Mystart by incredibar

[joernst]

Ik probeer aan de hand van informatie over dit onderwerp op deze site de Mystart incredibar te verwijderen.

Heb HJT gedownload, de scan gemaakt en copie ervan voeg ik hier bij.

Maar nu staakt mijn kennis om verder te komen. Kunt u mij helpen hoe verder te gaan.

Alvast bedankt,

Joernst

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:41:01, on 15-2-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\Microsoft IntelliType Pro\itype.exe

C:\Windows\SOUNDMAN.EXE

C:\Program Files\AVG Secure Search\vprot.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\System32\StikyNot.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe

C:\Users\Jo\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

R3 - URLSearchHook: (no name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file)

R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120714172952.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.1.7\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: vToolbarUpdater14.1.7 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe

--

End of file - 10746 bytes

[juisterr]

Hallo, we gaan de volgende tool inzetten. zoek.exe ®by smeenk

Download zoek.exe naar het bureaublad.

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

  startupall;
  filesrcm;
  emptyclsid;
  

  
  

• Vink nu de onderstaande opties aan.
  
  • 
    
    
  • Standaard Search
    
  • Auto Clean
    
  • Running processes
    
  • Empty All Temp
    
  • IE Defaults
    
    

  [*] Klik nu op de knop "Run script".

  [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  [*] Post nu de inhoud van het geopende logje in het volgende bericht.

[joernst]

Nadat de pc werd afgesloten was mijn antwoordbox weg, ik hoop dat je dit bericht alsnog krijgt.

Dank voor de snelle reactie.

Ik had het probleem met Mystart iuncredibar al opgelost volgens de aanwijzingen die ik op deze site vond, i.c. met behulp van Adwcleaner. Daarna had ik nog een soortgelijk probleem met utorrent toolbar. en die heb ik hoop ik ook opgelost.

Niettemin heb ik toch jouw zoe.exe uitgevoerd waarvan hier het rapport.

Ben benieuwd of er nog zaken te repareren zijn. Alvast bedankt

groet

joernst

Zoek.exe Version 4.0.0.1 Updated 13-February-2013

Tool run by Jo on vr 15-02-2013 at 22:21:26,04.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

==== Running Processes ======================

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\Windows\system32\mfevtps.exe

C:\Windows\system32\rundll32.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Windows\system32\UI0Detect.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Microsoft IntelliType Pro\itype.exe

C:\Windows\SOUNDMAN.EXE

C:\Program Files\AVG Secure Search\vprot.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\System32\StikyNot.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

c:\PROGRA~1\mcafee\msc\mcupdmgr.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe

C:\Users\Jo\Downloads\zoek.exe

C:\Windows\system32\conhost.exe

c:\PROGRA~1\mcafee\SITEAD~1\saui.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4028878574-752398548-4266132882-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5799845D-F531-4196-ABBF-5E010CB7B65D} deleted successfully

HKEY_USERS\S-1-5-21-4028878574-752398548-4266132882-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D193F14E-AAC3-495D-983A-E8BFC9739606} deleted successfully

==== Deleting CLSID Registry Values ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\2yynat80.default

user.js not found

---- Lines incredibar removed from prefs.js ----

user_pref("extensions.incredibar.actvtyRptTime", "1357389673839");

user_pref("extensions.incredibar.admin", false);

user_pref("extensions.incredibar.aflt", "orgnl");

user_pref("extensions.incredibar.afterInstallRpt", "sent");

user_pref("extensions.incredibar.cntry", "BE");

user_pref("extensions.incredibar.dfltLng", "EN");

user_pref("extensions.incredibar.dfltSrch", false);

user_pref("extensions.incredibar.did", "10674");

user_pref("extensions.incredibar.envrmnt", "production");

user_pref("extensions.incredibar.excTlbr", false);

user_pref("extensions.incredibar.hdrMd5", "42931343EC46E57F67FD8408554F4A58");

user_pref("extensions.incredibar.hmpg", false);

user_pref("extensions.incredibar.id", "64f1b579000000000000000c76b0b48a");

user_pref("extensions.incredibar.installerproductid", "26");

user_pref("extensions.incredibar.instlDay", "15710");

user_pref("extensions.incredibar.instlRef", "");

user_pref("extensions.incredibar.isDcmntCmplt", true);

user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1413:24:51");

user_pref("extensions.incredibar.mntrvrsn", "1.2.0");

user_pref("extensions.incredibar.newTab", false);

user_pref("extensions.incredibar.noFFXTlbr", false);

user_pref("extensions.incredibar.ppd", "");

user_pref("extensions.incredibar.prdct", "incredibar");

user_pref("extensions.incredibar.productid", "26");

user_pref("extensions.incredibar.prtnrId", "Incredibar");

user_pref("extensions.incredibar.sg", "none");

user_pref("extensions.incredibar.smplGrp", "none");

user_pref("extensions.incredibar.tlbrId", "base");

user_pref("extensions.incredibar.tlbrSrchUrl", "");

user_pref("extensions.incredibar.upn2", "6R8Qp86pPP");

user_pref("extensions.incredibar.upn2n", "92825694425741601");

user_pref("extensions.incredibar.vrsn", "1.5.11.14");

user_pref("extensions.incredibar.vrsnTs", "1.5.11.1413:24:51");

user_pref("extensions.incredibar.vrsni", "1.5.11.14");

user_pref("extensions.incredibar_i.aflt", "orgnl");

user_pref("extensions.incredibar_i.dfltLng", "");

user_pref("extensions.incredibar_i.did", "10674");

user_pref("extensions.incredibar_i.excTlbr", false);

user_pref("extensions.incredibar_i.id", "64f1b579000000000000000c76b0b48a");

user_pref("extensions.incredibar_i.installerproductid", "26");

user_pref("extensions.incredibar_i.instlDay", "15710");

user_pref("extensions.incredibar_i.instlRef", "");

user_pref("extensions.incredibar_i.ms_url_id", "");

user_pref("extensions.incredibar_i.newTab", false);

user_pref("extensions.incredibar_i.ppd", "");

user_pref("extensions.incredibar_i.prdct", "incredibar");

user_pref("extensions.incredibar_i.productid", "26");

user_pref("extensions.incredibar_i.prtnrId", "Incredibar");

user_pref("extensions.incredibar_i.smplGrp", "none");

user_pref("extensions.incredibar_i.tlbrId", "base");

user_pref("extensions.incredibar_i.tlbrSrchUrl", "");

user_pref("extensions.incredibar_i.upn2", "6R8Qp86pPP");

user_pref("extensions.incredibar_i.upn2n", "92825694425741601");

user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");

user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1413:24:51");

user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");

---- Lines incredibar modified from prefs.js ----

---- Lines conduit removed from prefs.js ----

user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2849859&SearchSource=3&q={searchTerms}");

user_pref("browser.startup.homepage", "http://search.conduit.com/?ctid=CT2849859&SearchSource=13");

user_pref("extensions.ghostery.blockingLog", "Blocked cookie: gid on .search.conduit.com/ with value: GOOGLE_BE loaded from null\nBlocked cookie: gil on .search.conduit.com/ with value: nl-BE loaded from null\nBlocked cookie: UserId on .search.conduit.com/ with value: 03d52a7d-491d-4293-a6bb-3081dd825c40 loaded from null\nBlocked cookie: UserData on .search.conduit.com/ with value: 2013-02-16T00:13:47 loaded from null\nBlocked cookie: UHP on .search.conduit.com/ with value: true loaded from null\nBlocked cookie: TestExUserInter on .search.conduit.com/ with value: TestRet loaded from null\nBlocked cookie: _GPL_it on .search.conduit.com/ with value: 1 loaded from null\n");

user_pref("keyword.URL", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2849859&SearchSource=2&CUI=SB_CUI&UM=UM_ID&q=");

user_pref("smartbar.conduitSearchAddressUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2865317&SearchSource=2&CUI=UN95117834827661547&q=");

user_pref("Smartbar.ConduitSearchEngineList", "uTorrentBar_NL Customized Web Search");

user_pref("Smartbar.ConduitSearchUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2865317&SearchSource=2&CUI=UN95117834827661547&q=");

---- Lines conduit modified from prefs.js ----

---- Lines Web Search removed from prefs.js ----

user_pref("browser.search.defaultthis.engineName", "BittorrentBar_NL Customized Web Search");

user_pref("browser.search.selectedEngine", "BittorrentBar_NL Customized Web Search");

---- Lines Web Search modified from prefs.js ----

---- Lines Customized removed from prefs.js ----

user_pref("browser.search.defaultthis.engineName", "BittorrentBar_NL Customized Web Search");

user_pref("browser.search.selectedEngine", "BittorrentBar_NL Customized Web Search");

---- Lines Customized modified from prefs.js ----

---- Lines y2layers removed from prefs.js ----

user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");

user_pref("extentions.y2layers.installId", "3221dc6f-c57a-4a9c-b05b-e6ebbb7480a1");

---- Lines y2layers modified from prefs.js ----

---- Lines yontoo removed from prefs.js ----

---- Lines yontoo modified from prefs.js ----

---- Lines crossrider removed from prefs.js ----

user_pref("extensions.crossrider.bic", "135fc906ace402495cc6a4e6f1f14011");

---- Lines crossrider modified from prefs.js ----

---- Lines mybrowserbar removed from prefs.js ----

---- Lines mybrowserbar modified from prefs.js ----

user_pref("extensions.enabledItems", "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6,{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3,{B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1,iobit@mybrowserbar.com:4.3,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,quickstores@quickstores.de:1.1.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17");

---- Lines smartbar removed from prefs.js ----

user_pref("Smartbar.keywordURLSelectedCTID", "CT2865317");

user_pref("smartbar.machineId", "0PAML0XBULDP+BPCVLJX4JGEYU8YUEOEEGCW4PO5LYP4P6WX8/A5LAEK81CP9CDA8C6TIJKMMWYPJFFZBR10EQ");

user_pref("smartbar.originalSearchAddressUrl", "");

user_pref("smartbar.originalSearchEngine", "Google");

---- Lines smartbar modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_15-02-2013_2231_.backup

ProfilePath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\jx9xbrh1.backup profiel

user.js not found

---- Lines incredibar removed from prefs.js ----

---- Lines incredibar modified from prefs.js ----

---- Lines conduit removed from prefs.js ----

---- Lines conduit modified from prefs.js ----

---- Lines Web Search removed from prefs.js ----

---- Lines Web Search modified from prefs.js ----

---- Lines Customized removed from prefs.js ----

---- Lines Customized modified from prefs.js ----

---- Lines y2layers removed from prefs.js ----

---- Lines y2layers modified from prefs.js ----

---- Lines yontoo removed from prefs.js ----

---- Lines yontoo modified from prefs.js ----

---- Lines crossrider removed from prefs.js ----

---- Lines crossrider modified from prefs.js ----

---- Lines mybrowserbar removed from prefs.js ----

---- Lines mybrowserbar modified from prefs.js ----

---- Lines smartbar removed from prefs.js ----

---- Lines smartbar modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_15-02-2013_2231_.backup

==== Deleting Files \ Folders ======================

"C:\user.js" deleted

"C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml" deleted

"C:\user.js" deleted

"C:\Windows\system32\roboot.exe" deleted

"C:\Program Files\Yontoo" deleted

"C:\Users\Jo\AppData\Roaming\Systweak" deleted

"C:\ProgramData\WoW Worldwide Software LTD" deleted

"C:\ProgramData\InstallMate" deleted

"C:\Users\Jo\AppData\Local\CRE" deleted

"C:\Users\Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc" deleted

"C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\2yynat80.default\jetpack" deleted

"C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\jx9xbrh1.backup profiel\extensions\ffxtlbr@incredibar.com" deleted

==== System Specs ======================

Windows: Windows 7 Ultimate Edition Service Pack 1 (Build 7601)

Internet Explorer: 9.0.8112.16421

Memory (RAM): 2048 MB

CPU Info: AMD Athlon 64 Processor 3200+

CPU Speed: 1959,8 MHz

Sound Card: Luidsprekers (Realtek AC'97 Aud |

Realtek Digital Output (Realtek |

Display Adapters: Radeon X1650 Series (Microsoft Corporation - WDDM) | Radeon X1650 Series (Microsoft Corporation - WDDM) | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Algemeen niet-PnP-beeldscherm |

Screen Resolution: 1920 X 1080 - 32 bit

Network: Network Present

Network Adapters: Realtek PCI GBE Family Controller

CD / DVD Drives: 1x (D: | ) D: _NEC DVD_RW ND-3540A

Ports: COM1 LPT1

Mouse: 3 Button Wheel Mouse Present

Hard Disks: C: 233,7GB

Hard Disks - Free: C: 166,8GB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | 01/10/05 | DELL - 10

Time Zone: West-Europa (standaardtijd)

Motherboard *: MSI MS-6702E

Sun Java version: 1.7.0_13

Country: Nederland

Language: NLD

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Jo\AppData\Local\Temp ====

====== C:\Windows\system32 =====

2013-02-12 16:45:17 E828134279A6BB5EF3032F9B88D335F9 94112 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll

====== C:\Windows\system32\drivers =====

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-02-15 18:06:59 -------- d-----w- C:\Program Files\VS Revo Group

2013-02-15 12:11:26 -------- d-----w- C:\Program Files\Mozilla Maintenance Service

======= C: =====

2013-02-15 17:55:48 0C1D3B0255F3712AC60D698AB2485C16 13085 ----a-w- C:\AdwCleaner[s3].txt

2013-02-15 17:55:11 AE1BFABA68A2729BB953315C694208B3 267 ----a-w- C:\AdwCleaner[s2].txt

2013-02-15 17:53:39 9A2226BD58AB0F67ECAF021E6981D7FC 12671 ----a-w- C:\AdwCleaner[R1].txt

2013-02-15 17:21:50 2583B41DEA0C70E83D9771194BA7DE73 34133 ----a-w- C:\AdwCleaner[s1].txt

====== C:\Users\Jo\AppData\Roaming ======

2013-02-12 16:32:34 -------- d-----w- C:\users\Jo\AppData\Roaming\TeamViewer

====== C:\Users\Jo ======

2013-02-15 17:18:55 7EF2009A2EF6E8DAF10254B9F786999B 9 ----a-w- C:\Users\Jo\ist.txt

====== C: exe-files ==

2013-02-15 20:48:08 40B6793676AA57A517518876B1F58C5E 832664 ----a-w- C:\Windows\Temp\0031041360961288mcinst.exe

2013-02-15 18:07:01 C91D2962373AE6B473C61C1F4B3596BD 87544 ----a-w- C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe

2013-02-15 18:05:59 979E536F75C1512CA0A13E07835A40FD 2617648 ----a-w- C:\Users\Jo\Downloads\revosetup.exe

2013-02-15 17:52:20 D0602D8D4A7D346906BB8DD9E79EB3D6 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-4028878574-752398548-4266132882-1000\$IKGQG6H.exe

2013-02-15 17:21:07 52F21EB2C7960E8523C64A867D7C6A06 580883 ----a-w- C:\Users\Jo\Downloads\Installer AdwCleaner.exe

2013-02-15 17:17:04 7D3B30D3A13A9C2FD0122A5121E04F90 119744 ----a-w- C:\Users\Jo\Downloads\adwcleaner.exe

2013-02-15 12:11:27 F59814FBEF50A58BFC0E0F14B2805245 105758 ----a-w- C:\Program Files\Mozilla Maintenance Service\Uninstall.exe

2013-02-15 12:11:26 51A84B690DF519DCF656F780243D953E 115608 ----a-w- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

2013-02-15 12:05:38 8E9DD54BC47AD061220AD8F0CE9F66B2 20836472 ----a-w- C:\Users\Jo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3JK0PJXT\Firefox Setup 18.0.2.exe

2013-02-11 16:52:08 0D7ADA905282247F87161BE6E0A0B93D 4189792 ----a-w- C:\Users\Jo\Downloads\ccsetup327.exe

2013-02-11 16:30:08 92F6A63442173ABC16722A0B162067E3 464560 ----a-w- C:\Program Files\Common Files\AVG Secure Search\DriverInstaller\14.1.7\DriverInstaller.exe

2013-02-11 16:29:54 87C57CBE385E00726A2113614F6C6BD2 965296 ----a-w- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe

2013-02-11 16:29:49 57032A2083797059BFC0053F246156D0 1205424 ----a-w- C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\14.1.7\ScriptHelper.exe

=== C: other files ==

2013-02-15 17:21:24 99A5E5ED634700498843650898EC9A78 477 ----a-w- C:\Users\Jo\AppData\Local\Temp\Uninst.bat

2013-02-15 10:26:36 D72E9AE22849DFF6E2E1BC658536421D 14886 ----a-w- C:\Users\Jo\AppData\Local\Nokia\NSU3\NOSSU2\types\rm-217\M00001_RM-217_v00005.zip

2013-02-14 21:46:38 7114070D9BDA5901B692D896A001EC95 12638576 ----a-w- C:\Users\Jo\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll

2013-02-12 16:45:17 E828134279A6BB5EF3032F9B88D335F9 94112 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll

2013-02-11 16:47:32 3181296C1731FD6F4251FE9BF2B5AF0A 155392 ----a-w- C:\Users\Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb\2.3.19.11_0\plugins\ChromeAutoApproveTB.dll

2013-02-11 16:47:32 0B45A206990CA3BEA34F527FB2007D0A 116480 ----a-w- C:\Users\Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb\2.3.19.11_0\plugins\ChromeApproveTBPlugin.dll

2013-02-11 16:30:34 2F9BBA66997014FA1A1C28C6C5A3B647 237077 ----a-w- C:\ProgramData\AVG Secure Search\ChromeExt\14.1.0.10\avg.crx

2013-02-11 16:30:10 FB12BE10CF35A6E947987D8CE1DC675B 562352 ----a-w- C:\Program Files\Common Files\AVG Secure Search\RewardsInstaller\14.1.7\AVGRewardsWorker.dll

2013-02-11 16:30:10 7FA4620D653F5C123DD16843464B3DC0 568496 ----a-w- C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\14.1.7\avgdttbx.dll

2013-02-11 16:30:10 773E38EA673356399FEB9E0394BD2186 495792 ----a-w- C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.1.7\ViProtocol.dll

2013-02-11 16:30:04 69DD39AA9C203AE6A7656F799F9EA500 768176 ----a-w- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\npsitesafety.dll

2013-02-11 16:30:04 4D443FA17889894E75B6D6E39BC98D6E 156848 ----a-w- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\SiteSafety.dll

2013-02-11 16:29:22 1AB87C7D4A14AA1A1D8AE9051FB19BE2 1920688 ----a-w- C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-4028878574-752398548-4266132882-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"

"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe"

"SoundMan"="SOUNDMAN.EXE"

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"vProt"="C:\Program Files\AVG Secure Search\vprot.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe ARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe Reader Speed Launcher"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AdobeAAMUpdater-1.0"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="GrooveMonitor"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="msnmsgr"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyTomTomSA.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="MyTomTomSA.exe"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\MyTomTom 3\\MyTomTomSA.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaSuite.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NokiaSuite.exe"

"hkey"="HKCU"

"command"="C:\\Program Files\\Nokia\\Nokia Suite\\NokiaSuite.exe -tray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NSU_agent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NSU_agent"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu3ui_agent.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Suite Tray]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="PC Suite Tray"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Nokia\\Nokia PC Suite 7\\PCSuite.exe\" -onlytray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Picasa Media Detector]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Picasa Media Detector"

"hkey"="HKCU"

"command"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="TomTomHOME.exe"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UnlockerAssistant]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="UnlockerAssistant"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Unlocker\\UnlockerAssistant.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3 .lnk]

"item"="OpenOffice.org 3.3 "

"path"="C:\\Users\\Jo\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.3 .lnk"

"backup"="C:\\Windows\\pss\\OpenOffice.org 3.3 .lnk.Startup"

"backupExtension"=".Startup"

"command"="C:\\PROGRA~1\\OPENOF~1.ORG\\program\\QUICKS~1.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TeamViewer8]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TomTomHOMEService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\vToolbarUpdater14.1.7]

==== Startup Folders ======================

2012-11-05 10:14:54 1280 ----a-w- C:\users\Jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

2012-11-05 10:14:54 2004 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08-02-2013 13:25]

C:\Windows\tasks\DriverNavigator Scheduled Scan.job --a------ C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe [03-03-2011 10:49]

C:\Windows\tasks\FreeFileViewerUpdateChecker.job --a------ C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe [13-10-2012 11:16]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\2yynat80.default

- Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

- McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor

- McAfee ScriptScan for Firefox - C:\Program Files\Common Files\McAfee\SystemCore

- Deutsches Wrterbuch - %ProfilePath%\extensions\de-DE@dictionaries.addons.mozilla.org

- United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org

- Ghostery - %ProfilePath%\extensions\firefox@ghostery.com

- Dictionnaire franais Classique - %ProfilePath%\extensions\fr-classique@dictionaries.addons.mozilla.org

- Garmin Communicator - %ProfilePath%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

- Torntv - %ProfilePath%\extensions\torntv@torntv.com.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\2yynat80.default

2ABE014A1E38EB4F597B3DE1356C347F - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U13

2616B4D6D04F18C579B7861F02B0B592 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.130.20

69DD39AA9C203AE6A7656F799F9EA500 - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\npsitesafety.dll - AVG SiteSafety plugin

F733C59712465B0BD2130BB7C1A6D6E3 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll - Shockwave Flash

75300E5ED4CD5B4363C3DBBB2D03269C - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll - McAfee Security Scanner +

F7B27774DAF8660ADD71EA29AE8C1B1A - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll - Nokia Suite Enabler Plugin

89AC2634B447B7917CC8CF99127CF50D - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

6F4F3E329FCD6CD3FE5D899C902F5611 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat

6F4F3E329FCD6CD3FE5D899C902F5611 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat

6B171450E38C8569DA7258FEE21E7D17 - C:\Program Files\Picasa2\npPicasa3.dll - Picasa

1E0BE34388EAE50753DBA528474DC9D5 - C:\Program Files\McAfee\SiteAdvisor\NPMcFFPlg32.dll - McAfee SiteAdvisor

C7794A997CEC29173A4401F3AE16C51F - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

3B00376AE69AC2E815425E54DEBFF750 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery

711A2E6A55EC7BFD59B5F649D58B704B - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll - Silverlight Plug-In

414BADCE0803E142B5B57322E85103AC - C:\Program Files\Garmin GPS Plugin\npGarmin.dll - Garmin Communicator Plug-In

5E947691097BA0A9AA4B8E44A4B9FEB0 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

625D0A824F513CE1CABB8861E97F2142 - C:\Program Files\Picasa2\npPicasa2.dll - Picasa

99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

21A55BABD31DA624449F06A591AE73ED - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrlui.dll - Microsoft ® Silverlight

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Jo\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[]

dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\IB Updater\source.crx[]

fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[04-12-2012 10:47]

jbolfgndggfhhpbnkgnpjkfhinclbigj - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[30-05-2012 15:56]

jbpkiefagocgkmemidfngdkamloieekf - C:\Program Files\TornTV.com\torn11.crx[]

kiplfnciaokpcennlkldkdaeaaomamof - C:\Users\Jo\AppData\Local\Torch\Plugins\TorchPlugin.crx[03-01-2013 14:24]

ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Jo\AppData\Local\Temp\ccex.crx[]

ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\14.1.0.10\avg.crx[11-02-2013 17:27]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Jo\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[]

YouTube - Jo - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

uTorrentBar_NL - Jo - Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb

Google Search - Jo - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

SiteAdvisor - Jo - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho

Freemake Video Converter - Jo - Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj

Test - Jo - Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof

Do not perform blocking on these sites: - Jo - Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij

Trackers on this page - Jo - Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Gmail - Jo - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com/"

"Search Page"="http://www.google.com"

"Search Bar"="http://www.google.com/ie"

"Default_Search_URL"="http://www.google.com/ie"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="http://www.google.com/search?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://www.google.com/ie"

"Default_Search_URL"="http://www.google.com/ie"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://www.google.com/"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{18896719-5C51-41CE-A2AC-7A7F6A01BFC0}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{06B59BC3-868F-4786-BD27-429683082018} Yahoo//search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=685749&p={searchTerms}"

{18896719-5C51-41CE-A2AC-7A7F6A01BFC0} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}"

{4B2BB6FD-1D02-4324-A8A0-6BB960A03A57} Secure-zoeken Url="http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="http://isearch.avg.com/search?cid={4343C6DD-8CE1-4437-9B13-2C1230A2D620}&mid=11f20a09197b47d0bae9d14530545d79-b602d594afd2b0b327e07a06f36ca6a7e42546d0〈=en&ds=qw011&pr=sa&d=2012-11-05"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

==== HijackThis Entries ======================

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

R3 - URLSearchHook: (no name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file)

R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120714172952.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.1.7\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dll

O23 - Service: McAfee Application Installer Cleanup (0031041360961288) (0031041360961288mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\003104~1.EXE

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Jo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Jo\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Jo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Jo\AppData\Local\Mozilla\Firefox\Profiles\2yynat80.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\Jo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Jo\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Jo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

[juisterr]

Er is behoorlijk veel verwijderd van je pc, vertel eens hoe het op het moment gaat betreffende de problemen?

[joernst]

Dag Juisterr,

Het lijkt erop dat alles prima werkt, ook heb ik de indruk dat de pc een stuk sneller is. Dus wat mij betreft is dit probleem opgelost. Tenzij jij nog bedenkingen hebt.

In elk geval bedankt

Joernst

[juisterr]

Voer sowieso nog even een volledige systeemscan uit en wijzig alle gebuikte wachtwoorden, maar dat staat hieronder verder beschreven.

De volgende programma's en bijbehorende log bestanden mag je verwijderen. MBAM en de Emsisoft Emergency Kit kan je gewoon blijven gebruiken om periodiek de computer te scannen (wel eerst updaten).

• Zoek.exe
  
• HijackThis
  

Aangezien de problemen zijn verholpen adviseer ik u nog wel even het onderstaande uit te voeren.

1.) Volledige systeemscan

Ik raad u aan om met behulp van de Emsisoft Emergency Kit nog een volledige systeemscan uit te voeren, op de onderstaande link treft u de handleiding van dit programma.

• Handleiding Emsisoft Emergency Kit
  

Mochten er nog speciale detecties zijn waarvan u niet weet wat u het beste kan doen dan kunt u uw vraag stellen in de sectie Antivirus / Antispy(mal)ware / Firewalls en overige security software

2.) Systeemherstelpunten verwijderen

Als de computer geïnfecteerd is geweest met een malware infectie is het raadzaam om alle aanwezige systeemherstelpunten te verwijderen, want hier kunnen namelijk besmette herstelpunten tussen zitten.

• Hoe u de herstelpunten verwijderd leest u hier
  

3.) Wachtwoorden wijzigen

De meeste malware maakt een uitgaande verbinding met een Command & Control-server waarbij er vertrouwelijke gegevens zoals bijvoorbeeld inloggegevens worden buitgemaakt, indien uw computer geïnfecteerd is geweest is het dan ook raadzaam om al uw gebruikte wachtwoorden te wijzigen.

Meer informatie hierover leest u hier

4.) Installeren van essentiële updates.

Hoe u uw besturingssysteem en overige software up to date houdt kunt u hier lezen.

Door middel van het programma Secunia PSI wordt u automatisch gewaarschuwd indien er updates voor de geïnstalleerde software beschikbaar is, meer informatie leest u hier

5.) Pas op voor 'Phishing' berichten.

Phishing is een vorm van internet oplichting (fraude), met valse e-mailberichten en websites die er vertrouwd uitzien wordt er getracht 'logingegevens' en andere persoonlijke informatie te achterhalen.

Dit gebeurt vaak op hele slinkse manieren, zoals bijvoorbeeld e-mailberichten waarin u gevraagd wordt uw inloggegevens te verifiëren, in deze gevallen wordt u vaak naar een valse (clone) website gestuurd, zodra u uw gegevens hier hebt ingevoerd zijn deze in de handen van de kwaadwillende met alle gevolgen van dien.

Meer informatie leest u hier

6.) Preventie informatie & het gebruik van beveiligings software.

Om de kans op een her-infectie te minimaliseren kan je naast de gebruikte beveiligingssoftware een aanvullende malwarescanner installeren zoals Emsisoft Anti-Malware of Malwarebytes' Antimalware om de bescherming te optimaliseren.

Hier staat meer informatie hoe u een infectie in de toekomst kunt voorkomen, lees dit eens op uw gemak door.