JohnNe
-
Items
10 -
Registratiedatum
-
Laatst bezocht
JohnNe's prestaties
-
Zo, nu weer terug naar mijn eigen probleem wat zich nog steeds voordoet. Traag afsluiten van Windows XP. Ondertussen aan de gang geweest met Adwcleaner, waarvan hier de log, gevolgd door een nieuwe HJT log # AdwCleaner v2.301 - Verslag gemaakt op 31/05/2013 om 21:42:19 # Geactualiseerd op 16/05/2013 door Xplode # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits) # Gebruiker : Gebruiker - CP254803-B # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Documents and Settings\Gebruiker\Bureaublad\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\p2pigxma.default\searchplugins\Conduit.xml File Verwijdert : C:\END Map Verwijdert : C:\Documents and Settings\Gebruiker\Application Data\PriceGong Map Verwijdert : C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Conduit Map Verwijdert : C:\Documents and Settings\Gebruiker\Local Settings\Application Data\midicair Map Verwijdert : C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Vuze_Remote Map Verwijdert : C:\Documents and Settings\NetworkService\Local Settings\Application Data\midicair Map Verwijdert : C:\Documents and Settings\NetworkService\Local Settings\Application Data\Vuze_Remote Map Verwijdert : C:\Program Files\midicair Map Verwijdert : C:\Program Files\Vuze_Remote ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\Babylon Sleutel Verwijdert : HKCU\Software\Conduit Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com Sleutel Verwijdert : HKCU\Software\midicair Sleutel Verwijdert : HKCU\Software\PriceGong Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKCU\Software\Vuze_Remote Sleutel Verwijdert : HKCU\Software\YahooPartnerToolbar Sleutel Verwijdert : HKCU\Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Conduit.Engine Sleutel Verwijdert : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery Sleutel Verwijdert : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\imweb.imwebcontrol Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2504091 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2795622 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B} Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\ImInstaller Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{797F795F-1BC9-4BC6-8EF1-CFB65EF63055} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{892A7010-9122-4A6C-B738-8995BD5FD2BD} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB2FCAB0-61C9-4EF0-831D-225F620A9DC6} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDBDD75A-E5B9-4356-9BD4-2C740548675F} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\midicair Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Vuze_Remote Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9CB0C157-F9B1-4B0B-AE43-8217B2B2AA44} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CBD1100B-B71C-45C3-8AAD-A5BC88F529A4} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Sleutel Verwijdert : HKLM\Software\midicair Sleutel Verwijdert : HKLM\Software\Vuze_Remote Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{77F8C945-4B74-4BD6-A073-E0D1997EDCE8}] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}] ***** [browsers] ***** -\\ Internet Explorer v7.0.6000.21335 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v20.0.1 (nl) File : C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\p2pigxma.default\prefs.js Verwijdert : user_pref("browser.search.defaultthis.engineName", "midicair Customized Web Search"); Verwijdert : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2795622&Sea[...] Verwijdert : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2795622&SearchSource=13"); File : C:\Documents and Settings\Gast\Application Data\Mozilla\Firefox\Profiles\cm78j8pv.default\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v26.0.1410.64 File : C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [7266 octets] - [31/05/2013 21:42:19] ########## EOF - C:\AdwCleaner[s1].txt - [7326 octets] ########## Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:54:03, on 31-5-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.21335) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Norman\Npm\bin\ELOGSVC.EXE C:\Norman\Npm\Bin\Nvoy.exe C:\Norman\Ngs\Bin\Nnf.exe C:\Norman\Ngs\Bin\Nprosec.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe C:\WINDOWS\System32\svchost.exe C:\Norman\Npm\Bin\Zanda.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Norman\Nvc\bin\nhs.exe C:\Norman\Npt\Bin\Npsvc32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\Synology Data Replicator 3\SynoDrService.exe C:\Norman\Npm\Bin\ZLH.EXE C:\Program Files\QuickTime\QTTask.exe C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Norman\Npm\Bin\zlhh.exe C:\Program Files\iPod\bin\iPodService.exe C:\Norman\Npm\Bin\scheduler.exe C:\Norman\Npm\Bin\Njeeves.exe C:\Norman\nig\bin\nigsvc32.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\WINDOWS\System32\svchost.exe C:\Norman\nig\bin\niguser.exe C:\Norman\Nvc\bin\nvcoas.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Norman\Nvc\Bin\cclaw.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\cidaemon.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ziggo.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [Norman ZANDA] "C:\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [EPSON SX110 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE /FU "C:\WINDOWS\TEMP\E_SAA.tmp" /EF "HKCU" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\norman\ngs\bin\nlf.dll O10 - Unknown file in Winsock LSP: c:\norman\ngs\bin\nlf.dll O10 - Unknown file in Winsock LSP: c:\norman\ngs\bin\nlf.dll O10 - Unknown file in Winsock LSP: c:\norman\ngs\bin\nlf.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158968875312 O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v911/Navigram.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman AS - C:\Norman\Npm\bin\ELOGSVC.EXE O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate1c9aff6e53552e4) (gupdate1c9aff6e53552e4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Norman\Nvc\bin\nhs.exe O23 - Service: Norman Intrusion Guard (NIG) - Norman AS - C:\Norman\nig\bin\nigsvc32.exe O23 - Service: Norman Network Filtering service (NNFSVC) - Norman AS - C:\Norman\Ngs\Bin\Nnf.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\Bin\Njeeves.exe O23 - Service: Norman ZANDA - Norman AS - C:\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Security service (NPROSECSVC) - Norman AS - C:\Norman\Ngs\Bin\Nprosec.exe O23 - Service: Norman Privacy Service (npsvc32) - Norman AS - C:\Norman\Npt\Bin\Npsvc32.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Norman\nse\bin\NSESVC.EXE O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman AS - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - C:\Norman\Npm\Bin\Nvcsched.exe (file missing) O23 - Service: Norman Resource Provider (NICCA) (NVOY) - Norman AS - C:\Norman\Npm\Bin\Nvoy.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: Norman Scheduler Service (Scheduler) - Norman AS - C:\Norman\Npm\Bin\scheduler.exe O23 - Service: SynoDrService - Unknown owner - C:\Program Files\Synology Data Replicator 3\SynoDrService.exe -- End of file - 10757 bytes - - - Updated - - - P.s., Ik zou graag messenger eraf hebben. Na vorige week staat dat er ineens weer op, ook in de opstart. Mijn kids gebruikten dat, maar ik dus niet en ook nooit gedaan. Heb ook geen hotmail
-
Dank Kape voor alle hulp. De PC is nog steeds traag maar wel een stuk sneller. Hoe traag die was, was niet normaal. Je kon gerust tussendoor gaan ontbijten nadat de pc was aangezet. Ik ben nu thuis, dus niet bij mijn pa maar ben met een gerust hart weggegaan. Nogmaals dank voor de hulp, niet in de laatste plaats namens mijn pa.
-
Het heeft even geduurd maar hier is de log van combofix: ComboFix 13-05-30.02 - Fishy 30-05-2013 21:17:32.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.894.106 [GMT 2:00] Gestart vanuit: c:\users\Fishy\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Fishy\AppData\Roaming\Microsoft\Windows\Recent\Comfy Cakes.pif c:\users\Fishy\AppData\Roaming\Microsoft\Windows\Recent\Fortis Bank - Particulier.url c:\users\Fishy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tool c:\windows\Fonts\ARIALNI.TTF c:\windows\IsUn0413.exe F:\setup.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2013-04-28 to 2013-05-30 )))))))))))))))))))))))))))))) . . 2013-05-30 19:30 . 2013-05-30 19:30 -------- d-----w- c:\users\Fishy\AppData\Local\temp 2013-05-30 19:30 . 2013-05-30 19:30 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-05-30 18:06 . 2013-05-30 18:06 150 ----a-w- c:\windows\DeleteOnReboot.bat 2013-05-28 16:08 . 2013-05-13 06:19 7016152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{61221479-9C25-4E1B-8FDF-99E3DE458C6E}\mpengine.dll 2013-05-15 19:48 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2013-05-15 17:44 . 2013-04-15 14:20 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2013-05-15 17:44 . 2013-04-13 10:56 37376 ----a-w- c:\windows\system32\cdd.dll 2013-05-15 17:43 . 2013-04-09 01:36 2049024 ----a-w- c:\windows\system32\win32k.sys 2013-05-08 01:12 . 2013-05-08 01:12 106088 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll 2013-05-02 17:51 . 2013-05-02 17:51 -------- d-----w- c:\users\Fishy\AppData\Roaming\Malwarebytes 2013-05-02 17:51 . 2013-05-02 17:51 -------- d-----w- c:\programdata\Malwarebytes 2013-05-02 17:51 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-05-02 17:51 . 2013-05-02 17:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-05-02 17:41 . 2013-05-09 08:59 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-05-02 17:41 . 2013-05-09 08:59 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-05-02 17:20 . 2013-05-02 17:20 -------- d-----w- c:\users\Fishy\AppData\Local\Macromedia 2013-05-02 17:10 . 2013-05-15 19:16 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-15 19:16 . 2011-07-20 10:17 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-05-09 08:59 . 2011-07-01 11:25 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-05-09 08:59 . 2008-04-08 14:30 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-05-09 08:59 . 2007-07-27 16:06 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-05-09 08:59 . 2007-07-27 16:06 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2013-05-09 08:59 . 2007-07-27 16:05 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-05-09 08:59 . 2008-04-08 14:30 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2013-05-09 08:58 . 2011-01-18 11:39 41664 ----a-w- c:\windows\avastSS.scr 2013-05-09 08:58 . 2007-07-27 16:05 229648 ----a-w- c:\windows\system32\aswBoot.exe 2013-05-08 10:16 . 2009-08-18 09:24 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2013-05-02 00:06 . 2009-10-03 08:26 238872 ------w- c:\windows\system32\MpSigStub.exe 2013-03-30 10:19 . 2013-03-30 10:19 161792 ----a-w- c:\windows\system32\msls31.dll 2013-03-30 10:19 . 2013-03-30 10:19 86528 ----a-w- c:\windows\system32\iesysprep.dll 2013-03-30 10:19 . 2013-03-30 10:19 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-03-30 10:19 . 2013-03-30 10:19 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2013-03-30 10:19 . 2013-03-30 10:19 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-03-30 10:19 . 2013-03-30 10:19 63488 ----a-w- c:\windows\system32\tdc.ocx 2013-03-30 10:19 . 2013-03-30 10:19 367104 ----a-w- c:\windows\system32\html.iec 2013-03-30 10:19 . 2013-03-30 10:19 74752 ----a-w- c:\windows\system32\iesetup.dll 2013-03-30 10:19 . 2013-03-30 10:19 23552 ----a-w- c:\windows\system32\licmgr10.dll 2013-03-30 10:19 . 2013-03-30 10:19 152064 ----a-w- c:\windows\system32\wextract.exe 2013-03-30 10:19 . 2013-03-30 10:19 150528 ----a-w- c:\windows\system32\iexpress.exe 2013-03-30 10:19 . 2013-03-30 10:19 35840 ----a-w- c:\windows\system32\imgutil.dll 2013-03-30 10:19 . 2013-03-30 10:19 11776 ----a-w- c:\windows\system32\mshta.exe 2013-03-30 10:19 . 2013-03-30 10:19 101888 ----a-w- c:\windows\system32\admparse.dll 2013-03-30 10:19 . 2013-03-30 10:19 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-03-11 13:25 . 2013-04-12 11:03 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-03-11 13:25 . 2013-04-12 11:03 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-03-09 03:45 . 2013-04-12 11:03 49152 ----a-w- c:\windows\system32\csrsrv.dll 2013-03-09 01:28 . 2013-04-12 11:03 64000 ----a-w- c:\windows\system32\smss.exe 2013-03-08 03:53 . 2013-04-12 11:02 376320 ----a-w- c:\windows\system32\winsrv.dll 2013-03-08 03:52 . 2013-04-12 11:02 2067968 ----a-w- c:\windows\system32\mstscax.dll 2013-03-03 19:07 . 2013-04-26 16:58 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-05-09 08:58 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-16 221184] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-22 92704] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-22 13539872] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Google Updater.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Google Updater.lnk backup=c:\windows\pss\Google Updater.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk] backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup backupExtension=.CommonStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2013-05-08 21:20 41056 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast5] 2013-05-09 08:58 4858968 ----a-w- c:\program files\Alwil Software\Avast5\AvastUI.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] 2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadwin PrintScreen 3.1] 2005-09-27 00:18 1073152 ----a-w- c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2011-01-12 11:21 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv] 2006-09-28 13:42 65536 ----a-w- c:\hp\support\hpsysdrv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] 2005-02-02 15:44 61440 ----a-w- c:\hp\KBD\kbd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS] 2010-05-07 17:35 165208 ----a-w- c:\program files\Logitech\LWS\Webcam Software\LWS.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2006-11-09 10:57 3784704 ----a-w- c:\windows\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] 2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2013-02-28 16:50 18642024 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-05-30 18:58 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-02 19:16] . 2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-29 14:25] . 2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-29 14:25] . . ------- Bijkomende Scan ------- . mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=desktop uSearchURL,(Default) = hxxp://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 FF - ProfilePath - c:\users\Fishy\AppData\Roaming\Mozilla\Firefox\Profiles\5o1jp3nh.default\ FF - prefs.js: browser.startup.homepage - hxxp://google.nl FF - ExtSQL: !HIDDEN! 2010-12-13 15:15; smartwebprinting@hp.com; c:\program files\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3 . - - - - ORPHANS VERWIJDERD - - - - . MSConfigStartUp-Badoo Desktop - c:\programdata\Badoo\Badoo Desktop\1.6.30.1025\Badoo.Desktop.exe MSConfigStartUp-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil10t_Plugin.exe MSConfigStartUp-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe MSConfigStartUp-Google Update - c:\users\Fishy\AppData\Local\Google\Update\GoogleUpdate.exe MSConfigStartUp-My Web Search Bar Search Scope Monitor - c:\progra~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe MSConfigStartUp-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-05-30 21:30 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Voltooingstijd: 2013-05-30 21:35:20 ComboFix-quarantined-files.txt 2013-05-30 19:35 . Pre-Run: 46.161.477.632 bytes beschikbaar Post-Run: 46.809.858.048 bytes beschikbaar . - - End Of File - - E3488FB8F2A3A005E43EFDAC6DAB106D
-
Nee, niet echt. Het is een drama, mijn pa kan bijna niks meer doen en erger me groen en geel. Alleen klikken of wisselen van venster is enorm traag. Ook opstarten van prg's is hopeloos. - - - Updated - - - Ik ga nog eens een keer helemaal opstarten, een koude reboot
-
HIERBIJ DE TWEE LOG FILES: # AdwCleaner v2.301 - Verslag gemaakt op 30/05/2013 om 20:05:54 # Geactualiseerd op 16/05/2013 door Xplode # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits) # Gebruiker : Fishy - PC_THUIS # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Fishy\Desktop\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** Gestopt & Verwijdert : MyWebSearchService ***** [Files / Mappen] ***** File Verwijdert : C:\END File Verwijdert : C:\Program Files\Mozilla FireFox\Components\AskSearch.js File Verwijdert : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml File Verwijdert : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml File Verwijdert : C:\Users\Fishy\AppData\Roaming\Mozilla\Firefox\Profiles\5o1jp3nh.default\searchplugins\Search_Results.xml Map Verwijdert : C:\Program Files\Babylon Map Verwijdert : C:\Program Files\FunWebProducts Map Verwijdert : C:\Program Files\MacroGaming Map Verwijdert : C:\Program Files\MyWebSearch Map Verwijdert : C:\ProgramData\Babylon Map Verwijdert : C:\ProgramData\boost_interprocess Map Verwijdert : C:\Users\Fishy\AppData\Local\Babylon Map Verwijdert : C:\Users\Fishy\AppData\Local\PackageAware Map Verwijdert : C:\Users\Fishy\AppData\LocalLow\BabylonToolbar Map Verwijdert : C:\Users\Fishy\AppData\LocalLow\FunWebProducts Map Verwijdert : C:\Users\Fishy\AppData\LocalLow\Media Access Startup Map Verwijdert : C:\Users\Fishy\AppData\LocalLow\MyWebSearch Map Verwijdert : C:\Users\Fishy\AppData\LocalLow\searchresultstb Map Verwijdert : C:\Users\Fishy\AppData\Roaming\Babylon Verwijdert bij het opstarten : C:\Program Files\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\APN DTX Sleutel Verwijdert : HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Fun Web Products Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\FunWebProducts Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\MyWebSearch Sleutel Verwijdert : HKCU\Software\DataMngr Sleutel Verwijdert : HKCU\Software\DataMngr_Toolbar Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B939CF93-F2CB-443D-956C-DC523D85C9DB} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B939CF93-F2CB-443D-956C-DC523D85C9DB} Sleutel Verwijdert : HKCU\Software\MyWebSearch Sleutel Verwijdert : HKCU\Software\YahooPartnerToolbar Sleutel Verwijdert : HKLM\Software\Babylon Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BrowserConnection.Loader Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4F24-AE82-7E2CE94BB6A9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C} Sleutel Verwijdert : HKLM\Software\DataMngr Sleutel Verwijdert : HKLM\Software\FocusInteractive Sleutel Verwijdert : HKLM\Software\Fun Web Products Sleutel Verwijdert : HKLM\Software\FunWebProducts Sleutel Verwijdert : HKLM\Software\ImInstaller Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a9ccac19bcc08a084ebaa69c5a70744c Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar Sleutel Verwijdert : HKLM\Software\MyWebSearch Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16483 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v21.0 (nl) File : C:\Users\Fishy\AppData\Roaming\Mozilla\Firefox\Profiles\5o1jp3nh.default\prefs.js Verwijdert : user_pref("browser.search.defaultenginename", "Search Results"); Verwijdert : user_pref("browser.search.order.1", "Search Results"); Verwijdert : user_pref("browser.search.selectedEngine", "Search Results"); Verwijdert : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Verwijdert : user_pref("extensions.BabylonToolbar.babTrack", "affID=101241"); Verwijdert : user_pref("extensions.BabylonToolbar.bbDpng", 2); Verwijdert : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Verwijdert : user_pref("extensions.BabylonToolbar.dfltSrch", true); Verwijdert : user_pref("extensions.BabylonToolbar.hmpg", true); Verwijdert : user_pref("extensions.BabylonToolbar.id", "343e7729000000000000001a73087cdb"); Verwijdert : user_pref("extensions.BabylonToolbar.instlDay", "15282"); Verwijdert : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Verwijdert : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?babsrc=SP_ss&q={search[...] Verwijdert : user_pref("extensions.BabylonToolbar.lastDP", 2); Verwijdert : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.35.1015:32:36"); Verwijdert : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "19.0"); Verwijdert : user_pref("extensions.BabylonToolbar.newTab", true); Verwijdert : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP"); Verwijdert : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Verwijdert : user_pref("extensions.BabylonToolbar.propectorlck", 106074983); Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 1); Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 1); Verwijdert : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Verwijdert : user_pref("extensions.BabylonToolbar.ptch_0717", true); Verwijdert : user_pref("extensions.BabylonToolbar.smplGrp", "azb"); Verwijdert : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Verwijdert : user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)"); Verwijdert : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Verwijdert : user_pref("extensions.BabylonToolbar.vrsn", "1.4.35.10"); Verwijdert : user_pref("extensions.BabylonToolbar.vrsnTs", "1.4.35.1015:32:36"); Verwijdert : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=20&systemid=2&apn_dt[...] -\\ Google Chrome v [Onmogelijk de versie te verkrijgen] File : C:\Users\Fishy\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [19367 octets] - [30/05/2013 20:05:54] ########## EOF - C:\AdwCleaner[s1].txt - [19428 octets] ######### En de log HJT Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 20:19:27, on 30-5-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16483) FIREFOX: 21.0 (nl) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\WindowsMobile\wmdc.exe C:\Windows\ehome\ehtray.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\ehome\ehmsas.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Fishy\Downloads\HijackThis.exe C:\Windows\System32\wsqmcons.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldnl-nl.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-nl.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 8045 bytes
-
Hallo allen, ik zit hier bij mijn pa van 80 jaren. Hij geniet van de pc maar dat ding is niet te starten. Ik hoop dat jullie hem kunnen helpen. Hieronder een logje, zojuist gemaakt. Wat kan er allemaal van af ?? Alvast zeer veel dank Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 19:26:31, on 30-5-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16483) FIREFOX: 21.0 (nl) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\System32\rundll32.exe C:\Windows\WindowsMobile\wmdc.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\Fishy\Downloads\HijackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Search-Results Toolbar - {15a0413e-9f45-4d45-9a75-2c20b15b5b51} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: DataMngr - {B939CF93-F2CB-443d-956C-DC523D85C9DB} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\BROWSE~1.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O3 - Toolbar: Search-Results Toolbar - {15a0413e-9f45-4d45-9a75-2c20b15b5b51} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\DATAMN~1.EXE O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldnl-nl.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-nl.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 8743 bytes
-
Alvast bedankt voor de hulp. Ik om hier later nog op terug, heb nog geen tijd gehad om er verder mee te gaan. Vergeten ben ik het zekers niet.
-
Helaas....... PC sluit nog immer traag af. Blijft wel een minuut of 5 "hangen" in het blauwe XP scherm "Windows wordt afgesloten". Ben nu wel af van een hoop rommel, dat is ook fijn. Iemand nog een tip ? Alvast dank.
-
wow, dat is een snelle reactie zeg. Dank U kape. Ik hoefde niet opnieuw op te starten volgens Malware, maar dar ga ik natuurlijk wel doen. Ben reuze benieuwd naar het resultaat. Ik laat het nog even weten. Nu hier mijn logjes: Malwarebytes Anti-Malware 1.75.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2013.05.26.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 7.0.5730.13 Gebruiker :: CP254803-B [administrator] 26-5-2013 21:14:35 mbam-log-2013-05-26 (21-14-35).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 238958 Verstreken tijd: 11 minuut/minuten, 13 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A75E294E-C047-4D29-B07E-37B792881BEF} (Trojan.BHO) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) en de volgende log. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:30:43, on 26-5-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.21335) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Norman\Npm\bin\ELOGSVC.EXE C:\Norman\Npm\Bin\Nvoy.exe C:\Norman\Ngs\Bin\Nnf.exe C:\Norman\Ngs\Bin\Nprosec.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe C:\WINDOWS\System32\svchost.exe C:\Norman\Npm\Bin\Zanda.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Norman\Nvc\bin\nhs.exe C:\Norman\Npt\Bin\Npsvc32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Synology Data Replicator 3\SynoDrService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Norman\Npm\Bin\ZLH.EXE C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Norman\Npm\Bin\zlhh.exe C:\Program Files\iPod\bin\iPodService.exe C:\Norman\Npm\Bin\scheduler.exe C:\Norman\Npm\Bin\Njeeves.exe C:\Norman\nig\bin\nigsvc32.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\WINDOWS\System32\svchost.exe C:\Norman\nig\bin\niguser.exe C:\Program Files\Outlook Express\msimn.exe C:\Norman\Nvc\bin\nvcoas.exe C:\Norman\Nvc\Bin\cclaw.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ziggo.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [Norman ZANDA] "C:\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [EPSON SX110 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE /FU "C:\WINDOWS\TEMP\E_SAA.tmp" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Jacquie Lawson Circus.lnk = C:\Program Files\Jacquie Lawson Circus\Jacquie Lawson Circus.exe O4 - Global Startup: ColorVisionStartup.lnk = C:\Program Files\ColorVision\Utility\ColorVisionStartup.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\norman\ngs\bin\nlf.dll O10 - Unknown file in Winsock LSP: c:\norman\ngs\bin\nlf.dll O10 - Unknown file in Winsock LSP: c:\norman\ngs\bin\nlf.dll O10 - Unknown file in Winsock LSP: c:\norman\ngs\bin\nlf.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158968875312 O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v911/Navigram.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman AS - C:\Norman\Npm\bin\ELOGSVC.EXE O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate1c9aff6e53552e4) (gupdate1c9aff6e53552e4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Norman\Nvc\bin\nhs.exe O23 - Service: Norman Intrusion Guard (NIG) - Norman AS - C:\Norman\nig\bin\nigsvc32.exe O23 - Service: Norman Network Filtering service (NNFSVC) - Norman AS - C:\Norman\Ngs\Bin\Nnf.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\Bin\Njeeves.exe O23 - Service: Norman ZANDA - Norman AS - C:\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Security service (NPROSECSVC) - Norman AS - C:\Norman\Ngs\Bin\Nprosec.exe O23 - Service: Norman Privacy Service (npsvc32) - Norman AS - C:\Norman\Npt\Bin\Npsvc32.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Norman\nse\bin\NSESVC.EXE O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman AS - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - C:\Norman\Npm\Bin\Nvcsched.exe (file missing) O23 - Service: Norman Resource Provider (NICCA) (NVOY) - Norman AS - C:\Norman\Npm\Bin\Nvoy.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: Norman Scheduler Service (Scheduler) - Norman AS - C:\Norman\Npm\Bin\scheduler.exe O23 - Service: SynoDrService - Unknown owner - C:\Program Files\Synology Data Replicator 3\SynoDrService.exe -- End of file - 11022 bytes
-
Hallo allemaal. Net nieuw op het forum en meteen een vraag om kundige hulp. Maar ja, da's hoe de meesten hier geraken denk ik Mijn PC sluit erg traag af. Is nog niet zolang een paar weken misschien. Ik heb geen idee waardoor dit wordt veroorzaakt. Misschien kunnen jullie mij helpen waarvoor alvast mijn dank. Om maar meteen van start te gaan, hier mijn logje. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:23:05, on 26-5-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.21335) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Norman\Npm\bin\ELOGSVC.EXE C:\Norman\Npm\Bin\Nvoy.exe C:\Norman\Ngs\Bin\Nnf.exe C:\Norman\Ngs\Bin\Nprosec.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe C:\WINDOWS\System32\svchost.exe C:\Norman\Npm\Bin\Zanda.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Norman\Nvc\bin\nhs.exe C:\Norman\Npm\Bin\ZLH.EXE C:\Norman\Npt\Bin\Npsvc32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Synology Data Replicator 3\SynoDrService.exe C:\Norman\Npm\Bin\zlhh.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\iPod\bin\iPodService.exe C:\Norman\Npm\Bin\Njeeves.exe C:\Norman\Npm\Bin\scheduler.exe C:\Norman\nig\bin\nigsvc32.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\WINDOWS\System32\svchost.exe C:\Norman\nig\bin\niguser.exe C:\Norman\Nvc\bin\nvcoas.exe C:\Norman\Nvc\Bin\cclaw.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ziggo.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: midicair Toolbar - {77f8c945-4b74-4bd6-a073-e0d1997edce8} - C:\Program Files\midicair\prxtbmid0.dll O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - c:\program files\shareaza\razawebhook32.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: midicair - {77f8c945-4b74-4bd6-a073-e0d1997edce8} - C:\Program Files\midicair\prxtbmid0.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: midicair Toolbar - {77f8c945-4b74-4bd6-a073-e0d1997edce8} - C:\Program Files\midicair\prxtbmid0.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [Norman ZANDA] "C:\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [EPSON SX110 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE /FU "C:\WINDOWS\TEMP\E_SAA.tmp" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Jacquie Lawson Circus.lnk = C:\Program Files\Jacquie Lawson Circus\Jacquie Lawson Circus.exe O4 - Global Startup: ColorVisionStartup.lnk = C:\Program Files\ColorVision\Utility\ColorVisionStartup.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\norman\ngs\bin\nlf.dll O10 - Unknown file in Winsock LSP: c:\norman\ngs\bin\nlf.dll O10 - Unknown file in Winsock LSP: c:\norman\ngs\bin\nlf.dll O10 - Unknown file in Winsock LSP: c:\norman\ngs\bin\nlf.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158968875312 O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v911/Navigram.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman AS - C:\Norman\Npm\bin\ELOGSVC.EXE O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate1c9aff6e53552e4) (gupdate1c9aff6e53552e4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Norman\Nvc\bin\nhs.exe O23 - Service: Norman Intrusion Guard (NIG) - Norman AS - C:\Norman\nig\bin\nigsvc32.exe O23 - Service: Norman Network Filtering service (NNFSVC) - Norman AS - C:\Norman\Ngs\Bin\Nnf.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\Bin\Njeeves.exe O23 - Service: Norman ZANDA - Norman AS - C:\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Security service (NPROSECSVC) - Norman AS - C:\Norman\Ngs\Bin\Nprosec.exe O23 - Service: Norman Privacy Service (npsvc32) - Norman AS - C:\Norman\Npt\Bin\Npsvc32.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Norman\nse\bin\NSESVC.EXE O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman AS - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - C:\Norman\Npm\Bin\Nvcsched.exe (file missing) O23 - Service: Norman Resource Provider (NICCA) (NVOY) - Norman AS - C:\Norman\Npm\Bin\Nvoy.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: Norman Scheduler Service (Scheduler) - Norman AS - C:\Norman\Npm\Bin\scheduler.exe O23 - Service: SynoDrService - Unknown owner - C:\Program Files\Synology Data Replicator 3\SynoDrService.exe
