JohnNe

31 mei 2013

Zo, nu weer terug naar mijn eigen probleem wat zich nog steeds voordoet. Traag afsluiten van Windows XP.

Ondertussen aan de gang geweest met Adwcleaner, waarvan hier de log, gevolgd door een nieuwe HJT log

# AdwCleaner v2.301 - Verslag gemaakt op 31/05/2013 om 21:42:19

# Geactualiseerd op 16/05/2013 door Xplode

# Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)

# Gebruiker : Gebruiker - CP254803-B

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Documents and Settings\Gebruiker\Bureaublad\adwcleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

File Verwijdert : C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\p2pigxma.default\searchplugins\Conduit.xml

File Verwijdert : C:\END

Map Verwijdert : C:\Documents and Settings\Gebruiker\Application Data\PriceGong

Map Verwijdert : C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Conduit

Map Verwijdert : C:\Documents and Settings\Gebruiker\Local Settings\Application Data\midicair

Map Verwijdert : C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Vuze_Remote

Map Verwijdert : C:\Documents and Settings\NetworkService\Local Settings\Application Data\midicair

Map Verwijdert : C:\Documents and Settings\NetworkService\Local Settings\Application Data\Vuze_Remote

Map Verwijdert : C:\Program Files\midicair

Map Verwijdert : C:\Program Files\Vuze_Remote

***** [Register] *****

Sleutel Verwijdert : HKCU\Software\Babylon

Sleutel Verwijdert : HKCU\Software\Conduit

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com

Sleutel Verwijdert : HKCU\Software\midicair

Sleutel Verwijdert : HKCU\Software\PriceGong

Sleutel Verwijdert : HKCU\Software\Softonic

Sleutel Verwijdert : HKCU\Software\Vuze_Remote

Sleutel Verwijdert : HKCU\Software\YahooPartnerToolbar

Sleutel Verwijdert : HKCU\Toolbar

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Conduit.Engine

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\imweb.imwebcontrol

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2504091

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2795622

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}

Sleutel Verwijdert : HKLM\Software\Conduit

Sleutel Verwijdert : HKLM\Software\ImInstaller

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{797F795F-1BC9-4BC6-8EF1-CFB65EF63055}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{892A7010-9122-4A6C-B738-8995BD5FD2BD}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB2FCAB0-61C9-4EF0-831D-225F620A9DC6}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDBDD75A-E5B9-4356-9BD4-2C740548675F}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\midicair Toolbar

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Vuze_Remote Toolbar

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9CB0C157-F9B1-4B0B-AE43-8217B2B2AA44}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CBD1100B-B71C-45C3-8AAD-A5BC88F529A4}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Sleutel Verwijdert : HKLM\Software\midicair

Sleutel Verwijdert : HKLM\Software\Vuze_Remote

Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{77F8C945-4B74-4BD6-A073-E0D1997EDCE8}]

Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

***** [browsers] *****

-\\ Internet Explorer v7.0.6000.21335

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Mozilla Firefox v20.0.1 (nl)

File : C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\p2pigxma.default\prefs.js

Verwijdert : user_pref("browser.search.defaultthis.engineName", "midicair Customized Web Search");

Verwijdert : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2795622&Sea[...]

Verwijdert : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2795622&SearchSource=13");

File : C:\Documents and Settings\Gast\Application Data\Mozilla\Firefox\Profiles\cm78j8pv.default\prefs.js

[OK] De file bevat geen enkele ongeoorloofde invoer.

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[s1].txt - [7266 octets] - [31/05/2013 21:42:19]

########## EOF - C:\AdwCleaner[s1].txt - [7326 octets] ##########

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:54:03, on 31-5-2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.21335)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\Norman\Npm\bin\ELOGSVC.EXE

C:\Norman\Npm\Bin\Nvoy.exe

C:\Norman\Ngs\Bin\Nnf.exe

C:\Norman\Ngs\Bin\Nprosec.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

C:\WINDOWS\System32\svchost.exe

C:\Norman\Npm\Bin\Zanda.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\cisvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Norman\Nvc\bin\nhs.exe

C:\Norman\Npt\Bin\Npsvc32.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\Program Files\Synology Data Replicator 3\SynoDrService.exe

C:\Norman\Npm\Bin\ZLH.EXE

C:\Program Files\QuickTime\QTTask.exe

C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Norman\Npm\Bin\zlhh.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Norman\Npm\Bin\scheduler.exe

C:\Norman\Npm\Bin\Njeeves.exe

C:\Norman\nig\bin\nigsvc32.exe

C:\Program Files\Trusteer\Rapport\bin\RapportService.exe

C:\WINDOWS\System32\svchost.exe

C:\Norman\nig\bin\niguser.exe

C:\Norman\Nvc\bin\nvcoas.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Norman\Nvc\Bin\cclaw.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\WINDOWS\system32\cidaemon.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ziggo.nl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [Norman ZANDA] "C:\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [EPSON SX110 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE /FU "C:\WINDOWS\TEMP\E_SAA.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O10 - Unknown file in Winsock LSP: c:\norman\ngs\bin\nlf.dll

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158968875312

O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v911/Navigram.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman AS - C:\Norman\Npm\bin\ELOGSVC.EXE

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate1c9aff6e53552e4) (gupdate1c9aff6e53552e4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Norman\Nvc\bin\nhs.exe

O23 - Service: Norman Intrusion Guard (NIG) - Norman AS - C:\Norman\nig\bin\nigsvc32.exe

O23 - Service: Norman Network Filtering service (NNFSVC) - Norman AS - C:\Norman\Ngs\Bin\Nnf.exe

O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\Bin\Njeeves.exe

O23 - Service: Norman ZANDA - Norman AS - C:\Norman\Npm\Bin\Zanda.exe

O23 - Service: Norman Security service (NPROSECSVC) - Norman AS - C:\Norman\Ngs\Bin\Nprosec.exe

O23 - Service: Norman Privacy Service (npsvc32) - Norman AS - C:\Norman\Npt\Bin\Npsvc32.exe

O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Norman\nse\bin\NSESVC.EXE

O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman AS - C:\Norman\Nvc\bin\nvcoas.exe

O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - C:\Norman\Npm\Bin\Nvcsched.exe (file missing)

O23 - Service: Norman Resource Provider (NICCA) (NVOY) - Norman AS - C:\Norman\Npm\Bin\Nvoy.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: Norman Scheduler Service (Scheduler) - Norman AS - C:\Norman\Npm\Bin\scheduler.exe

O23 - Service: SynoDrService - Unknown owner - C:\Program Files\Synology Data Replicator 3\SynoDrService.exe

--

End of file - 10757 bytes

- - - Updated - - -

P.s., Ik zou graag messenger eraf hebben. Na vorige week staat dat er ineens weer op, ook in de opstart. Mijn kids gebruikten dat, maar ik dus niet en ook nooit gedaan. Heb ook geen hotmail

31 mei 2013

Dank Kape voor alle hulp. De PC is nog steeds traag maar wel een stuk sneller. Hoe traag die was, was niet normaal. Je kon gerust tussendoor gaan ontbijten nadat de pc was aangezet. Ik ben nu thuis, dus niet bij mijn pa maar ben met een gerust hart weggegaan. Nogmaals dank voor de hulp, niet in de laatste plaats namens mijn pa.

30 mei 2013

Het heeft even geduurd maar hier is de log van combofix:

ComboFix 13-05-30.02 - Fishy 30-05-2013 21:17:32.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.894.106 [GMT 2:00]

Gestart vanuit: c:\users\Fishy\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\Fishy\AppData\Roaming\Microsoft\Windows\Recent\Comfy Cakes.pif

c:\users\Fishy\AppData\Roaming\Microsoft\Windows\Recent\Fortis Bank - Particulier.url

c:\users\Fishy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tool

c:\windows\Fonts\ARIALNI.TTF

c:\windows\IsUn0413.exe

F:\setup.exe

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-04-28 to 2013-05-30 ))))))))))))))))))))))))))))))

.

2013-05-30 19:30 . 2013-05-30 19:30 -------- d-----w- c:\users\Fishy\AppData\Local\temp

2013-05-30 19:30 . 2013-05-30 19:30 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-05-30 18:06 . 2013-05-30 18:06 150 ----a-w- c:\windows\DeleteOnReboot.bat

2013-05-28 16:08 . 2013-05-13 06:19 7016152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{61221479-9C25-4E1B-8FDF-99E3DE458C6E}\mpengine.dll

2013-05-15 19:48 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2013-05-15 17:44 . 2013-04-15 14:20 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-05-15 17:44 . 2013-04-13 10:56 37376 ----a-w- c:\windows\system32\cdd.dll

2013-05-15 17:43 . 2013-04-09 01:36 2049024 ----a-w- c:\windows\system32\win32k.sys

2013-05-08 01:12 . 2013-05-08 01:12 106088 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll

2013-05-02 17:51 . 2013-05-02 17:51 -------- d-----w- c:\users\Fishy\AppData\Roaming\Malwarebytes

2013-05-02 17:51 . 2013-05-02 17:51 -------- d-----w- c:\programdata\Malwarebytes

2013-05-02 17:51 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-05-02 17:51 . 2013-05-02 17:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-05-02 17:41 . 2013-05-09 08:59 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-05-02 17:41 . 2013-05-09 08:59 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2013-05-02 17:20 . 2013-05-02 17:20 -------- d-----w- c:\users\Fishy\AppData\Local\Macromedia

2013-05-02 17:10 . 2013-05-15 19:16 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-15 19:16 . 2011-07-20 10:17 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-09 08:59 . 2011-07-01 11:25 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-05-09 08:59 . 2008-04-08 14:30 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys

2013-05-09 08:59 . 2007-07-27 16:06 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2013-05-09 08:59 . 2007-07-27 16:06 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2013-05-09 08:59 . 2007-07-27 16:05 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-05-09 08:59 . 2008-04-08 14:30 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2013-05-09 08:58 . 2011-01-18 11:39 41664 ----a-w- c:\windows\avastSS.scr

2013-05-09 08:58 . 2007-07-27 16:05 229648 ----a-w- c:\windows\system32\aswBoot.exe

2013-05-08 10:16 . 2009-08-18 09:24 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-05-02 00:06 . 2009-10-03 08:26 238872 ------w- c:\windows\system32\MpSigStub.exe

2013-03-30 10:19 . 2013-03-30 10:19 161792 ----a-w- c:\windows\system32\msls31.dll

2013-03-30 10:19 . 2013-03-30 10:19 86528 ----a-w- c:\windows\system32\iesysprep.dll

2013-03-30 10:19 . 2013-03-30 10:19 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2013-03-30 10:19 . 2013-03-30 10:19 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2013-03-30 10:19 . 2013-03-30 10:19 48640 ----a-w- c:\windows\system32\mshtmler.dll

2013-03-30 10:19 . 2013-03-30 10:19 63488 ----a-w- c:\windows\system32\tdc.ocx

2013-03-30 10:19 . 2013-03-30 10:19 367104 ----a-w- c:\windows\system32\html.iec

2013-03-30 10:19 . 2013-03-30 10:19 74752 ----a-w- c:\windows\system32\iesetup.dll

2013-03-30 10:19 . 2013-03-30 10:19 23552 ----a-w- c:\windows\system32\licmgr10.dll

2013-03-30 10:19 . 2013-03-30 10:19 152064 ----a-w- c:\windows\system32\wextract.exe

2013-03-30 10:19 . 2013-03-30 10:19 150528 ----a-w- c:\windows\system32\iexpress.exe

2013-03-30 10:19 . 2013-03-30 10:19 35840 ----a-w- c:\windows\system32\imgutil.dll

2013-03-30 10:19 . 2013-03-30 10:19 11776 ----a-w- c:\windows\system32\mshta.exe

2013-03-30 10:19 . 2013-03-30 10:19 101888 ----a-w- c:\windows\system32\admparse.dll

2013-03-30 10:19 . 2013-03-30 10:19 110592 ----a-w- c:\windows\system32\IEAdvpack.dll

2013-03-11 13:25 . 2013-04-12 11:03 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-11 13:25 . 2013-04-12 11:03 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-09 03:45 . 2013-04-12 11:03 49152 ----a-w- c:\windows\system32\csrsrv.dll

2013-03-09 01:28 . 2013-04-12 11:03 64000 ----a-w- c:\windows\system32\smss.exe

2013-03-08 03:53 . 2013-04-12 11:02 376320 ----a-w- c:\windows\system32\winsrv.dll

2013-03-08 03:52 . 2013-04-12 11:02 2067968 ----a-w- c:\windows\system32\mstscax.dll

2013-03-03 19:07 . 2013-04-26 16:58 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-05-09 08:58 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-16 221184]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-22 92704]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-22 13539872]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Google Updater.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Google Updater.lnk

backup=c:\windows\pss\Google Updater.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]

backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup

backupExtension=.CommonStartup

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2013-05-08 21:20 41056 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast5]

2013-05-09 08:58 4858968 ----a-w- c:\program files\Alwil Software\Avast5\AvastUI.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]

2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadwin PrintScreen 3.1]

2005-09-27 00:18 1073152 ----a-w- c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2011-01-12 11:21 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]

2006-09-28 13:42 65536 ----a-w- c:\hp\support\hpsysdrv.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]

2005-02-02 15:44 61440 ----a-w- c:\hp\KBD\kbd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]

2010-05-07 17:35 165208 ----a-w- c:\program files\Logitech\LWS\Webcam Software\LWS.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

2006-11-09 10:57 3784704 ----a-w- c:\windows\RtHDVCpl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2013-02-28 16:50 18642024 ----a-r- c:\program files\Skype\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-05-30 18:58 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-02 19:16]

.

2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-29 14:25]

.

2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-29 14:25]

.

------- Bijkomende Scan -------

.

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=desktop

uSearchURL,(Default) = hxxp://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 212.54.40.25 212.54.35.25

FF - ProfilePath - c:\users\Fishy\AppData\Roaming\Mozilla\Firefox\Profiles\5o1jp3nh.default\

FF - prefs.js: browser.startup.homepage - hxxp://google.nl

FF - ExtSQL: !HIDDEN! 2010-12-13 15:15; smartwebprinting@hp.com; c:\program files\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

- - - - ORPHANS VERWIJDERD - - - -

.

MSConfigStartUp-Badoo Desktop - c:\programdata\Badoo\Badoo Desktop\1.6.30.1025\Badoo.Desktop.exe

MSConfigStartUp-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil10t_Plugin.exe

MSConfigStartUp-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

MSConfigStartUp-Google Update - c:\users\Fishy\AppData\Local\Google\Update\GoogleUpdate.exe

MSConfigStartUp-My Web Search Bar Search Scope Monitor - c:\progra~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe

MSConfigStartUp-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL

MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2013-05-30 21:30

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

Voltooingstijd: 2013-05-30 21:35:20

ComboFix-quarantined-files.txt 2013-05-30 19:35

.

Pre-Run: 46.161.477.632 bytes beschikbaar

Post-Run: 46.809.858.048 bytes beschikbaar

.

- - End Of File - - E3488FB8F2A3A005E43EFDAC6DAB106D

30 mei 2013

Nee, niet echt. Het is een drama, mijn pa kan bijna niks meer doen en erger me groen en geel. Alleen klikken of wisselen van venster is enorm traag. Ook opstarten van prg's is hopeloos.

- - - Updated - - -

Ik ga nog eens een keer helemaal opstarten, een koude reboot

30 mei 2013

HIERBIJ DE TWEE LOG FILES:

# AdwCleaner v2.301 - Verslag gemaakt op 30/05/2013 om 20:05:54

# Geactualiseerd op 16/05/2013 door Xplode

# Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits)

# Gebruiker : Fishy - PC_THUIS

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Users\Fishy\Desktop\adwcleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

Gestopt & Verwijdert : MyWebSearchService

***** [Files / Mappen] *****

File Verwijdert : C:\END

File Verwijdert : C:\Program Files\Mozilla FireFox\Components\AskSearch.js

File Verwijdert : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

File Verwijdert : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml

File Verwijdert : C:\Users\Fishy\AppData\Roaming\Mozilla\Firefox\Profiles\5o1jp3nh.default\searchplugins\Search_Results.xml

Map Verwijdert : C:\Program Files\Babylon

Map Verwijdert : C:\Program Files\FunWebProducts

Map Verwijdert : C:\Program Files\MacroGaming

Map Verwijdert : C:\Program Files\MyWebSearch

Map Verwijdert : C:\ProgramData\Babylon

Map Verwijdert : C:\ProgramData\boost_interprocess

Map Verwijdert : C:\Users\Fishy\AppData\Local\Babylon

Map Verwijdert : C:\Users\Fishy\AppData\Local\PackageAware

Map Verwijdert : C:\Users\Fishy\AppData\LocalLow\BabylonToolbar

Map Verwijdert : C:\Users\Fishy\AppData\LocalLow\FunWebProducts

Map Verwijdert : C:\Users\Fishy\AppData\LocalLow\Media Access Startup

Map Verwijdert : C:\Users\Fishy\AppData\LocalLow\MyWebSearch

Map Verwijdert : C:\Users\Fishy\AppData\LocalLow\searchresultstb

Map Verwijdert : C:\Users\Fishy\AppData\Roaming\Babylon

Verwijdert bij het opstarten : C:\Program Files\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

***** [Register] *****

Sleutel Verwijdert : HKCU\Software\APN DTX

Sleutel Verwijdert : HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}

Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Fun Web Products

Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\FunWebProducts

Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\MyWebSearch

Sleutel Verwijdert : HKCU\Software\DataMngr

Sleutel Verwijdert : HKCU\Software\DataMngr_Toolbar

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B939CF93-F2CB-443D-956C-DC523D85C9DB}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B939CF93-F2CB-443D-956C-DC523D85C9DB}

Sleutel Verwijdert : HKCU\Software\MyWebSearch

Sleutel Verwijdert : HKCU\Software\YahooPartnerToolbar

Sleutel Verwijdert : HKLM\Software\Babylon

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BrowserConnection.Loader

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4F24-AE82-7E2CE94BB6A9}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}

Sleutel Verwijdert : HKLM\Software\DataMngr

Sleutel Verwijdert : HKLM\Software\FocusInteractive

Sleutel Verwijdert : HKLM\Software\Fun Web Products

Sleutel Verwijdert : HKLM\Software\FunWebProducts

Sleutel Verwijdert : HKLM\Software\ImInstaller

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a9ccac19bcc08a084ebaa69c5a70744c

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar

Sleutel Verwijdert : HKLM\Software\MyWebSearch

Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]

Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]

***** [browsers] *****

-\\ Internet Explorer v9.0.8112.16483

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Mozilla Firefox v21.0 (nl)

File : C:\Users\Fishy\AppData\Roaming\Mozilla\Firefox\Profiles\5o1jp3nh.default\prefs.js

Verwijdert : user_pref("browser.search.defaultenginename", "Search Results");

Verwijdert : user_pref("browser.search.order.1", "Search Results");

Verwijdert : user_pref("browser.search.selectedEngine", "Search Results");

Verwijdert : user_pref("extensions.BabylonToolbar.aflt", "babsst");

Verwijdert : user_pref("extensions.BabylonToolbar.babTrack", "affID=101241");

Verwijdert : user_pref("extensions.BabylonToolbar.bbDpng", 2);

Verwijdert : user_pref("extensions.BabylonToolbar.dfltLng", "en");

Verwijdert : user_pref("extensions.BabylonToolbar.dfltSrch", true);

Verwijdert : user_pref("extensions.BabylonToolbar.hmpg", true);

Verwijdert : user_pref("extensions.BabylonToolbar.id", "343e7729000000000000001a73087cdb");

Verwijdert : user_pref("extensions.BabylonToolbar.instlDay", "15282");

Verwijdert : user_pref("extensions.BabylonToolbar.instlRef", "sst");

Verwijdert : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?babsrc=SP_ss&q={search[...]

Verwijdert : user_pref("extensions.BabylonToolbar.lastDP", 2);

Verwijdert : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.35.1015:32:36");

Verwijdert : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "19.0");

Verwijdert : user_pref("extensions.BabylonToolbar.newTab", true);

Verwijdert : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP");

Verwijdert : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

Verwijdert : user_pref("extensions.BabylonToolbar.propectorlck", 106074983);

Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 1);

Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 1);

Verwijdert : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

Verwijdert : user_pref("extensions.BabylonToolbar.ptch_0717", true);

Verwijdert : user_pref("extensions.BabylonToolbar.smplGrp", "azb");

Verwijdert : user_pref("extensions.BabylonToolbar.srcExt", "ss");

Verwijdert : user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)");

Verwijdert : user_pref("extensions.BabylonToolbar.tlbrId", "base");

Verwijdert : user_pref("extensions.BabylonToolbar.vrsn", "1.4.35.10");

Verwijdert : user_pref("extensions.BabylonToolbar.vrsnTs", "1.4.35.1015:32:36");

Verwijdert : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=20&systemid=2&apn_dt[...]

-\\ Google Chrome v [Onmogelijk de versie te verkrijgen]

File : C:\Users\Fishy\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[s1].txt - [19367 octets] - [30/05/2013 20:05:54]

########## EOF - C:\AdwCleaner[s1].txt - [19428 octets] #########

En de log HJT

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 20:19:27, on 30-5-2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16483)

FIREFOX: 21.0 (nl)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Windows\ehome\ehtray.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\System32\mobsync.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Fishy\Downloads\HijackThis.exe

C:\Windows\System32\wsqmcons.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=desktop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing

O1 - Hosts: ::1 localhost

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldnl-nl.cab

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-nl.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--

End of file - 8045 bytes

30 mei 2013

Hallo allen, ik zit hier bij mijn pa van 80 jaren. Hij geniet van de pc maar dat ding is niet te starten. Ik hoop dat jullie hem kunnen helpen.

Hieronder een logje, zojuist gemaakt. Wat kan er allemaal van af ??

Alvast zeer veel dank

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 19:26:31, on 30-5-2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16483)

FIREFOX: 21.0 (nl)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\System32\rundll32.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\System32\mobsync.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\Fishy\Downloads\HijackThis.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=71&bd=Pavilion&pf=desktop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Search-Results Toolbar - {15a0413e-9f45-4d45-9a75-2c20b15b5b51} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: DataMngr - {B939CF93-F2CB-443d-956C-DC523D85C9DB} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\BROWSE~1.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O3 - Toolbar: Search-Results Toolbar - {15a0413e-9f45-4d45-9a75-2c20b15b5b51} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll