2013.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012 Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012 verwijderen.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\PC Helpforum - Gratis hulp bij computer problemen - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\calibre - E-book management.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\E-book viewer.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\LRF viewer.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in DirectX-modus.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in OpenGL-modus.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth verwijderen.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Agenda.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contactgegevens.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\E-mail.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Fotostream.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Zoek mijn iPhone.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec\1.0b beta\Uninstall.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Alternate Start.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Free Edition.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Registration-Activation.lnk - ==== shortcuts in Quick Launch ====================== C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk - ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [AirVideoServer] C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\Gebruiker\AppData\Roaming\Yontoo\YontooDesktop.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://www.samsungsetup.com O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung Network Fax Server - Samsung Electronics Co., Ltd. - C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe O23 - Service: Samsung UPD Service2 - Unknown owner - C:\Windows\System32\SUPDSvc2.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\986pwd84.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully
  3. # AdwCleaner v1.606 - Logfile created 03/31/2013 at 14:03:38 # Updated 10/05/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Gebruiker - DESKTOPPETER # Running from : D:\Users\Desktop\AdwCleaner_1.606_En.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Users\Gebruiker\AppData\Local\Smartbar Folder Deleted : C:\Users\GEBRUI~1\AppData\Local\Temp\BabylonToolbar Folder Deleted : C:\Users\GEBRUI~1\AppData\Local\Temp\Smartbar Folder Deleted : C:\Users\Gebruiker\AppData\LocalLow\Smartbar Folder Deleted : C:\Users\Gebruiker\AppData\Roaming\Babylon Folder Deleted : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default\extensions\helperbar@helperbar.com Folder Deleted : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default\extensions\plugin@yontoo.com Folder Deleted : C:\ProgramData\Ask Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\Tarma Installer File Deleted : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default\searchplugins\Askcom.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml ***** [Registry] ***** Key Deleted : HKCU\Software\Smartbar Key Deleted : HKCU\Software\SmartbarBackup Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\SOFTWARE\Babylon Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1 Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc [x64] Key Deleted : HKLM\SOFTWARE\Tarma Installer [x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113} [x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} [x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} [x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} [x64] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v19.0.2 (nl) Profile name : default File : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default\prefs.js C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\986pwd84.default\user.js ... Deleted ! Deleted : user_pref("browser.search.defaultengine", "Ask.com"); Deleted : user_pref("browser.search.selectedEngine", "Web Search"); Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true); -\\ Google Chrome v [unable to get version] File : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. -\\ Opera v12.1.1532.0 File : C:\Users\Gebruiker\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] File is clean. ************************* AdwCleaner[R1].txt - [9057 octets] - [31/03/2013 13:58:29] AdwCleaner[s1].txt - [6688 octets] - [31/03/2013 14:03:38] ########## EOF - C:\AdwCleaner[s1].txt - [6816 octets] ##########
  4. hallo allereerst bedankt voor al je moeite. het lukt me nog niet om 22 find te verwijderen de eerste 3 regels die ik zou moeten verwijderen stonden er niet bij. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = hierbij de gegevens Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2013.03.28.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Gebruiker :: DESKTOPPETER [administrator] Bescherming: Ingeschakeld 28-3-2013 16:12:51 mbam-log-2013-03-28 (16-12-51).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 238588 Verstreken tijd: 3 minuut/minuten, 3 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 1 HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Slecht: (22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!) Goed: (Google) -> Succesvol in quarantaine geplaatst en gerepareerd. Mappen gedetecteerd: 5 C:\Users\Gebruiker\AppData\Roaming\__mnfact__ (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\__mnfact__\__product__ (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\__mnfact__\__product__\ImageEditor (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\__mnfact__\__product__\ImageEditor\History (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\__mnfact__\__product__\ImageEditor\History\1794 (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 2 C:\Users\Gebruiker\AppData\Local\Temp\22find_mlv.exe (Adware.ChinAd) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Local\Temp\blabbers-ff-le.xpi (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2013.03.28.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Gebruiker :: DESKTOPPETER [administrator] Bescherming: Ingeschakeld 28-3-2013 16:26:07 mbam-log-2013-03-28 (16-26-07).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 238083 Verstreken tijd: 3 minuut/minuten, 48 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2013.03.29.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Gebruiker :: DESKTOPPETER [administrator] Bescherming: Ingeschakeld 29-3-2013 14:14:49 mbam-log-2013-03-29 (14-14-49).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 238762 Verstreken tijd: 2 minuut/minuten, 40 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2013.03.29.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Gebruiker :: DESKTOPPETER [administrator] Bescherming: Ingeschakeld 29-3-2013 14:14:49 mbam-log-2013-03-29 (14-14-49).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 238762 Verstreken tijd: 2 minuut/minuten, 40 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) 2013/03/29 10:30:54 +0100 DESKTOPPETER Gebruiker MESSAGE Starting protection 2013/03/29 10:30:54 +0100 DESKTOPPETER Gebruiker MESSAGE Protection started successfully 2013/03/29 10:30:54 +0100 DESKTOPPETER Gebruiker MESSAGE Starting IP protection 2013/03/29 10:31:00 +0100 DESKTOPPETER Gebruiker MESSAGE IP Protection started successfully 2013/03/29 10:33:11 +0100 DESKTOPPETER Gebruiker MESSAGE Executing scheduled update: Daily 2013/03/29 10:33:17 +0100 DESKTOPPETER Gebruiker MESSAGE Scheduled update executed successfully: database updated from version v2013.03.28.08 to version v2013.03.29.02 2013/03/29 10:33:17 +0100 DESKTOPPETER Gebruiker MESSAGE Starting database refresh 2013/03/29 10:33:17 +0100 DESKTOPPETER Gebruiker MESSAGE Stopping IP protection 2013/03/29 10:33:17 +0100 DESKTOPPETER Gebruiker MESSAGE IP Protection stopped successfully 2013/03/29 10:33:19 +0100 DESKTOPPETER Gebruiker MESSAGE Database refreshed successfully 2013/03/29 10:33:19 +0100 DESKTOPPETER Gebruiker MESSAGE Starting IP protection 2013/03/29 10:33:22 +0100 DESKTOPPETER Gebruiker MESSAGE IP Protection started successfully 2013/03/29 14:14:39 +0100 DESKTOPPETER Gebruiker MESSAGE Starting database refresh 2013/03/29 14:14:39 +0100 DESKTOPPETER Gebruiker MESSAGE Stopping IP protection 2013/03/29 14:14:39 +0100 DESKTOPPETER Gebruiker MESSAGE IP Protection stopped successfully 2013/03/29 14:14:41 +0100 DESKTOPPETER Gebruiker MESSAGE Database refreshed successfully 2013/03/29 14:14:41 +0100 DESKTOPPETER Gebruiker MESSAGE Starting IP protection 2013/03/29 14:14:44 +0100 DESKTOPPETER Gebruiker MESSAGE IP Protection started successfully Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:12:48, on 29-3-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe D:\Users\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=NL&userid=3af604dc-eab3-4f63-b776-dc99f094f52e&searchtype=ds&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=NL&userid=3af604dc-eab3-4f63-b776-dc99f094f52e&searchtype=ds&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=NL&userid=3af604dc-eab3-4f63-b776-dc99f094f52e&searchtype=ds&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=NL&userid=3af604dc-eab3-4f63-b776-dc99f094f52e&searchtype=ds&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [AirVideoServer] C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://www.samsungsetup.com O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung Network Fax Server - Samsung Electronics Co., Ltd. - C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe O23 - Service: Samsung UPD Service2 - Unknown owner - C:\Windows\System32\SUPDSvc2.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14206 bytes groet en petersucces
  5. hallo firefox start op met snap do wat ik denk te hebben verwijderd met Hijackthis. nu start Firefox op met 22 find tapak portal onderstaand het logbestand na het scannen. kan iemand mij helpen? peter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:32:21, on 24-3-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (file missing) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing) O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [AirVideoServer] C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe O4 - HKCU\..\Run: [browser Infrastructure Helper] C:\Users\Gebruiker\AppData\Local\Smartbar\Application\SnapDo.exe startup O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://www.samsungsetup.com O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung Network Fax Server - Samsung Electronics Co., Ltd. - C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe O23 - Service: Samsung UPD Service2 - Unknown owner - C:\Windows\System32\SUPDSvc2.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13901 bytes
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.