Ga naar inhoud

pop ups


Aanbevolen berichten

Hoi Help forum

Krijg vervelende pop ups in beeld

Er zijn woorden die schuin gedrukt staan als ik daar op komt te staan met mijn muis dan verschijnt er reclame

Vorig jaar ook al een keer zoiets gehad en ben door jullie super begeleid in het oplossen hiervan

Kan ik zo'n zelfde procedure nog een keer doen en willen juliie mij daar dan wat advies in geven

Groet Roel

Link naar reactie
Delen op andere sites

We zullen eerst eens nagaan of malware of virussen de oorzaak zijn van je probleem.

1. Download HijackThis. (klik er op)

De download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere PC en het bestand met een USB-stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden. Dit kan je HIER doen.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map. De logjes kan je dan ook in die map terugvinden.


2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)


3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

Link naar reactie
Delen op andere sites

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:03:29, on 29-4-2012

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.19088)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe

C:\Windows\RtHDVCpl.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Steam\Steam.exe

C:\Program Files\Olympus\ib\olycamdetect.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\ProgramData\GameXN\GameXNGO.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\sdclt.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.7.1.3\IPS\IPSBHO.DLL

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.exe" -silent

O4 - HKCU\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [GameXN (update)] "C:\ProgramData\GameXN\GameXNGO.exe" /u

O4 - HKCU\..\Run: [GameXN (news)] "C:\ProgramData\GameXN\GameXNGO.exe" /n

O4 - HKCU\..\Run: [GameXN] "C:\ProgramData\GameXN\GameXNGO.exe" /silent

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - MSN Games - Free Online Games

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - MSN Games - Free Online Games

O16 - DPF: {8BC53B30-32E4-4ED3-BEF9-DB761DB77453} (CInstallLPCtrl Object) - http://u3.sandisk.com/download/apps/LPInstaller.CAB

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--

End of file - 10288 bytes

- - - Updated - - -

Hoop dat het zo goed is gegaan

- - - Updated - - -

Hoop dat het zo goed is gegaan

Link naar reactie
Delen op andere sites

Kijk eens naar datum en uur van het logje:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:03:29, on 29-4-2012

Ofwel zijn er problemen met de datuminstelling van de PC, ofwel is dit een oud logje van HijackThis dat zich nog op de PC bevond ?

Kan je eens een actueel logje aanmaken en dit in een volgende bericht hangen.

Link naar reactie
Delen op andere sites

Sorry

Zal inderdaad een oud logje geweest zijn

Deze is beter

groet Roel

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:45:49, on 18-8-2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16502)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\ExpressFiles\EFUpdater.exe

C:\Windows\system32\taskeng.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Olympus\ib\olycamdetect.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R3 - URLSearchHook: FroggyBoss Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Froggy.dll

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL

O2 - BHO: MrFroggy - {856E12B5-22D7-4E22-9ACA-EA9A008DD65B} - C:\Program Files\Minibar\Froggy.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Minibar BHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Kango.dll

O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\coIEPlg.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll

O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\coIEPlg.dll

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.exe" -silent

O4 - HKCU\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [GameXN GO] "C:\ProgramData\GameXN\GameXNGO.exe" /startup

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Change your facebook look - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files\Minibar\MinibarButton.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - MSN Games - Free Online Games

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - MSN Games - Free Online Games

O16 - DPF: {8BC53B30-32E4-4ED3-BEF9-DB761DB77453} (CInstallLPCtrl Object) - http://u3.sandisk.com/download/apps/LPInstaller.CAB

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Bandoo Media Inc. - C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

O23 - Service: WebCake Desktop Updater - WebCake LLC - C:\Program Files\WebCake\WebCakeDesktop.Updater.exe

--

End of file - 13682 bytes

Link naar reactie
Delen op andere sites

Ga naar Start - Alle programma's - Bureauaccesoires.

Zoek het icoon van het opdrachtprompt en klik er op met de rechter muisknop en kies dan in het lijstje voor “uitvoeren als administrator” om het opdrachtprompt te openen.

Tik in: sc stop "Web Assistant Updater" en druk op Enter.

Tik in: sc delete "Web Assistant Updater" en druk op Enter.

Tik in: sc stop "WebCake Desktop Updater" en druk op Enter.

Tik in: sc delete "WebCake Desktop Updater" en druk op Enter.

Tik in: sc stop DatamngrCoordinator en druk op Enter.

Tik in: sc delete DatamngrCoordinator en druk op Enter.

Tik in exit en druk Enter.

Als je op een van deze instructies een foutmelding krijgt, ga dan gewoon door met de volgende instructie.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R3 - URLSearchHook: FroggyBoss Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Froggy.dll

O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll

O2 - BHO: MrFroggy - {856E12B5-22D7-4E22-9ACA-EA9A008DD65B} - C:\Program Files\Minibar\Froggy.dll

O2 - BHO: Minibar BHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Kango.dll

O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

O3 - Toolbar: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)

O9 - Extra button: Change your facebook look - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files\Minibar\MinibarButton.dll

O20 - AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download 51a46ae42d560-malwarebytes_anti_malware.pngMalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:

  • Update MalwareBytes' Anti-Malware
  • Start MalwareBytes' Anti-Malware
  • Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

Bij problemen!!! (Lees de onderstaande instructies)

  • Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  • Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  • Druk vervolgens op "Scannen" om de scan te starten.
  • Het scannen kan een tijdje duren, dus wees geduldig.
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  • Herstart de computer indien nodig en post hierna de log in het volgende bericht, samen met een nieuw logje van HijackThis.

Link naar reactie
Delen op andere sites

hallo kape

Alle instructies gevolgd.

Alleen is het scannen van de malware bytes anti malware in tweeen gegaan ( dacht dat het programma vastgelopen was )

allebei de logjes bij gevoegd

Malwarebytes

Databaseversie: v2012.04.29.01

Windows Vista Service Pack 1 x86 NTFS

Internet Explorer 8.0.6001.19088

QMOTION :: PC_VAN_QMOTION [administrator]

29-4-2012 14:30:11

mbam-log-2012-04-29 (14-30-11).txt

Scantype: Snelle scan

Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scanopties: P2P

Objecten gescand: 232345

Verstreken tijd: 10 minuut/minuten, 29 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 1

C:\Program Files\I Want This\I Want This.dll (Adware.GamePlayLabs) -> Zal worden verwijderd tijdens het herstarten.

Registersleutels gedetecteerd: 6

HKCR\Interface\{66666666-6666-6666-6666-660066226658} (Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\CrossriderApp0002258.BHO.1 (PUP.CrossFire.Gen) -> Succesvol in quarantaine geplaatst en verwijderd.

HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> Succesvol in quarantaine geplaatst en verwijderd.

HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 4

C:\Users\QMOTION\Local Settings\Application Data\I Want This (Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\QMOTION\Local Settings\Application Data\I Want This\Chrome (Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\QMOTION\AppData\Local\I Want This (Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\QMOTION\AppData\Local\I Want This\Chrome (Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd.

Bestanden gedetecteerd: 1

C:\Program Files\I Want This\I Want This.dll (Adware.GamePlayLabs) -> Zal worden verwijderd tijdens het herstarten.

(einde)Malwarebytes Anti-Malware 1.75.0

Databaseversie: v2013.08.19.04

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

QMOTION :: PC_VAN_QMOTION [administrator]

19-8-2013 20:38:05

mbam-log-2013-08-19 (20-38-05).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 268499

Verstreken tijd: 5 minuut/minuten, 20 seconde(n)

Geheugenprocessen gedetecteerd: 1

C:\Program Files\Web Assistant\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> 3964 -> Zal worden verwijderd tijdens het herstarten.

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 9

C:\Users\QMOTION\AppData\Roaming\DealPly (PUP.Optional.DealPly.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\QMOTION\AppData\Roaming\DealPly\UpdateProc (PUP.Optional.DealPly.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly (PUP.Optional.DealPly.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc (PUP.Optional.DealPly.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Cache (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd.

Bestanden gedetecteerd: 1

C:\Program Files\Web Assistant\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> Zal worden verwijderd tijdens het herstarten.

(einde)Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:02:20, on 19-8-2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16502)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\ExpressFiles\EFUpdater.exe

C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe

C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Olympus\ib\olycamdetect.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\coIEPlg.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\coIEPlg.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [GameXN GO] "C:\ProgramData\GameXN\GameXNGO.exe" /startup

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - MSN Games - Free Online Games

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - MSN Games - Free Online Games

O16 - DPF: {8BC53B30-32E4-4ED3-BEF9-DB761DB77453} (CInstallLPCtrl Object) - http://u3.sandisk.com/download/apps/LPInstaller.CAB

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--

End of file - 11895 bytes

aangepast door kape
dubbellog verwijderd
Link naar reactie
Delen op andere sites

Download adwcleaner.pngAdwCleaner by Xplode naar het bureaublad.

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Klik vervolgens op Verwijderen.
  • Klik bij AdwCleaner – Informatie op OK
  • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.

Nadat de PC opnieuw is opgestart, opent een logfile.

Post aansluitend de inhoud van dit log in je volgende bericht.

Link naar reactie
Delen op andere sites

Als ik adw cleaner aanklik download hij het progamma en opent het progamma

is het dan de bedoeling dat ik eerst een scan maakt en die dan later met de button clean opschoon

bijgaand een logje van de scan die adw cleaner gemaakt heeft

AdwCleaner v3.000 - Report created 20/08/2013 at 19:14:01

# Updated 20/08/2013 by Xplode

# Operating System : Windows Vista Home Basic Service Pack 2 (32 bits)

# Username : QMOTION - PC_VAN_QMOTION

# Running from : C:\Users\QMOTION\Downloads\adwcleaner (1).exe

# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\user.js

File Found : C:\Windows\System32\Tasks\Dealply

File Found : C:\Windows\System32\Tasks\DealPlyUpdate

Folder Found : C:\Users\QMOTION\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Folder Found C:\Program Files\Conduit

Folder Found C:\Program Files\DealPly

Folder Found C:\Program Files\ExpressFiles

Folder Found C:\Program Files\I Want This

Folder Found C:\Program Files\LayoutsExpress

Folder Found C:\Program Files\Minibar

Folder Found C:\Program Files\TornTV.com

Folder Found C:\Program Files\vShare

Folder Found C:\Program Files\Web Assistant

Folder Found C:\Program Files\WebCake

Folder Found C:\Program Files\WiseConvert

Folder Found C:\ProgramData\Babylon

Folder Found C:\Users\QMOTION\AppData\Local\Babylon

Folder Found C:\Users\QMOTION\AppData\Local\Conduit

Folder Found C:\Users\QMOTION\AppData\Local\Minibar

Folder Found C:\Users\QMOTION\AppData\LocalLow\BabylonToolbar

Folder Found C:\Users\QMOTION\AppData\LocalLow\Conduit

Folder Found C:\Users\QMOTION\AppData\LocalLow\iac

Folder Found C:\Users\QMOTION\AppData\LocalLow\ilividmoviestoolbardla

Folder Found C:\Users\QMOTION\AppData\LocalLow\incredibar.com

Folder Found C:\Users\QMOTION\AppData\LocalLow\Minibar

Folder Found C:\Users\QMOTION\AppData\LocalLow\PriceGong

Folder Found C:\Users\QMOTION\AppData\LocalLow\vShare

Folder Found C:\Users\QMOTION\AppData\LocalLow\WiseConvert

Folder Found C:\Users\QMOTION\AppData\Roaming\Babylon

Folder Found C:\Users\QMOTION\AppData\Roaming\eType

Folder Found C:\Users\QMOTION\AppData\Roaming\ExpressFiles

Folder Found C:\Users\QMOTION\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com

Folder Found C:\Users\QMOTION\AppData\Roaming\WebCake

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\1ClickDownload

Key Found : HKCU\Software\APN DTX

Key Found : HKCU\Software\AppDataLow\Software\Conduit

Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Found : HKCU\Software\AppDataLow\Software\Crossrider

Key Found : HKCU\Software\AppDataLow\Software\I Want This

Key Found : HKCU\Software\AppDataLow\Software\PriceGong

Key Found : HKCU\Software\AppDataLow\Software\SmartBar

Key Found : HKCU\Software\AppDataLow\Software\WiseConvert

Key Found : HKCU\Software\AppDataLow\Toolbar

Key Found : HKCU\Software\DataMngr

Key Found : HKCU\Software\DealPly

Key Found : HKCU\Software\DSNR Labs

Key Found : HKCU\Software\ExpressFiles

Key Found : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Key Found : HKCU\Software\ilivid

Key Found : HKCU\Software\ilividmoviestoolbardla

Key Found : HKCU\Software\IM

Key Found : HKCU\Software\ImInstaller

Key Found : HKCU\Software\InstallCore

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\I Want This

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilividmoviestoolbardlaIE

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\LayoutsExpress

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\vShare

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WiseConvert Toolbar

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly

Key Found : HKCU\Software\Minibar

Key Found : HKCU\Software\Softonic

Key Found : HKCU\Software\vShare

Key Found : HKCU\Software\YahooPartnerToolbar

Key Found : HKLM\Software\Babylon

Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL

Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{D6598005-A921-4F83-B6E6-F4F030D1BF37}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject

Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1

Key Found : HKLM\SOFTWARE\Classes\Interface\{0F6ECBD3-98B1-4044-8520-69407A70C83C}

Key Found : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D}

Key Found : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}

Key Found : HKLM\SOFTWARE\Classes\Interface\{8A41F062-A222-4322-A8C4-26218BE869B9}

Key Found : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C0207057-3461-4F7F-B689-D016B7A03964}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C6A61AAE-D30B-4E7A-A3D8-8A34E5BA3414}

Key Found : HKLM\SOFTWARE\Classes\Prod.cap

Key Found : HKLM\SOFTWARE\Classes\Prod.cap

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3E315C81-442B-431C-AEC8-ED189699EC24}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4F9AD2F2-3A64-470E-93F7-A03423E52ACA}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A7C2FCDD-0359-49DD-8339-BE2A5BD60918}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}

Key Found : HKLM\SOFTWARE\Classes\vShare.IMedixProtocol

Key Found : HKLM\SOFTWARE\Classes\vShare.IMedixProtocol.1

Key Found : HKLM\SOFTWARE\Classes\vShare.PugiObj

Key Found : HKLM\SOFTWARE\Classes\vShare.PugiObj.1

Key Found : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers

Key Found : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers.1

Key Found : HKLM\Software\Conduit

Key Found : HKLM\Software\DataMngr

Key Found : HKLM\Software\DealPly

Key Found : HKLM\Software\ExpressFiles

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{043C5167-00BB-4324-AF7E-62013FAEDACF}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F698BB0-6240-42F8-97EC-BAFE3D73EAAD}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9249228F-AF2D-40A4-BE28-9A7E99CC316D}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Dealply

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\DealPlyUpdate

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\Dealply

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\DealPlyUpdate

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbardlaIE

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LayoutsExpress

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\vShare

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WiseConvert Toolbar

Key Found : HKLM\Software\Minibar

Key Found : HKLM\Software\Tarma Installer

Key Found : HKLM\Software\Web Assistant

Key Found : HKLM\Software\WiseConvert

Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{043C5167-00BB-4324-AF7E-62013FAEDACF}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]

Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]

Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]

Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16502

-\\ Mozilla Firefox v

[ File : C:\Users\QMOTION\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js ]

-\\ Google Chrome v28.0.1500.95

[ File : C:\Users\QMOTION\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage

Found : urls_to_restore_on_startup

Found : homepage

Found : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [13241 octets] - [20/08/2013 19:03:59]

AdwCleaner[R1].txt - [13096 octets] - [20/08/2013 19:14:01]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [13157 octets] ##########

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.