Dummy

Logje Zoek.exe Version 4.0.0.2 Updated 31-03-2013 Tool run by francois on ma 01/04/2013 at 14:47:46,07. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\SvcHost.exe -k BullGuard_Main C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\LEXBCES.EXE C:\Windows\System32\LEXPPS.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\System32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Logitech\Vid HD\Vid.exe C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\System32\SvcHost.exe -k BullGuard_Backup C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe C:\Windows\System32\SvcHost.exe -k BullGuard C:\Windows\System32\SvcHost.exe -k BullGuard_Proxy C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Windows\system32\svchost.exe -k WindowsMobile C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\msiexec.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\conime.exe C:\Windows\system32\mspaint.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\francois\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YVMTGBXD\zoek.exe C:\Windows\system32\wbem\wmiprvse.exe ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-992474526-248551049-2733349607-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6945BC5E-7860-4D49-A374-9898876739DD} deleted successfully HKEY_USERS\S-1-5-21-992474526-248551049-2733349607-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9B6103C1-F818-48a8-9683-314055BE6075} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.4 - Nederlands Adobe Shockwave Player 11 Apple Application Support Apple Mobile Device Support Apple Software Update Assistant 5.05.013 Belgium e-ID middleware 3.5.1 (build 5075) BitLord v2.0 Bonjour BufferChm BullGuard 9.0 CCleaner Cherry Smart Device Package V1.8 Build 1 D3DX10 Destinations DocProc DYMO ILP219 EaseUS Data Recovery Wizard Free Edition 5.5.1 FUJIFILM FinePixViewer S Ver.2.1 Google Chrome Google Earth Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 HiJackThis Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Imaging Device Functions 13.0 HP Photosmart Essential 3.5 HP Product Detection HP Scanjet G3110 HP Solution Center 13.0 HP Update hpg3110 HPPhotosmartEssential HPProductAssistant IncrediMail IncrediMail 2.0 iTunes Java 7 Update 17 Java Auto Updater Junk Mail filter update Kruidvat fotoservice LibreOffice 3.6 LightScribe 1.4.124.1 Logitech High Quality Video Logitech QuickCam-stuurprogrammapakket Logitech Updater Logitech Vid HD Logitech Webcam Software MakeDisc MediaShow 3.0 Medion GoPal Assistant 4.03.006 Microcular Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft Application Error Reporting Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Works Microsoft_VC100_CRT_SP1_x86 MobileMe Control Panel MP3 Skype Recorder MSVC80_x86_v2 MSVC90_x86 MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 7 Essentials Nokia Connectivity Cable Driver Nokia PC Suite NVIDIA Drivers OCR Software by I.R.I.S. 13.0 OGA Notifier 2.0.0048.0 OpenOffice.org 3.4.1 Paint.NET v3.5.10 PC Connectivity Solution PhotoMail Maker PhotoNow 1.0 Platform PowerCinema Linux 5.0 QuickTime Scan ScanSoft OmniPage SE 4 Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870) Segoe UI Shockwave Director 11.0.3 Skype Click to Call SkypeT 6.1 SolutionCenter SoulSeek 157 test 5 SoulSeek Client 156b Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Total Video Converter 3.61 100319 Ulead PhotoImpact 12 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) VIA Platform apparaatbeheer WebReg Windows-stuurprogrammapakket - Hewlett-Packard Image (05/15/2008 11.5.0.116) Windows-stuurprogrammapakket - Nokia pccsmcfd "LegacyDriver" (05/31/2012 7.1.2.0) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources X10 Hardware Youtube Music Downloader V3.7.9 YTD Toolbar v6.6 ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ::1 localhost ==== FireFox Fix ====================== Deleted from C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\prefs.js: user_pref("browser.search.defaultenginename", "Yahoo"); user_pref("browser.search.selectedEngine", "Yahoo"); user_pref("keyword.URL", "Yahoo! Search - Web Search="); Added to C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js: Added to C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\Mail\prefs.js: Added to C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\Mail\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\prefs.js: Added to C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups user.js not found ---- Lines crossrider removed from prefs.js ---- ---- Lines crossrider modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20130104_1454_.backup ProfilePath: C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\extensions user.js not found ---- Lines crossrider removed from prefs.js ---- ---- Lines crossrider modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20130104_1454_.backup ProfilePath: C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\Mail user.js not found ---- Lines crossrider removed from prefs.js ---- ---- Lines crossrider modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20130104_1454_.backup ProfilePath: C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins user.js not found ---- Lines crossrider removed from prefs.js ---- ---- Lines crossrider modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20130104_1454_.backup ==== Deleting Files \ Folders ====================== "C:\Users\Public\Desktop\YTD Video Downloader.lnk" deleted "C:\Program Files\Uninstall Information\ib_uninst_0" deleted "C:\Program Files\Uninstall Information\ib_uninst_349" deleted "C:\Program Files\Uninstall Information\ib_uninst_527" deleted "C:\Program Files\RegClean Pro" deleted "C:\Program Files\YTD Toolbar" deleted "C:\Users\francois\AppData\Roaming\Systweak" deleted "C:\Users\francois\AppData\Local\CRE" deleted "C:\Users\francois\AppData\LocalLow\DataMngr" deleted "C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\crossriderapp5060@crossrider.com" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-03-31 11:48:26 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2013-03-31 11:48:26 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2013-03-31 11:48:26 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2013-03-31 11:48:26 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2013-03-31 11:48:26 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe ====== C:\Users\francois\AppData\Local\Temp ==== ====== C:\Windows\system32 ===== 2013-04-01 07:13:24 40C7CD881EDE88755EAC1DA1F434C317 544 ----a-w- C:\Windows\System32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD ====== C:\Windows\system32\drivers ===== 2013-03-20 20:00:44 8D31A140B55021BBD3A608F5A7AA2E18 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-03-03 23:47:54 -------- d-----w- C:\Program Files\Common Files\Skype ======= C: ===== 2013-03-30 12:06:33 EEAC0518CF0D90F0294E1FBEC99655EA 16174 ----a-w- C:\AdwCleaner[s2].txt 2013-03-30 11:00:44 71C21617893FCBCF4BF3D31E22B38B81 17383 ----a-w- C:\AdwCleaner[R1].txt 2013-03-30 10:47:22 504743D96774AFCE749D0C8B41DF7A42 384 ----a-w- C:\AdwCleaner[s1].txt ====== C:\Users\francois\AppData\Roaming ====== 2013-03-31 12:33:21 -------- d-----w- C:\users\Public\AppData\Local\temp 2013-03-31 12:33:20 -------- d-----w- C:\users\francois\AppData\Local\temp 2013-03-31 12:33:20 -------- d-----w- C:\users\Default\AppData\Local\temp 2013-03-31 12:33:20 -------- d-----w- C:\users\Default User\AppData\Local\temp ====== C:\Users\francois ====== 2013-03-31 12:33:21 -------- d-----w- C:\Users\Public\AppData ====== C: exe-files == 2013-03-31 11:48:26 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2013-03-31 11:48:26 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2013-03-31 11:48:26 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2013-03-31 11:48:26 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2013-03-31 11:48:26 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe 2013-03-30 10:58:37 EC4961D7E0F6ACEF4E8446E062048D88 609993 ----a-w- C:\Users\francois\Downloads\adwcleaner (3).exe 2013-03-30 10:57:03 EC4961D7E0F6ACEF4E8446E062048D88 609993 ----a-w- C:\Users\francois\Downloads\adwcleaner (2).exe 2013-03-30 10:53:59 EC4961D7E0F6ACEF4E8446E062048D88 609993 ----a-w- C:\Users\francois\Downloads\adwcleaner (1).exe 2013-03-30 10:46:10 EC4961D7E0F6ACEF4E8446E062048D88 609993 ----a-w- C:\Users\francois\Downloads\adwcleaner.exe 2013-03-29 12:55:43 4BD5431F5F1E1252A817D340B145D29B 312672 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe 2013-03-25 20:54:36 D13879F9A51F6F8C6AC33A5B86694E9F 24449680 ----a-w- C:\Program Files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0\GoogleEarth-Win-Bundle-7.0.3.8542.exe === C: other files == 2013-04-01 07:11:04 38892FADF852D74476E4C32F77A49693 96 ---ha-w- C:\Program Files\Common Files\X10\Common\x10prod.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-992474526-248551049-2733349607-1000\Software\Microsoft\Windows\CurrentVersion\Run] "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe /c" "Logitech Vid"="C:\Program Files\Logitech\Vid HD\Vid.exe -bootmode" "MP3 Skype Recorder"="C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "toolbar_eula_launcher"="C:\Program Files\GoogleEULA\EULALauncher.exe" "InstantOn"="C:\Program Files\CyberLink\PowerCinema Linux\ion_install.exe /c " "OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" "NvSvc"="RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart" "NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup" "beid"="C:\Program Files\Belgium Identity Card\beid35gui.exe /startup" "LogitechQuickCamRibbon"="C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe /hide" "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" "BullGuard"="c:\program files\bullguard ltd\bullguard\BullGuard.exe -boot" "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" "NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "BullGuardUpdate2"="c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe" "Windows Mobile-based device management"="%windir%\WindowsMobile\wmdSync.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe /c" "Logitech Vid"="C:\Program Files\Logitech\Vid HD\Vid.exe -bootmode" "MP3 Skype Recorder"="C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\@C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/04/2012 13:33] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/04/2012 13:33] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-992474526-248551049-2733349607-1000Core.job --a------ C:\Users\francois\AppData\Local\Google\Update\GoogleUpdate.exe [29/05/2012 18:34] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-992474526-248551049-2733349607-1000UA.job --a------ C:\Users\francois\AppData\Local\Google\Update\GoogleUpdate.exe [29/05/2012 18:34] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - DealPly - %AppDir%\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} ==== Firefox Plugins ====================== ==== Deleting Files \ Folders ====================== "C:\Program Files\Mozilla Firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}" deleted ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.telenet.be" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="%s - Bing" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {C8104039-BA75-4514-9D27-86BA9CEAD80C} Yahoo//search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}" {F5CF7204-EB01-4AD7-9CBB-63F8A8FE4C35} Yahoo//uk.search.yahoo.com/search?p={searchTerms}&fr=FP-tab-web-t340&ei=UTF-8&meta=vc%3D" ==== Reset Google Chrome ====================== C:\users\francois\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\francois\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in DirectX-modus.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe -setDX C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in OpenGL-modus.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe -setOGL C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth verwijderen.lnk - C:\Windows\System32\msiexec.exe /x {468D22C0-8080-11E2-B86E-B8AC6F98CCE3} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files\Skype\Phone\Skype.exe ==== HijackThis Entries ====================== R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe O4 - HKLM\..\Run: [instantOn] "C:\Program Files\CyberLink\PowerCinema Linux\ion_install.exe /c " O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [bullGuard] "c:\program files\bullguard ltd\bullguard\BullGuard.exe" -boot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bullGuardUpdate2] c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode O4 - HKCU\..\Run: [MP3 Skype Recorder] C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\MP3 Skype Recorder\Skype4COM.dll O20 - AppInit_DLLs: C:\Windows\System32\BgGamingMonitor.dll c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe ==== Silent Runners ====================== "Silent Runners.vbs", revision 69, Silent Runners - Adware? Disinfect, don't reformat! Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} IncrediMail = C:\Program Files\IncrediMail\bin\IncMail.exe /c [incrediMail, Ltd.] Logitech Vid = "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode [Logitech Inc.] MP3 Skype Recorder = C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe [null data] Skype = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [skype Technologies S.A.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} toolbar_eula_launcher = C:\Program Files\GoogleEULA\EULALauncher.exe [null data] InstantOn = "C:\Program Files\CyberLink\PowerCinema Linux\ion_install.exe /c " [null data] Windows Mobile-based device management = C:\Windows\WindowsMobile\wmdSync.exe OpwareSE4 = "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [Nuance Communications, Inc.] NvSvc = RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart [MS] NvCplDaemon = RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [MS] beid = "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup [belgian Government] LogitechQuickCamRibbon = "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide [Logitech Inc.] AppleSyncNotifier = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [Apple Inc.] BullGuard = "c:\program files\bullguard ltd\bullguard\BullGuard.exe" -boot [bullGuard Ltd.] HP Software Update = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [Hewlett-Packard] NvMediaCenter = RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [MS] Adobe ARM = "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated] iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe" [Apple Inc.] BullGuardUpdate2 = c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [bullGuard Ltd.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = AcroIEHelperStub -> {HKLM.CLSID} = Adobe PDF Link Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe Systems Incorporated] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM.CLSID} = Java Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\ssv.dll [Oracle Corporation] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM.CLSID} = Windows Live ID Sign-in Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided) -> {HKLM.CLSID} = Google Toolbar Helper \InProcServer32\(Default) = c:\program files\google\googletoolbar1.dll [Google Inc.] {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = SkypeIEPluginBHO -> {HKLM.CLSID} = Skype Browser Helper \InProcServer32\(Default) = C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM.CLSID} = Java Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\jp2ssv.dll [Oracle Corporation] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class -> {HKLM.CLSID} = DesktopContext Class \InProcServer32\(Default) = C:\Windows\system32\nvcpl.dll [NVIDIA Corporation] {FFB699E0-306A-11d3-8BD1-00104B6F7516} = Play on my TV helper -> {HKLM.CLSID} = NVIDIA CPL Extension \InProcServer32\(Default) = C:\Windows\system32\nvcpl.dll [NVIDIA Corporation] {9458E603-FF43-4134-9036-04B4C71791E3} = BullGuard Backup -> {HKLM.CLSID} = BackupCopyHook Class \InProcServer32\(Default) = C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [bullGuard Ltd.] {1F25C6E4-E60D-421A-863F-D0C76F6AB211} = BullGuard Backup -> {HKLM.CLSID} = BullGuard Online Drive \InProcServer32\(Default) = C:\Program Files\BullGuard Ltd\BullGuard\BackupShellNamespace.dll [bullGuard Ltd.] {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} = Nokia Phone Browser -> {HKLM.CLSID} = Nokia Phone Browser \InProcServer32\(Default) = C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll [Nokia] {087B3AE3-E237-4467-B8DB-5A38AB959AC9} = OpenOffice.org Infotip Handler -> {HKLM.CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [Apache Software Foundation] {3B092F0C-7696-40E3-A80F-68D74DA84210} = OpenOffice.org Thumbnail Viewer -> {HKLM.CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [Apache Software Foundation] {63542C48-9552-494A-84F7-73AA6A7C99C1} = OpenOffice.org Property Sheet Handler -> {HKLM.CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [Apache Software Foundation] {AE424E85-F6DF-4910-A6A9-438797986431} = OpenOffice.org Property Handler -> {HKLM.CLSID} = OpenOffice.org Property Handler \InProcServer32\(Default) = C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll [Apache Software Foundation] {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} = OpenOffice.org Column Handler -> {HKLM.CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [Apache Software Foundation] {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} = iTunes -> {HKLM.CLSID} = iTunes \InProcServer32\(Default) = C:\Program Files\iTunes\iTunesMiniPlayer.dll [Apple Inc.] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\ <<!>> AppInit_DLLs = C:\Windows\System32\BgGamingMonitor.dll c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll [bullGuard Ltd.] HKCU\Software\Classes\PROTOCOLS\Handler\ <<!>> skype4com\CLSID = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -> {HKCU.CLSID} = IEProtocolHandler Class \InProcServer32\(Default) = C:\Program Files\MP3 Skype Recorder\Skype4COM.dll [skype Technologies] <<!>> skype4com\CLSID = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -> {HKLM.CLSID} = IEProtocolHandler Class \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL [skype Technologies] HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\ <<!>> livecall\CLSID = {828030A1-22C1-4009-854F-8E305202313F} -> {HKLM.CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\Windows Live\Messenger\msgrapp.dll [MS] <<!>> ms-itss\CLSID = {0A9007C0-4076-11D3-8789-0000F8105754} -> {HKLM.CLSID} = Microsoft Infotech Storage Protocol for IE 4.0 \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [MS] <<!>> msnim\CLSID = {828030A1-22C1-4009-854F-8E305202313F} -> {HKLM.CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\Windows Live\Messenger\msgrapp.dll [MS] <<!>> skype-ie-addon-data\CLSID = {91774881-D725-4E58-B298-07617B9B86A8} -> {HKLM.CLSID} = Skype IE add-on Pluggable Protocol \InProcServer32\(Default) = C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.] <<!>> skype4com\CLSID = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -> {HKCU.CLSID} = IEProtocolHandler Class \InProcServer32\(Default) = C:\Program Files\MP3 Skype Recorder\Skype4COM.dll [skype Technologies] <<!>> skype4com\CLSID = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -> {HKLM.CLSID} = IEProtocolHandler Class \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL [skype Technologies] <<!>> wlmailhtml\CLSID = {03C514A3-1EFB-4856-9F99-10D7BE1653C0} -> {HKLM.CLSID} = Windows Live Mail HTML Asynchronous Pluggable Protocol Handler \InProcServer32\(Default) = C:\Program Files\Windows Live\Mail\mailcomm.dll [MS] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ {EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}\(Default) = (no title provided) -> {HKLM.CLSID} = NBShellHook Class \InProcServer32\(Default) = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [Nero AG] {F4BF1657-195F-4A0F-ACA2-9AE99D65BC0E}\(Default) = (no title provided) -> {HKLM.CLSID} = BgShellExt Class \InProcServer32\(Default) = C:\Program Files\BullGuard Ltd\BullGuard\BgShellExt.dll [bullGuard Ltd.] HKLM\SOFTWARE\Classes\*\shellex\DragDropHandlers\ NBShellHook\(Default) = {EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} -> {HKLM.CLSID} = NBShellHook Class \InProcServer32\(Default) = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [Nero AG] HKLM\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\ BackupCopyHook\(Default) = {9458E603-FF43-4134-9036-04B4C71791E3} -> {HKLM.CLSID} = BackupCopyHook Class \InProcServer32\(Default) = C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [bullGuard Ltd.] Nokia\(Default) = {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} -> {HKLM.CLSID} = Nokia Phone Browser \InProcServer32\(Default) = C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll [Nokia] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ NvCplDesktopContext\(Default) = {A70C977A-BF00-412C-90B7-034C51DA2439} -> {HKLM.CLSID} = DesktopContext Class \InProcServer32\(Default) = C:\Windows\system32\nvcpl.dll [NVIDIA Corporation] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = OpenOffice.org Column Handler -> {HKLM.CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [Apache Software Foundation] {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info -> {HKLM.CLSID} = PDF Shell Extension \InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ bgshellext\(Default) = {F4BF1657-195F-4A0F-ACA2-9AE99D65BC0E} -> {HKLM.CLSID} = BgShellExt Class \InProcServer32\(Default) = C:\Program Files\BullGuard Ltd\BullGuard\BgShellExt.dll [bullGuard Ltd.] {EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}\(Default) = (no title provided) -> {HKLM.CLSID} = NBShellHook Class \InProcServer32\(Default) = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [Nero AG] HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\ NBShellHook\(Default) = {EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} -> {HKLM.CLSID} = NBShellHook Class \InProcServer32\(Default) = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [Nero AG] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoDrives = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoDrives = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ EnableLUA = (REG_DWORD) dword:0x00000000 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Run All Administrators In Admin Approval Mode} DisableRegistryTools = (REG_DWORD) dword:0x00000000 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ Wallpaper = C:\Windows\Web\Wallpaper\img36.jpg Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = C:\Windows\Web\Wallpaper\img36.jpg Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ SCRNSAVE.EXE = C:\Windows\system32\Bubbles.scr [MS] Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ HPAutoplayPSE\ Provider = HP Photosmart Essential 3.5 InvokeProgID = HpqPSApl.Autoplay InvokeVerb = Play HKLM\SOFTWARE\Classes\HpqPSApl.Autoplay\shell\Play\DropTarget\CLSID = {A6873065-D632-4615-A3A9-C5F05EE109C1} -> {HKLM.CLSID} = (no title provided) \LocalServer32\(Default) = C:\Program Files\HP\Digital Imaging\bin\HpqPsApl.exe [Hewlett-Packard] iTunesBurnCDOnArrival\ Provider = iTunes InvokeProgID = iTunes.BurnCD InvokeVerb = burn HKLM\SOFTWARE\Classes\iTunes.BurnCD\shell\burn\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayBurn "%L" [Apple Inc.] iTunesImportSongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.ImportSongsOnCD InvokeVerb = import HKLM\SOFTWARE\Classes\iTunes.ImportSongsOnCD\shell\import\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayImportSongs "%L" [Apple Inc.] iTunesPlaySongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.PlaySongsOnCD InvokeVerb = play HKLM\SOFTWARE\Classes\iTunes.PlaySongsOnCD\shell\play\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /playCD "%L" [Apple Inc.] iTunesShowSongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.ShowSongsOnCD InvokeVerb = showsongs HKLM\SOFTWARE\Classes\iTunes.ShowSongsOnCD\shell\showsongs\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayShowSongs "%L" [Apple Inc.] NeroAutoPlay7AudioToNeroDigital\ Provider = Nero Burning ROM Essentials InvokeProgID = Nero.AutoPlay7 InvokeVerb = AudioToNeroDigital_PlayCDAudioOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\AudioToNeroDigital_PlayCDAudioOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Core\nero.exe /Dialog:SaveTracks %L [Nero AG] NeroAutoPlay7CDAudio\ Provider = Nero Express Essentials InvokeProgID = Nero.AutoPlay7 InvokeVerb = CDAudio_HandleCDBurningOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\CDAudio_HandleCDBurningOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Core\nero.exe -w /New:AudioCD [Nero AG] NeroAutoPlay7CopyCD\ Provider = Nero Burning ROM Essentials InvokeProgID = Nero.AutoPlay7 InvokeVerb = CopyCD_PlayMusicFilesOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\CopyCD_PlayMusicFilesOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Core\nero.exe /Dialog:DiscCopy %L [Nero AG] NeroAutoPlay7DataDisc\ Provider = Nero Express Essentials InvokeProgID = Nero.AutoPlay7 InvokeVerb = DataDisc_HandleCDBurningOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\DataDisc_HandleCDBurningOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Core\nero.exe -w /New:ISODisc [Nero AG] NeroAutoPlay7LaunchNeroStartSmart\ Provider = Nero StartSmart Essentials InvokeProgID = Nero.AutoPlay7 InvokeVerb = LaunchNeroStartSmart_HandleCDBurningOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\LaunchNeroStartSmart_HandleCDBurningOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe /AutoPlay [Nero AG] NeroAutoPlay7PlayAudioCD\ Provider = Nero ShowTime Essentials InvokeProgID = Nero.AutoPlay7 InvokeVerb = PlayAudioCD_PlayMusicFilesOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\PlayAudioCD_PlayMusicFilesOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe /Play %L [Nero AG] NeroAutoPlay7PlayDVD\ Provider = Nero ShowTime Essentials InvokeProgID = Nero.AutoPlay7 InvokeVerb = PlayDVD_PlayVideoFilesOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\PlayDVD_PlayVideoFilesOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe /Play %L [Nero AG] NeroAutoPlay7RipCD\ Provider = Nero Burning ROM Essentials InvokeProgID = Nero.AutoPlay7 InvokeVerb = RipCD_PlayCDAudioOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\RipCD_PlayCDAudioOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Core\nero.exe /Dialog:SaveTracks %L [Nero AG] NeroAutoPlay7TranscodeVideo\ Provider = Nero Recode Essentials InvokeProgID = Nero.AutoPlay7 InvokeVerb = TranscodeVideo_PlayDVDMovieOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\TranscodeVideo_PlayDVDMovieOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Nero Recode\Recode.exe /New:CopyDVDVideo [Nero AG] NeroAutoPlay7VideoCapture\ Provider = Nero Vision Essentials ProgID = Shell.HWEventHandlerShellExecute InitCmdLine = "C:\Program Files\Nero\Nero 7\Nero Vision\NeroVision.exe" /New:VideoCapture HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} -> {HKLM.CLSID} = Shell Execute Hardware Event Handler \LocalServer32\(Default) = C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS] NeroAutoPlay7ViewPhotos\ Provider = Nero PhotoSnap Viewer Essentials InvokeProgID = Nero.AutoPlay7 InvokeVerb = ViewPhotos_ShowPicturesOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\ViewPhotos_ShowPicturesOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Nero PhotoSnap\PhotoSnapViewer.exe / [Nero AG] TVPPlayDVDMovieOnArrival\ Provider = Total Video Player InvokeProgID = totalplayer.dvd InvokeVerb = open HKLM\SOFTWARE\Classes\totalplayer.dvd\shell\open\command\(Default) = C:\Program Files\Total Video Converter\tvp.exe -dvd %1 [empty string] WIA_{4DD10255-97A3-4B04-9D9E-D6B39980EBF8}\ Provider = Ulead PhotoImpact 12 CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;"C:\Program Files\Ulead Systems\Ulead PhotoImpact 12\iedit.exe" /W; -> {HKLM.CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{72D327BF-A6E2-4D6F-853E-B5DA345C76AA}\ Provider = HP Photosmart Essential 3.5 CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files\HP\Digital Imaging\bin\HpqPsApl.exe; -> {HKLM.CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{AF2B178F-085C-4E1E-A8ED-6D6236D2408B}\ Provider = PhotoImpact 12 CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files\Ulead Systems\Ulead PhotoImpact 12\Iedit_.exe /StiDevice:%1 /StiEvent:%2; -> {HKLM.CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{B6927D7D-C265-404F-83EA-6E36EAC96626}\ Provider = PhotoImpact 12 CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files\Ulead Systems\Ulead PhotoImpact 12\Iedit.Exe /StiDevice:%1 /StiEvent:%2; -> {HKLM.CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{D695D376-E623-477B-83FF-42AFEE6AA593}\ Provider = OmniPage SE 4 CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files\ScanSoft\OmniPageSE4\omnipage.exe /StiDevice:%1 /StiEvent:%2; -> {HKLM.CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] Windows Sidebar Gadgets: {++} ------------------------ C:\Users\francois\AppData\Local\Microsoft\Windows Sidebar\Settings.ini "C:%5CProgram%20Files%5CWindows%20Sidebar%5CGadgets%5CCPU.Gadget" Non-disabled Scheduled Tasks: {++} ----------------------------- C:\Windows\System32\Tasks Adobe Flash Player Updater -> launches: C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated] CCleanerSkipUAC -> launches: "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd] CreateChoiceProcessTask -> launches: C:\Windows\System32\browserchoice.exe /launch [MS] GoogleUpdateTaskMachineCore -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskMachineUA -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] GoogleUpdateTaskUserS-1-5-21-992474526-248551049-2733349607-1000Core -> launches: C:\Users\francois\AppData\Local\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskUserS-1-5-21-992474526-248551049-2733349607-1000UA -> launches: C:\Users\francois\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] User_Feed_Synchronization-{52016BC6-1CD0-4618-A682-240D98DD3EAC} -> (HIDDEN!) launches: C:\Windows\system32\msfeedssync.exe sync [MS] {038A256B-DE02-458B-8C87-9E4F7621807C} -> launches: C:\Windows\system32\pcalua.exe -a E:\SETUP.EXE -d E:\ [MS] {0FCAC9BA-CE71-40A1-8CEE-AF20EADEB580} -> launches: C:\Program Files\Skype\Phone\Skype.exe [skype Technologies S.A.] {1B0C6B7C-8DEF-4184-A278-C4E7308902CE} -> launches: C:\Windows\system32\pcalua.exe -a E:\Setup\English\demo32.exe -d E:\Setup\English [MS] {297EF8D0-F8A0-4FFC-BB31-30C657465201} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\francois\Desktop\OOo_3.2.1_Win_x86_install-wJRE_nl.exe -d C:\Users\francois\Desktop [MS] {3494A759-D0F9-450D-A5FF-11C64900D47F} -> launches: C:\Windows\system32\pcalua.exe -a E:\SETUP.EXE -d E:\ [MS] {3525F545-8AAC-4F0E-AB9C-785A5F0332EE} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Users\francois\Desktop\OpenOffice.org 2.4 (nl) Installation Files\instmsia.exe" -d "C:\Users\francois\Desktop\OpenOffice.org 2.4 (nl) Installation Files" [MS] {3A3DD8F8-F870-45E3-8410-D543FD9CC7D4} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Users\francois\Desktop\OpenOffice.org 2.4 (nl) Installation Files\instmsiw.exe" -d "C:\Users\francois\Desktop\OpenOffice.org 2.4 (nl) Installation Files" [MS] {3B34B355-84E3-405E-9D30-F2E8C53FAA34} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Users\francois\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2NYAC5R8\setup_basic_G3110_3.exe" -d C:\Users\francois\Desktop [MS] {48898A06-0BD5-44F8-B8D0-5F6E4CDF83C1} -> launches: C:\Windows\system32\pcalua.exe -a E:\Nederlands\ar500nld.exe -d E:\Nederlands [MS] {5430CC89-60AD-42E6-B909-096E7E34FD7E} -> launches: C:\Windows\system32\pcalua.exe -a E:\SETUP.EXE -d E:\ -c /AUTORUN [MS] {55602F1F-9B9A-40F8-AA9B-472C6A7BBDAE} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Program Files\BrowserCompanion\uninstall.exe" [MS] {60450085-23EC-42EB-9515-BEE5D7BB5873} -> launches: "C:\Program Files\Internet Explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype [MS] {771086A4-68A1-4682-9B99-9F5339EA2E8B} -> launches: C:\Windows\system32\pcalua.exe -a E:\PC-Okular_Driver\Setup.exe -d E:\PC-Okular_Driver [MS] {816BB3C0-EC31-4F8F-A5E4-2CD17B299F06} -> launches: "C:\Program Files\Internet Explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype [MS] {9588F8D1-2DF9-44F5-88DA-7A8B51D2F6AD} -> launches: "C:\Program Files\Internet Explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype [MS] {968BADB1-9D31-41D6-83D9-5CBFFE170FC5} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\francois\Downloads\setup.exe -d C:\Users\francois\Downloads [MS] {AA535FDE-6D70-4298-BAF4-836A505DA1E6} -> launches: C:\Windows\system32\pcalua.exe -a E:\_ISDEL.EXE -d E:\ [MS] {BD7572A9-3013-495F-832E-89DDE22E5240} -> launches: C:\Windows\system32\pcalua.exe -a "c:\Users\francois\Downloads\open office.exe" [MS] {BEB5C13E-76D1-4392-B93C-141CAF384E97} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Program Files\Belgium Identity Card\beidoutlooksnc.exe" -d "C:\Program Files\Belgium Identity Card\" [MS] {C8856147-FF06-4BA0-A3EA-FDC96BA16922} -> launches: C:\Windows\system32\pcalua.exe -a E:\NL\MSWorks\instmsia.exe -d E:\NL\MSWorks [MS] {C8F79C96-3467-4D5B-921C-D9398D5AB82F} -> launches: "C:\Program Files\Internet Explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype [MS] {D31F66BA-3A78-4030-9DB2-83F551302D5D} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\francois\Desktop\OOo_3.0.0_Win32Intel_install_wJRE_nl.exe -d C:\Users\francois\Desktop [MS] {DE6A1B01-868A-497B-B30F-C26591B222E6} -> launches: C:\Windows\system32\pcalua.exe -a E:\Nederlands\Install.exe -d E:\Nederlands [MS] {DFCEBC01-F83F-49DF-8395-1DCEB760657F} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Users\francois\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G1XZ6BIY\slsk156b[1].exe" -d C:\Users\francois [MS] {F03D4E2A-0016-4F0C-AC93-60549F9BC21D} -> launches: "C:\Program Files\Internet Explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype [MS] {F2E11E0C-4F96-49BF-8C2F-9110519DBC9D} -> launches: C:\Program Files\Skype\Phone\Skype.exe [skype Technologies S.A.] C:\Windows\System32\Tasks\Apple AppleSoftwareUpdate -> launches: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task [Apple Inc.] C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} -> {HKLM.CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM.CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM.CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] UserTask-Roam -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM.CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS] OptinNotification -> launches: %SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0 [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Defrag ManualDefrag -> launches: %windir%\system32\defrag.exe -c [MS] ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c -i -g [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Media Center ehDRMInit -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS] mcupdate -> launches: %SystemRoot%\ehome\mcupdate $(Arg0) -gc [MS] OCURActivate -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS] OCURDiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery [MS] UpdateRecordPath -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E} -> {HKLM.CLSID} = HotStart User Agent \InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS] TMM -> launches: {35EF4182-F900-4632-B072-8639E4478A61} -> {HKLM.CLSID} = Transient Multi-Monitor Manager \InProcServer32\(Default) = C:\Windows\System32\TMM.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MUI LPRemove -> launches: %windir%\system32\lpremove.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543} -> {HKLM.CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetworkAccessProtection NAPStatus UI -> launches: {f09878a1-4652-4292-aa63-8c7d4fd7648f} -> {HKLM.CLSID} = Nap ITask Handler Implementation \InProcServer32\(Default) = C:\Windows\System32\QAgent.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RAC RACAgent -> (HIDDEN!) launches: %windir%\system32\RacAgent.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Shell CrawlStartPages -> launches: {51653423-e62d-4ff7-894a-dabb2b8e21e2} -> {HKLM.CLSID} = CrawlStartPages Task Handler \InProcServer32\(Default) = C:\Windows\System32\srchadmin.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SideShow GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61} -> {HKLM.CLSID} = GadgetsManager Class \InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore SR -> launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip IpAddressConflict1 -> launches: rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS] IpAddressConflict2 -> launches: rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS] WSHReset -> (HIDDEN!) launches: %systemroot%\system32\netsh.exe interface tcp set heuristic wsh=default [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} -> {HKLM.CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\UPnP UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WDI ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} -> {HKLM.CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup AutomaticBackup -> launches: %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup [MS] CheckFull -> launches: sdclt.exe /CHECKFULL [MS] Windows Backup Monitor -> launches: sdclt.exe /DETECTFAILURE [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WindowsCalendar Reminders - francois -> launches: C:\Program Files\Windows Calendar\WinCal.exe /reminder [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Wired GatherWiredInfo -> launches: %windir%\system32\gatherWiredInfo.vbs [null data] C:\Windows\System32\Tasks\Microsoft\Windows\Wireless GatherWirelessInfo -> launches: %windir%\system32\gatherWirelessInfo.vbs [null data] C:\Windows\System32\Tasks\Microsoft\Windows Defender MP Scheduled Scan -> (HIDDEN!) launches: c:\program files\windows defender\MpCmdRun.exe Scan -RestrictPrivileges [MS] MP Scheduled Signature Update -> (HIDDEN!) launches: c:\program files\windows defender\MpCmdRun.exe SignatureUpdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows Live\SOXE Extractor Definitions Update Task -> launches: {3519154C-227E-47F3-9CC9-12C3F05817F1} -> {HKLM.CLSID} = Windows Live Social Object Extractor Engine Definition Updater \InProcServer32\(Default) = C:\Program Files\Windows Live\SOXE\wlsoxe.dll [MS] C:\Windows\System32\Tasks\WPD SqmUpload_S-1-5-21-992474526-248551049-2733349607-1000 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000007\LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll [Apple Inc.] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: C:\Windows\system32\BGLsp.dll [bullGuard Ltd.], 01 - 10, 21 %SystemRoot%\system32\mswsock.dll [MS], 11 - 20, 22 - 39 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ {2318C2B1-4965-11D4-9B18-009027A5CD4F} -> {HKLM.CLSID} = &Google \InProcServer32\(Default) = c:\program files\google\googletoolbar1.dll [Google Inc.] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ {2318C2B1-4965-11D4-9B18-009027A5CD4F} = (no title provided) -> {HKLM.CLSID} = &Google \InProcServer32\(Default) = c:\program files\google\googletoolbar1.dll [Google Inc.] Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {27FD17FB-CF63-486B-B2BE-8D8781CBEA01}\ ButtonText = BullGuard CLSIDExtension = {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} -> {HKLM.CLSID} = BGIEToolbarButton Class \InProcServer32\(Default) = C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll [bullGuard Ltd.] {898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ ButtonText = Skype Click to Call CLSIDExtension = {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -> {HKLM.CLSID} = Skype Browser Helper \InProcServer32\(Default) = C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Apple Mobile Device, Apple Mobile Device, "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [Apple Inc.] Bonjour-service, Bonjour Service, "C:\Program Files\Bonjour\mDNSResponder.exe" [Apple Inc.] BullGuard backup service, BsBackup, C:\Windows\System32\SvcHost.exe -k BullGuard_Backup {C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll [bullGuard Ltd.]} BullGuard behavioural detection service, BsBhvScan, C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [bullGuard Ltd.] BullGuard e-mail monitoring service, BsMailProxy, C:\Windows\System32\SvcHost.exe -k BullGuard_Proxy {c:\program files\bullguard ltd\bullguard\BsMailProxy\BsMailProxy.dll [bullGuard Ltd.]} BullGuard firewall service, BsFire, C:\Windows\System32\SvcHost.exe -k BullGuard {c:\program files\bullguard ltd\bullguard\BsFire.dll [bullGuard Ltd.]} BullGuard main service, BsMain, C:\Windows\System32\SvcHost.exe -k BullGuard_Main {C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [bullGuard Ltd.]} BullGuard on-access service, BsFileScan, C:\Windows\System32\SvcHost.exe -k BullGuard {c:\program files\bullguard ltd\bullguard\BsFileScan.dll [bullGuard Ltd.]} BullGuard scanning service, BsScanner, C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [bullGuard Ltd.] BullGuard update service, BsUpdate, C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [bullGuard Ltd.] iPod-service, iPod Service, "C:\Program Files\iPod\bin\iPodService.exe" [Apple Inc.] LexBce Server, LexBceS, C:\Windows\System32\LEXBCES.EXE [Lexmark International, Inc.] LightScribeService Direct Disc Labeling Service, LightScribeService, "C:\Program Files\Common Files\LightScribe\LSSrvc.exe" [Hewlett-Packard Company] Op Windows Mobile gebaseerde apparaatverbinding, RapiMgr, C:\Windows\system32\svchost.exe -k WindowsMobile {C:\Windows\WindowsMobile\rapimgr.dll [MS]} Pml Driver HPZ12, Pml Driver HPZ12, C:\Windows\System32\svchost.exe -k HPZ12 {C:\Windows\system32\HPZipm12.dll [Hewlett-Packard]} Process Monitor, LVPrcSrv, "C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe" [Logitech Inc.] Skype C2C Service, Skype C2C Service, "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe" [skype Technologies S.A.] UMVPFSrv, UMVPFSrv, C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [Logitech Inc.] Windows Installer, msiserver, C:\Windows\system32\msiexec.exe /V [MS] Windows Live ID Sign-in Assistant, wlidsvc, "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [MS] X10 Device Network Service, x10nets, C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [X10] Safe Mode Drivers & Services (subkey name, subkey default value): ----------------------------------------------------------------- HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ <<!>> BsMain, Service <<!>> BsScanner, Service HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ <<!>> BsMain, Service <<!>> BsScanner, Service <<!>> BsUpdate, Service Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ Canon BJ Language Monitor MP140 series\Driver = CNMLM8R.DLL [CANON INC.] Lexmark Network Port\Driver = LEXLMPM.DLL [Lexmark International, Inc.] PCL hpz3llhn\Driver = hpz3llhn.dll [Hewlett-Packard Company] ==== Empty IE Cache ====================== C:\Users\francois\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\francois\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\479L409T will be deleted at reboot C:\Users\francois\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YVMTGBXD will be deleted at reboot C:\Users\francois\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\users\francois\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\francois\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\francois\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\francois\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\479L409T" not found "C:\Users\francois\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YVMTGBXD" not found

Kape, De toepassingen die werken met Adobe reader doen het niet meer. Om deze weer te installeren vraagt hij om de inc mail te sluiten,maar deze is niet geopend. Kan je hierbij nogmaals helpen? Dummy

Kape, Nog altijd de SPAM bij het openen van GOOGLE. Weet je of het mogelijk is om incredimail te contacteren om met deze spam te stoppen? Ik kan toch niet de enige zijn die dit probleem heeft . Ik gebruik dit mailprogramma graag en zou het jammer vinden om het te verwijderen. Groeten; Dummy

Bedankt, ik laat je morgen meer weten

Logje ComboFix 13-03-31.01 - francois 31/03/2013 13:53:10.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.1022.132 [GMT 2:00] Gestart vanuit: c:\users\francois\Downloads\ComboFix.exe AV: BullGuard Antivirus *Disabled/Outdated* {C3CCAC61-52F7-A056-1860-6406566E2578} FW: BullGuard Firewall *Disabled* {FBF72D44-1898-A10E-333F-CD33A8BD6203} SP: BullGuard Antispyware *Disabled/Outdated* {78AD4D85-74CD-AFD8-22D0-5F742DE96FC5} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\StartNow Toolbar c:\program files\StartNow Toolbar\Resources\images\engine_images.png c:\program files\StartNow Toolbar\Resources\images\engine_maps.png c:\program files\StartNow Toolbar\Resources\images\engine_news.png c:\program files\StartNow Toolbar\Resources\images\engine_videos.png c:\program files\StartNow Toolbar\Resources\images\engine_web.png c:\program files\StartNow Toolbar\Resources\images\icon_amazon.png c:\program files\StartNow Toolbar\Resources\images\icon_ebay.png c:\program files\StartNow Toolbar\Resources\images\icon_facebook.png c:\program files\StartNow Toolbar\Resources\images\icon_games.png c:\program files\StartNow Toolbar\Resources\images\icon_msn.png c:\program files\StartNow Toolbar\Resources\images\icon_shopping.png c:\program files\StartNow Toolbar\Resources\images\icon_travel.png c:\program files\StartNow Toolbar\Resources\images\icon_twitter.png c:\program files\StartNow Toolbar\Resources\images\startnow_logo.png c:\program files\StartNow Toolbar\Resources\installer.xml c:\program files\StartNow Toolbar\Resources\skin\chevron_button.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_button_hover.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_button_normal.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_input_background.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_input_left.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_input_middle.png c:\program files\StartNow Toolbar\Resources\skin\separator.png c:\program files\StartNow Toolbar\Resources\skin\splitter.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png c:\program files\StartNow Toolbar\Resources\toolbar.xml c:\program files\StartNow Toolbar\Resources\update.xml c:\program files\StartNow Toolbar\uninstall.dat c:\windows\_detmp.2 c:\windows\animbigN.bmp c:\windows\animsmalN.bmp c:\windows\IsUn0413.exe c:\windows\system32\rnaph.dll c:\windows\system32\SETE55C.tmp c:\windows\system32\spool\prtprocs\w32x86\1_CNMPD8R.DLL c:\windows\TEMP\logishrd\LVPrcInj01.dll c:\windows\unin0413.exe D:\setup.exe . Besmet exemplaar van c:\windows\system32\userinit.exe werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - c:\combofix\HarddiskVolumeShadowCopy9_!Windows!System32!userinit.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2013-02-28 to 2013-03-31 )))))))))))))))))))))))))))))) . . 2013-03-29 09:12 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FC366E34-B6E9-46E1-A9FC-C7DBB6C5532B}\mpengine.dll 2013-03-20 20:00 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-03-10 16:07 . 2013-03-10 16:07 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-03-03 23:47 . 2013-03-03 23:47 -------- d-----w- c:\program files\Common Files\Skype . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-23 09:37 . 2012-05-14 14:27 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-03-23 09:37 . 2011-07-09 06:51 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-03-21 17:06 . 2010-02-17 13:33 54624 ----a-w- c:\windows\system32\BGLsp.dll 2013-03-21 17:06 . 2010-01-11 09:30 108968 ----a-w- c:\windows\system32\BgGamingMonitor.dll 2013-03-21 17:06 . 2009-12-04 09:59 64624 ----a-w- c:\windows\system32\drivers\BdSpy.sys 2013-03-10 16:06 . 2012-06-14 14:22 861088 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-03-10 16:06 . 2010-08-08 12:21 782240 ----a-w- c:\windows\system32\deployJava1.dll 2013-03-02 07:12 . 2009-12-04 10:00 33888 ----a-r- c:\windows\system32\drivers\afw.sys 2013-03-02 07:12 . 2012-02-29 16:19 343456 ----a-w- c:\windows\system32\drivers\Trufos.sys 2013-03-02 07:12 . 2009-12-04 10:00 337504 ----a-r- c:\windows\system32\drivers\afwcore.sys 2013-01-17 00:28 . 2009-10-03 08:15 232336 ------w- c:\windows\system32\MpSigStub.exe 2013-01-05 05:26 . 2013-02-13 07:20 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-01-05 05:26 . 2013-02-13 07:20 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-01-04 11:28 . 2013-02-13 07:20 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-01-04 01:38 . 2013-02-13 07:20 2048512 ----a-w- c:\windows\system32\win32k.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2010-07-26 353736] "Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2011-06-02 6123032] "MP3 Skype Recorder"="c:\program files\MP3 Skype Recorder\MP3 Skype Recorder.exe" [2011-11-17 1975296] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896] "InstantOn"="c:\program files\CyberLink\PowerCinema Linux\ion_install.exe" [2007-02-13 94212] "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-06 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-06 8530464] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2012-02-23 59240] "BullGuard"="c:\program files\bullguard ltd\bullguard\BullGuard.exe" [2013-03-21 837984] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-06 81920] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392] "BullGuardUpdate2"="c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe" [2013-03-21 1879904] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\System32\BgGamingMonitor.dll c:\progra~1\BULLGU~1\BULLGU~1\BgAgent.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2013-02-20 11:35 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-992474526-248551049-2733349607-1000] "EnableNotificationsRef"=dword:00000001 . R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache BullGuard_Main REG_MULTI_SZ BsMain BullGuard REG_MULTI_SZ BsFileScan BsFire BullGuard_LowPriv REG_MULTI_SZ BsBrowser hpdevmgmt REG_MULTI_SZ hpqcxs08 BullGuard_Backup REG_MULTI_SZ BsBackup BullGuard_Proxy REG_MULTI_SZ BsMailProxy . Inhoud van de 'Gedeelde Taken' map . 2013-03-31 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-14 09:37] . 2013-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-04-18 11:33] . 2013-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-04-18 11:33] . 2013-03-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-992474526-248551049-2733349607-1000Core.job - c:\users\francois\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-29 16:34] . 2013-03-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-992474526-248551049-2733349607-1000UA.job - c:\users\francois\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-29 16:34] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mStart Page = hxxp://www.telenet.be mWindow Title = Telenet Internet uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 LSP: c:\windows\system32\BGLsp.dll Trusted Zone: kapaza.be\www TCP: DhcpNameServer = 195.130.131.132 195.130.130.4 DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab . - - - - ORPHANS VERWIJDERD - - - - . SafeBoot-WudfPf SafeBoot-WudfRd MSConfigStartUp-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\bm_installer.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-03-31 14:25 Windows 6.0.6002 Service Pack 2 NTFS . detected NTDLL code modification: ZwOpenFile . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000001 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(156) c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe c:\windows\System32\LEXBCES.EXE c:\windows\System32\LEXPPS.EXE c:\windows\system32\conime.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\windows\System32\rundll32.exe c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\System32\WUDFHost.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\progra~1\COMMON~1\X10\Common\x10nets.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\program files\IncrediMail\bin\IMApp.exe c:\windows\System32\wsqmcons.exe c:\windows\system32\sdclt.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Voltooingstijd: 2013-03-31 14:33:13 - machine werd herstart ComboFix-quarantined-files.txt 2013-03-31 12:33 . Pre-Run: 199.963.607.040 bytes beschikbaar Post-Run: 200.718.774.272 bytes beschikbaar . - - End Of File - - 3448E8D7885D0A459B0B25E1B310A3B4

Kape, Hierbij de log ComboFix 13-03-31.01 - francois 31/03/2013 13:53:10.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.1022.132 [GMT 2:00] Gestart vanuit: c:\users\francois\Downloads\ComboFix.exe AV: BullGuard Antivirus *Disabled/Outdated* {C3CCAC61-52F7-A056-1860-6406566E2578} FW: BullGuard Firewall *Disabled* {FBF72D44-1898-A10E-333F-CD33A8BD6203} SP: BullGuard Antispyware *Disabled/Outdated* {78AD4D85-74CD-AFD8-22D0-5F742DE96FC5} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\StartNow Toolbar c:\program files\StartNow Toolbar\Resources\images\engine_images.png c:\program files\StartNow Toolbar\Resources\images\engine_maps.png c:\program files\StartNow Toolbar\Resources\images\engine_news.png c:\program files\StartNow Toolbar\Resources\images\engine_videos.png c:\program files\StartNow Toolbar\Resources\images\engine_web.png c:\program files\StartNow Toolbar\Resources\images\icon_amazon.png c:\program files\StartNow Toolbar\Resources\images\icon_ebay.png c:\program files\StartNow Toolbar\Resources\images\icon_facebook.png c:\program files\StartNow Toolbar\Resources\images\icon_games.png c:\program files\StartNow Toolbar\Resources\images\icon_msn.png c:\program files\StartNow Toolbar\Resources\images\icon_shopping.png c:\program files\StartNow Toolbar\Resources\images\icon_travel.png c:\program files\StartNow Toolbar\Resources\images\icon_twitter.png c:\program files\StartNow Toolbar\Resources\images\startnow_logo.png c:\program files\StartNow Toolbar\Resources\installer.xml c:\program files\StartNow Toolbar\Resources\skin\chevron_button.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_button_hover.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_button_normal.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_input_background.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_input_left.png c:\program files\StartNow Toolbar\Resources\skin\searchbox_input_middle.png c:\program files\StartNow Toolbar\Resources\skin\separator.png c:\program files\StartNow Toolbar\Resources\skin\splitter.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png c:\program files\StartNow Toolbar\Resources\toolbar.xml c:\program files\StartNow Toolbar\Resources\update.xml c:\program files\StartNow Toolbar\uninstall.dat c:\windows\_detmp.2 c:\windows\animbigN.bmp c:\windows\animsmalN.bmp c:\windows\IsUn0413.exe c:\windows\system32\rnaph.dll c:\windows\system32\SETE55C.tmp c:\windows\system32\spool\prtprocs\w32x86\1_CNMPD8R.DLL c:\windows\TEMP\logishrd\LVPrcInj01.dll c:\windows\unin0413.exe D:\setup.exe . Besmet exemplaar van c:\windows\system32\userinit.exe werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - c:\combofix\HarddiskVolumeShadowCopy9_!Windows!System32!userinit.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2013-02-28 to 2013-03-31 )))))))))))))))))))))))))))))) . . 2013-03-29 09:12 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FC366E34-B6E9-46E1-A9FC-C7DBB6C5532B}\mpengine.dll 2013-03-20 20:00 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-03-10 16:07 . 2013-03-10 16:07 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-03-03 23:47 . 2013-03-03 23:47 -------- d-----w- c:\program files\Common Files\Skype . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-23 09:37 . 2012-05-14 14:27 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-03-23 09:37 . 2011-07-09 06:51 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-03-21 17:06 . 2010-02-17 13:33 54624 ----a-w- c:\windows\system32\BGLsp.dll 2013-03-21 17:06 . 2010-01-11 09:30 108968 ----a-w- c:\windows\system32\BgGamingMonitor.dll 2013-03-21 17:06 . 2009-12-04 09:59 64624 ----a-w- c:\windows\system32\drivers\BdSpy.sys 2013-03-10 16:06 . 2012-06-14 14:22 861088 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-03-10 16:06 . 2010-08-08 12:21 782240 ----a-w- c:\windows\system32\deployJava1.dll 2013-03-02 07:12 . 2009-12-04 10:00 33888 ----a-r- c:\windows\system32\drivers\afw.sys 2013-03-02 07:12 . 2012-02-29 16:19 343456 ----a-w- c:\windows\system32\drivers\Trufos.sys 2013-03-02 07:12 . 2009-12-04 10:00 337504 ----a-r- c:\windows\system32\drivers\afwcore.sys 2013-01-17 00:28 . 2009-10-03 08:15 232336 ------w- c:\windows\system32\MpSigStub.exe 2013-01-05 05:26 . 2013-02-13 07:20 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-01-05 05:26 . 2013-02-13 07:20 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-01-04 11:28 . 2013-02-13 07:20 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-01-04 01:38 . 2013-02-13 07:20 2048512 ----a-w- c:\windows\system32\win32k.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2010-07-26 353736] "Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2011-06-02 6123032] "MP3 Skype Recorder"="c:\program files\MP3 Skype Recorder\MP3 Skype Recorder.exe" [2011-11-17 1975296] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896] "InstantOn"="c:\program files\CyberLink\PowerCinema Linux\ion_install.exe" [2007-02-13 94212] "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-06 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-06 8530464] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2012-02-23 59240] "BullGuard"="c:\program files\bullguard ltd\bullguard\BullGuard.exe" [2013-03-21 837984] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-06 81920] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392] "BullGuardUpdate2"="c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe" [2013-03-21 1879904] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\System32\BgGamingMonitor.dll c:\progra~1\BULLGU~1\BULLGU~1\BgAgent.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2013-02-20 11:35 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-992474526-248551049-2733349607-1000] "EnableNotificationsRef"=dword:00000001 . R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache BullGuard_Main REG_MULTI_SZ BsMain BullGuard REG_MULTI_SZ BsFileScan BsFire BullGuard_LowPriv REG_MULTI_SZ BsBrowser hpdevmgmt REG_MULTI_SZ hpqcxs08 BullGuard_Backup REG_MULTI_SZ BsBackup BullGuard_Proxy REG_MULTI_SZ BsMailProxy . Inhoud van de 'Gedeelde Taken' map . 2013-03-31 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-14 09:37] . 2013-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-04-18 11:33] . 2013-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-04-18 11:33] . 2013-03-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-992474526-248551049-2733349607-1000Core.job - c:\users\francois\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-29 16:34] . 2013-03-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-992474526-248551049-2733349607-1000UA.job - c:\users\francois\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-29 16:34] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mStart Page = hxxp://www.telenet.be mWindow Title = Telenet Internet uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/keyword/%s IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 LSP: c:\windows\system32\BGLsp.dll Trusted Zone: kapaza.be\www TCP: DhcpNameServer = 195.130.131.132 195.130.130.4 DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} - hxxp://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab . - - - - ORPHANS VERWIJDERD - - - - . SafeBoot-WudfPf SafeBoot-WudfRd MSConfigStartUp-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\bm_installer.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-03-31 14:25 Windows 6.0.6002 Service Pack 2 NTFS . detected NTDLL code modification: ZwOpenFile . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000001 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(156) c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe c:\windows\System32\LEXBCES.EXE c:\windows\System32\LEXPPS.EXE c:\windows\system32\conime.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\windows\System32\rundll32.exe c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\System32\WUDFHost.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\progra~1\COMMON~1\X10\Common\x10nets.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\program files\IncrediMail\bin\IMApp.exe c:\windows\System32\wsqmcons.exe c:\windows\system32\sdclt.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Voltooingstijd: 2013-03-31 14:33:13 - machine werd herstart ComboFix-quarantined-files.txt 2013-03-31 12:33 . Pre-Run: 199.963.607.040 bytes beschikbaar Post-Run: 200.718.774.272 bytes beschikbaar . - - End Of File - - 3448E8D7885D0A459B0B25E1B310A3B4

Kape, Ondanks de grote opruim aktie stonden er bij het starten van google deze morgen weer al een 40 tal van deze reclame berichtjes van incredimail in de google geschiedenis. Zijn er nog andere mogelijkheden om dit te stoppen ? Groeten Dummy

Kape, Blijkbaar heeft de cleaner inderdaad een bende rotzooi verwijderd, maar hoe geraken al die zaken door de beveiliging van vista en de(betalende versie van bulguard)? Mag ik op geregelde tijdstippen met adw ceaner de ganse handel opkuisen? Ik wil hierbij jullie en het ganse team nogmaals bedanken voor de snelle en efficiënte hulp. Dummy # AdwCleaner v2.115 - Verslag gemaakt op 30/03/2013 om 13:06:33 # Geactualiseerd op 17/03/2013 door Xplode # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits) # Gebruiker : francois - PC_VAN_FRANCOIS # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\francois\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\END File Verwijdert : C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml File Verwijdert : C:\user.js File Verwijdert : C:\Users\francois\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences File Verwijdert : C:\Windows\system32\conduitEngine.tmp Map Verwijdert : C:\Program Files\Application Updater Map Verwijdert : C:\Program Files\BabylonToolbar Map Verwijdert : C:\Program Files\Claro LTD Map Verwijdert : C:\Program Files\Common Files\spigot Map Verwijdert : C:\Program Files\Conduit Map Verwijdert : C:\Program Files\ConduitEngine Map Verwijdert : C:\Program Files\DealPly Map Verwijdert : C:\Program Files\DVDVideoSoftTB Map Verwijdert : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com Map Verwijdert : C:\Program Files\ToggleDU Map Verwijdert : C:\Program Files\Windows Searchqu Toolbar Map Verwijdert : C:\ProgramData\Babylon Map Verwijdert : C:\ProgramData\Browser Manager Map Verwijdert : C:\Users\francois\AppData\Local\APN Map Verwijdert : C:\Users\francois\AppData\Local\Babylon Map Verwijdert : C:\Users\francois\AppData\Local\Conduit Map Verwijdert : C:\Users\francois\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Map Verwijdert : C:\Users\francois\AppData\Local\PackageAware Map Verwijdert : C:\Users\francois\AppData\Local\Savings Sidekick Map Verwijdert : C:\Users\francois\AppData\Local\ToggleDU Map Verwijdert : C:\Users\francois\AppData\LocalLow\BabylonToolbar Map Verwijdert : C:\Users\francois\AppData\LocalLow\Conduit Map Verwijdert : C:\Users\francois\AppData\LocalLow\ConduitEngine Map Verwijdert : C:\Users\francois\AppData\LocalLow\DVDVideoSoftTB Map Verwijdert : C:\Users\francois\AppData\LocalLow\PriceGong Map Verwijdert : C:\Users\francois\AppData\LocalLow\Search Settings Map Verwijdert : C:\Users\francois\AppData\LocalLow\searchquband Map Verwijdert : C:\Users\francois\AppData\LocalLow\Searchqutoolbar Map Verwijdert : C:\Users\francois\AppData\LocalLow\ToggleDU Map Verwijdert : C:\Users\francois\AppData\Roaming\Babylon Map Verwijdert : C:\Users\francois\AppData\Roaming\BabylonToolbar Map Verwijdert : C:\Users\francois\AppData\Roaming\dvdvideosoftiehelpers Map Verwijdert : C:\Users\francois\AppData\Roaming\Media Finder Map Verwijdert : C:\Users\francois\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com Map Verwijdert : C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\ffxtlbr@claro.com Verwijdert bij het opstarten : C:\Users\francois\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\APN PIP Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\conduitEngine Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Search Settings Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ToggleDU Sleutel Verwijdert : HKCU\Software\AppDataLow\Toolbar Sleutel Verwijdert : HKCU\Software\Babylon Sleutel Verwijdert : HKCU\Software\BabylonToolbar Sleutel Verwijdert : HKCU\Software\Blabbers Sleutel Verwijdert : HKCU\Software\BrowserCompanion Sleutel Verwijdert : HKCU\Software\Conduit Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Sleutel Verwijdert : HKCU\Software\GreenTree Applications Sleutel Verwijdert : HKCU\Software\IM Sleutel Verwijdert : HKCU\Software\ImInstaller Sleutel Verwijdert : HKCU\Software\Microsoft\Babylon Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{83AA2913-C123-4146-85BD-AD8F93971D39} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ToggleDU Toolbar Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C804D6C-2796-4C7F-BD16-4020A1148FCB} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijdert : HKCU\Software\Search Settings Sleutel Verwijdert : HKCU\Software\ToggleDU Sleutel Verwijdert : HKCU\Toolbar Sleutel Verwijdert : HKLM\Software\Application Updater Sleutel Verwijdert : HKLM\Software\Babylon Sleutel Verwijdert : HKLM\Software\BabylonToolbar Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\b Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Babylon.dskBnd Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylnApp.appCore Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Conduit.Engine Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Sleutel Verwijdert : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Sleutel Verwijdert : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193 Sleutel Verwijdert : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2088433 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2269050 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\conduitEngine Sleutel Verwijdert : HKLM\Software\DVDVideoSoftTB Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{355710C4-0168-4970-B811-CDA35FDB25D6} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75D2802E-446E-4D59-8EBE-FBC3DA4B2BD4} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D35D768-F21E-4E17-AC9C-2DB957EC9346} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F02B6CBB-CD01-4A49-BF26-C9C931E45C11} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F84DB775-F73C-4A80-AF1A-052552EC69EA} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C804D6C-2796-4C7F-BD16-4020A1148FCB} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68} Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DA5BD2D3CA2D6943A1A233CD3F88CE7 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC9EFC5C3366B4DB850DAB49330C52 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E98451C7CA808F47AFE467BDABD02FA Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD11FD45FC7B9E46A8F4B69F3A66E35 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5979AD63CA2D6943A1A233CD3F88CE7 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF9BD2952384A9C49B4A5D3D95329890 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FABA2A33488410A4AA40489BD2224282 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ToggleDU Toolbar Sleutel Verwijdert : HKLM\Software\PIP Sleutel Verwijdert : HKLM\Software\Search Settings Sleutel Verwijdert : HKLM\SOFTWARE\Software Sleutel Verwijdert : HKLM\Software\TENCENT Sleutel Verwijdert : HKLM\Software\ToggleDU Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3AD798D0-4642-4C55-BC14-CFE7DD19E0D1}] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{3AD798D0-4642-4C55-BC14-CFE7DD19E0D1}] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16470 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v [Onmogelijk de versie te verkrijgen] File : C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v25.0.1364.172 File : C:\Users\francois\AppData\Local\Google\Chrome\User Data\Default\Preferences Verwijdert [l.34] : icon_url = "hxxp://www.babylon.com/favicon.ico", Verwijdert [l.37] : keyword = "babylon.com", Verwijdert [l.40] : search_url = "hxxp://isearch.babylon.com/?q={searchTerms}&affID=116417&tt=090812_clr_3212_5&b[...] Verwijdert [l.1982] : homepage = "hxxp://isearch.babylon.com/?affID=116417&tt=090812_clr_3212_5&babsrc=HP_ss&mntrId=d0[...] Verwijdert [l.2317] : urls_to_restore_on_startup = [ "hxxp://isearch.babylon.com/?affID=116417&tt=090812_clr_3212_5[...] ************************* AdwCleaner[R1].txt - [17383 octets] - [30/03/2013 12:00:44] AdwCleaner[s1].txt - [384 octets] - [30/03/2013 11:47:22] AdwCleaner[s2].txt - [16043 octets] - [30/03/2013 13:06:33] ########## EOF - C:\AdwCleaner[s2].txt - [16104 octets] ##########

Kape, (Vandaag staan er al 40 van deze berichtjes in mijn internet geschiedenis.) Hier het gevraagde logje. # AdwCleaner v2.115 - Verslag gemaakt op 30/03/2013 om 12:00:44 # Geactualiseerd op 17/03/2013 door Xplode # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits) # Gebruiker : francois - PC_VAN_FRANCOIS # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\francois\Downloads\adwcleaner.exe # Optie [Zoeken] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Aanwezig : C:\END File Aanwezig : C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml File Aanwezig : C:\user.js File Aanwezig : C:\Users\francois\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences File Aanwezig : C:\Windows\system32\conduitEngine.tmp Map Aanwezig : C:\Program Files\Application Updater Map Aanwezig : C:\Program Files\BabylonToolbar Map Aanwezig : C:\Program Files\Claro LTD Map Aanwezig : C:\Program Files\Common Files\spigot Map Aanwezig : C:\Program Files\Conduit Map Aanwezig : C:\Program Files\ConduitEngine Map Aanwezig : C:\Program Files\DealPly Map Aanwezig : C:\Program Files\DVDVideoSoftTB Map Aanwezig : C:\Program Files\DVDVideoSoftTB Map Aanwezig : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com Map Aanwezig : C:\Program Files\ToggleDU Map Aanwezig : C:\Program Files\Windows Searchqu Toolbar Map Aanwezig : C:\ProgramData\Babylon Map Aanwezig : C:\ProgramData\Browser Manager Map Aanwezig : C:\Users\francois\AppData\Local\APN Map Aanwezig : C:\Users\francois\AppData\Local\Babylon Map Aanwezig : C:\Users\francois\AppData\Local\Conduit Map Aanwezig : C:\Users\francois\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Map Aanwezig : C:\Users\francois\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Map Aanwezig : C:\Users\francois\AppData\Local\PackageAware Map Aanwezig : C:\Users\francois\AppData\Local\Savings Sidekick Map Aanwezig : C:\Users\francois\AppData\Local\ToggleDU Map Aanwezig : C:\Users\francois\AppData\LocalLow\BabylonToolbar Map Aanwezig : C:\Users\francois\AppData\LocalLow\Conduit Map Aanwezig : C:\Users\francois\AppData\LocalLow\ConduitEngine Map Aanwezig : C:\Users\francois\AppData\LocalLow\DVDVideoSoftTB Map Aanwezig : C:\Users\francois\AppData\LocalLow\DVDVideoSoftTB Map Aanwezig : C:\Users\francois\AppData\LocalLow\PriceGong Map Aanwezig : C:\Users\francois\AppData\LocalLow\Search Settings Map Aanwezig : C:\Users\francois\AppData\LocalLow\searchquband Map Aanwezig : C:\Users\francois\AppData\LocalLow\Searchqutoolbar Map Aanwezig : C:\Users\francois\AppData\LocalLow\ToggleDU Map Aanwezig : C:\Users\francois\AppData\Roaming\Babylon Map Aanwezig : C:\Users\francois\AppData\Roaming\BabylonToolbar Map Aanwezig : C:\Users\francois\AppData\Roaming\dvdvideosoftiehelpers Map Aanwezig : C:\Users\francois\AppData\Roaming\Media Finder Map Aanwezig : C:\Users\francois\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com Map Aanwezig : C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\ffxtlbr@claro.com ***** [Register] ***** Sleutel Aanwezig : HKCU\Software\APN PIP Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\Conduit Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\conduitEngine Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\conduitEngine Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\Search Settings Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\ToggleDU Sleutel Aanwezig : HKCU\Software\AppDataLow\Toolbar Sleutel Aanwezig : HKCU\Software\Babylon Sleutel Aanwezig : HKCU\Software\BabylonToolbar Sleutel Aanwezig : HKCU\Software\Blabbers Sleutel Aanwezig : HKCU\Software\BrowserCompanion Sleutel Aanwezig : HKCU\Software\Conduit Sleutel Aanwezig : HKCU\Software\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Sleutel Aanwezig : HKCU\Software\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Sleutel Aanwezig : HKCU\Software\GreenTree Applications Sleutel Aanwezig : HKCU\Software\IM Sleutel Aanwezig : HKCU\Software\ImInstaller Sleutel Aanwezig : HKCU\Software\Microsoft\Babylon Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{83AA2913-C123-4146-85BD-AD8F93971D39} Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ToggleDU Toolbar Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C804D6C-2796-4C7F-BD16-4020A1148FCB} Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Aanwezig : HKCU\Software\Search Settings Sleutel Aanwezig : HKCU\Software\ToggleDU Sleutel Aanwezig : HKCU\Toolbar Sleutel Aanwezig : HKLM\Software\Application Updater Sleutel Aanwezig : HKLM\Software\Babylon Sleutel Aanwezig : HKLM\Software\BabylonToolbar Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Sleutel Aanwezig : HKLM\SOFTWARE\Classes\b Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Babylon.dskBnd Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Sleutel Aanwezig : HKLM\SOFTWARE\Classes\bbylnApp.appCore Sleutel Aanwezig : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Sleutel Aanwezig : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Sleutel Aanwezig : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Conduit.Engine Sleutel Aanwezig : HKLM\SOFTWARE\Classes\escort.escortIEPane Sleutel Aanwezig : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Sleutel Aanwezig : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Sleutel Aanwezig : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Sleutel Aanwezig : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Sleutel Aanwezig : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193 Sleutel Aanwezig : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193 Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Toolbar.CT2088433 Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Toolbar.CT2269050 Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Aanwezig : HKLM\Software\Conduit Sleutel Aanwezig : HKLM\Software\conduitEngine Sleutel Aanwezig : HKLM\Software\conduitEngine Sleutel Aanwezig : HKLM\Software\DVDVideoSoftTB Sleutel Aanwezig : HKLM\Software\DVDVideoSoftTB Sleutel Aanwezig : HKLM\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej Sleutel Aanwezig : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Sleutel Aanwezig : HKLM\SOFTWARE\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Sleutel Aanwezig : HKLM\SOFTWARE\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{355710C4-0168-4970-B811-CDA35FDB25D6} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75D2802E-446E-4D59-8EBE-FBC3DA4B2BD4} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D35D768-F21E-4E17-AC9C-2DB957EC9346} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F02B6CBB-CD01-4A49-BF26-C9C931E45C11} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F84DB775-F73C-4A80-AF1A-052552EC69EA} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C804D6C-2796-4C7F-BD16-4020A1148FCB} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68} Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DA5BD2D3CA2D6943A1A233CD3F88CE7 Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC9EFC5C3366B4DB850DAB49330C52 Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7 Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E98451C7CA808F47AFE467BDABD02FA Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD11FD45FC7B9E46A8F4B69F3A66E35 Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5979AD63CA2D6943A1A233CD3F88CE7 Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF9BD2952384A9C49B4A5D3D95329890 Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044 Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FABA2A33488410A4AA40489BD2224282 Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193 Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ToggleDU Toolbar Sleutel Aanwezig : HKLM\Software\PIP Sleutel Aanwezig : HKLM\Software\Search Settings Sleutel Aanwezig : HKLM\SOFTWARE\Software Sleutel Aanwezig : HKLM\Software\TENCENT Sleutel Aanwezig : HKLM\Software\ToggleDU Sleutel Aanwezig : HKU\S-1-5-21-992474526-248551049-2733349607-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Aanwezig : HKU\S-1-5-21-992474526-248551049-2733349607-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}] Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}] Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3AD798D0-4642-4C55-BC14-CFE7DD19E0D1}] Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{3AD798D0-4642-4C55-BC14-CFE7DD19E0D1}] Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16470 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v [Onmogelijk de versie te verkrijgen] File : C:\Users\francois\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v25.0.1364.172 File : C:\Users\francois\AppData\Local\Google\Chrome\User Data\Default\Preferences Aanwezig [l.34] : icon_url = "hxxp://www.babylon.com/favicon.ico", Aanwezig [l.37] : keyword = "babylon.com", Aanwezig [l.40] : search_url = "hxxp://isearch.babylon.com/?q={searchTerms}&affID=116417&tt=090812_clr_3212_5&babsrc=SP_ss&mntrId=d0903119000000000000001a2a28e6c1", Aanwezig [l.1982] : homepage = "hxxp://isearch.babylon.com/?affID=116417&tt=090812_clr_3212_5&babsrc=HP_ss&mntrId=d0903119000000000000001a2a28e6c1", Aanwezig [l.2317] : urls_to_restore_on_startup = [ "hxxp://isearch.babylon.com/?affID=116417&tt=090812_clr_3212_5&babsrc=HP_ss&mntrId=d0903119000000000000001a2a28e6c1", "hxxp://www.claro-search.com/?affID=114024&tt=090812_clr_3212_5&babsrc=HP_ss&mntrId=d0903119000000000000001a2a28e6c1" ] ************************* AdwCleaner[R1].txt - [17193 octets] - [30/03/2013 12:00:44] AdwCleaner[s1].txt - [384 octets] - [30/03/2013 11:47:22] ########## EOF - C:\AdwCleaner[R1].txt - [17313 octets] ##########

Jion, Hierbij het gevraagde logje. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:56:10, on 30/03/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Windows\system32\taskeng.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Windows\System32\rundll32.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\System32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Logitech\Vid HD\Vid.exe C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Users\francois\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\francois\AppData\Local\Google\Chrome\Application\chrome.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe O4 - HKLM\..\Run: [instantOn] "C:\Program Files\CyberLink\PowerCinema Linux\ion_install.exe /c " O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [bullGuard] "c:\program files\bullguard ltd\bullguard\BullGuard.exe" -boot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bullGuardUpdate2] c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode O4 - HKCU\..\Run: [Google Update] "C:\Users\francois\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [MP3 Skype Recorder] C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\MP3 Skype Recorder\Skype4COM.dll O20 - AppInit_DLLs: BgGamingMonitor.dll c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 11175 bytes

Goede morgen, Al enkele weken ontvang ik dagelijks via google (img)? berichten om nieuwe producten van incredimail aan te schaffen, tot 15 stuks per dag. Deze vullen de geschiedenis van elke dag in google.Maar bij het aanklikken gebeurt er niets. Kan je mij zeggen hoe ik daar vanaf geraak? Alvast bedankt, Dummy

MAXSTAR, Hierbij het logje, blijkbaar betreft het geen virus .Uit bijgevoegde afbeelding blijkt ook dat de vertraging niet te wijten is aan een overvolle computer. (denk ik) [ATTACH=CONFIG]23785[/ATTACH] Malwarebytes Anti-Malware 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2013.01.26.05 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 francois :: PC_VAN_FRANCOIS [administrator] 26/01/2013 14:01:44 mbam-log-2013-01-26 (14-01-44).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 212240 Verstreken tijd: 7 minuut/minuten, 25 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Ik heb ondertussen Paint NET geïnstalleerd '( en de originele paint verwijderd) en deze werkt prima ,ik denk dan ook dat we dit als opgelost kunnen beschouwen. Bedankt voor de hulp. Dummy (einde)

Bedankt Jean-Pierre.

Goede middag, Als ik paint wil starten wordt de computer zeer traag,nu enkele dagen later is het ganse systeem aan het vertragen. Hierbij een logfile , misschien kan je hier de fout uit afleiden. Alvast bedankt ; Dummy Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:04:11, on 26/01/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\PixArt\Pac207\Monitor.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\ehome\ehtray.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Logitech\Vid HD\Vid.exe C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe C:\Windows\ehome\ehmsas.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe O4 - HKLM\..\Run: [instantOn] "C:\Program Files\CyberLink\PowerCinema Linux\ion_install.exe /c " O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [bullGuard] "c:\program files\bullguard ltd\bullguard\BullGuard.exe" -boot O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode O4 - HKCU\..\Run: [Google Update] "C:\Users\francois\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [MP3 Skype Recorder] C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\MP3 Skype Recorder\Skype4COM.dll O20 - AppInit_DLLs: BgGamingMonitor.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 11727 bytes

Goede middag, Bij het intypen van een woord in Google Belgie kreeg ik vroeger een sitebar met de keuze " Pagina in het nederlands" en"Pagina s uit belgie" en nog enkele andere keuzes. Dit was wel handig,en die is nu verdwenen. Kan iemand mij zeggen hoe ik deze terug kan krijgen. Avast bedankt Dummy ;-)

Kape, Hierbij de logjes en het ziet er precies al veel beter uit.Kan ik de Malwarebytes Anti-Malware later ook gebruiken, of moet ik die dan aankopen? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:39:29, on 23/12/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\PixArt\Pac207\Monitor.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe C:\Windows\System32\mobsync.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Windows\System32\rundll32.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\ehome\ehtray.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Logitech\Vid HD\Vid.exe C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Users\francois\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\francois\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\francois\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\notepad.exe C:\Windows\system32\conime.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe O4 - HKLM\..\Run: [instantOn] "C:\Program Files\CyberLink\PowerCinema Linux\ion_install.exe /c " O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [bullGuard] "c:\program files\bullguard ltd\bullguard\BullGuard.exe" -boot O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode O4 - HKCU\..\Run: [Google Update] "C:\Users\francois\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [MP3 Skype Recorder] C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\MP3 Skype Recorder\Skype4COM.dll O20 - AppInit_DLLs: BgGamingMonitor.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 12112 bytes Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.1.1000 Malwarebytes : Free anti-malware download Databaseversie: v2012.12.23.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 francois :: PC_VAN_FRANCOIS [administrator] Realtime bescherming: Ingeschakeld 23/12/2012 11:15:01 mbam-log-2012-12-23 (11-15-01).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 227630 Verstreken tijd: 14 minuut/minuten, 32 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

Jion, Hierbij het gevraagde logje. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:05:04, on 22/12/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\PixArt\Pac207\Monitor.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\System32\rundll32.exe C:\Program Files\BrowserCompanion\BCHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Windows\ehome\ehtray.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\Logitech\Vid HD\Vid.exe C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe C:\Program Files\FinePixViewerS\QuickDCF2.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Windows\system32\taskeng.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.6\ytdToolbarIE.dll R3 - URLSearchHook: ToggleDU Toolbar - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - C:\Program Files\ToggleDU\prxtbTog2.dll R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll O1 - Hosts: ::1 localhost O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O2 - BHO: ToggleDU - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - C:\Program Files\ToggleDU\prxtbTog2.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.6\ytdToolbarIE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: ToggleDU Toolbar - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - C:\Program Files\ToggleDU\prxtbTog2.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll O3 - Toolbar: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.6\ytdToolbarIE.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe O4 - HKLM\..\Run: [instantOn] "C:\Program Files\CyberLink\PowerCinema Linux\ion_install.exe /c " O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [bullGuard] "c:\program files\bullguard ltd\bullguard\BullGuard.exe" -boot O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode O4 - HKCU\..\Run: [Google Update] "C:\Users\francois\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [MP3 Skype Recorder] C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OpenOffice.org 3.0 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Exif Launcher S.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\MP3 Skype Recorder\Skype4COM.dll O20 - AppInit_DLLs: BgGamingMonitor.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 14782 bytes

Beste Jion, Bedankt voor de snelle reactie, ik ga er onmiddellijk mee aan de slag. Dummy

Beste, Wat kan ik doen aan die vervelende, telkens terugkerende popups over Search Settings? Groeten dummy

ProMind, Bedankt voor de snelle reactie.Door de hoge prijs van deze omvormer zal ik deze camera maar gewoon bewaren.

Goede middag, Zojuist heb ik een een bewakings camera gekregen ,( een oudere wegens vernieuwing) super high res.day en nicht color camera. 220v-50Hz 4,5 W De uitgang is via een coax kabel. Kan iemand mij zeggen hoe ik de beelden hiervan op mijn computer kan krijgen? Omdat de enige coax aansluiting achteraan de computer voor de aansluiting van het televisie signaal is. Is er misschien een omvormer nodig,en is dit een dure operatie. Dank bij voorbaat : Dummy

Clarkie Ik heb de pen aan de jongens van I.T op mijn werk gegeven en zij zijn tot de vaststelling gekomen dat er wel degelijk een fout in de pen zelf zit. Daarom ga ik de pen naar de verkoper terug sturen en hopen op een vervanging. Bedankt voor alle hulp. Dummy

clarkie Momenteel heb ik nog geen oplossing,door mijn verlof is het probleem op "stand by" gezet. Maar ik ga je zeker op de hoogte houden. groetjes; Dummy

Zal ik zeker doen. Groetjes

Clarkie Ondanks al je goede raad sla ik er niet in deze operatie zelf tot een goed einde te brengen. Ik ga een plaatselijk kenner aanspreken om dit op mijn computer uit te zoeken. Toch wil ik je bedanken voor je eindeloos geduld met mensen zoals ik. Groeten : Dummy