Mededeling

Collapse
No announcement yet.

computer erg traag. ook rare start pagina

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • computer erg traag. ook rare start pagina

    mbam

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Databaseversie: v2013.09.12.08

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    bor :: TANTEGAB [administrator]

    12-9-2013 18:05:21
    mbam-log-2013-09-12 (18-05-21).txt

    Scan type: Snelle scan
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 213552
    Verstreken tijd: 12 minuut/minuten, 52 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 13
    HKCR\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\esrv.BabylonESrvc.1 (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\esrv.BabylonESrvc (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\b (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\Typelib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\BabylonToolbar (PUP.Optional.Babylon.A) -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 1
    C:\Users\bor\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Succesvol in quarantaine geplaatst en verwijderd.

    Bestanden gedetecteerd: 3
    C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\bor\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Succesvol in quarantaine geplaatst en verwijderd.

    (einde)

    DDS

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16502 BrowserJavaVersion: 10.10.2
    Run by bor at 18:47:23 on 2013-09-12
    Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.2039.651 [GMT 2:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
    C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
    C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Program Files (x86)\Ask.com\Updater\Updater.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\taskeng.exe
    C:\Users\bor\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\bor\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\bor\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\bor\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\bor\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\bor\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\bor\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.nl/
    uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    mWinlogon: Userinit = userinit.exe,
    BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
    BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
    TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll
    TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [Google Update] "C:\Users\bor\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    StartupFolder: C:\Users\bor\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {DA58ACA7-18A6-403A-93DA-6E4172D43709} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 212.54.40.25 212.54.35.25
    TCP: Interfaces\{BB75D2E8-D274-4CC1-A707-2BE0539070AE} : DHCPNameServer = 212.54.40.25 212.54.35.25
    TCP: Interfaces\{BB75D2E8-D274-4CC1-A707-2BE0539070AE}\847463535344D2833353643444 : DHCPNameServer = 192.168.1.1 192.168.1.1
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll
    SSODL: WebCheck - <orphaned>
    x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
    x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
    x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
    x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-11-8 307040]
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-4-11 384800]
    R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-12-6 45856]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-11-2 5174392]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
    R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-12-6 711112]
    R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [2013-9-1 1643184]
    R3 ATSwpWDF;AuthenTec TruePrint WBF Driver;C:\Windows\System32\drivers\ATSwpWDF.sys [2012-8-30 1109296]
    R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-12-10 127328]
    R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]
    R3 netw5v64;Stuurprogramma voor Intel(R) Wireless WiFi Link 5000 Series-adapter voor 64-bits Windows Vista;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-5 59392]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-8 1255736]
    .
    =============== Created Last 30 ================
    .
    2013-09-12 16:04:32 -------- dc----w- C:\Users\bor\AppData\Roaming\Malwarebytes
    2013-09-12 16:04:12 -------- dc----w- C:\ProgramData\Malwarebytes
    2013-09-12 16:04:08 25928 -c--a-w- C:\Windows\System32\drivers\mbam.sys
    2013-09-12 16:04:08 -------- dc----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-09-12 16:03:45 -------- dc----w- C:\Users\bor\AppData\Local\Programs
    2013-09-12 15:37:39 -------- dc----w- C:\Program Files\CCleaner
    2013-09-10 16:14:10 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
    2013-09-10 16:14:09 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
    2013-09-10 16:14:04 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2013-09-10 16:14:03 1643520 ----a-w- C:\Windows\System32\DWrite.dll
    2013-09-02 18:36:15 -------- dc----w- C:\foto's
    2013-09-02 18:30:30 -------- dc----w- C:\Windows\System32\appmgmt
    2013-09-01 15:10:59 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
    2013-09-01 14:55:37 -------- dc----w- C:\Windows\System32\MRT
    2013-09-01 12:10:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
    2013-09-01 12:10:19 224256 ----a-w- C:\Windows\System32\wintrust.dll
    2013-09-01 12:10:19 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
    2013-09-01 12:10:19 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
    2013-09-01 12:10:16 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
    2013-09-01 12:10:16 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
    2013-09-01 12:10:16 139776 ----a-w- C:\Windows\System32\cryptnet.dll
    2013-09-01 12:10:16 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
    .
    ==================== Find3M ====================
    .
    2013-09-10 16:33:13 71048 -c--a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-09-10 16:33:13 692616 -c--a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-09-01 15:10:59 1175552 ----a-w- C:\Windows\System32\FntCache.dll
    2013-09-01 11:43:41 45856 -c--a-w- C:\Windows\System32\drivers\avgtpx64.sys
    2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
    2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
    2013-07-25 03:37:25 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2013-07-25 03:30:49 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2013-07-25 03:29:41 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2013-07-25 03:28:46 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2013-07-25 03:28:31 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2013-07-25 03:27:20 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-07-25 02:32:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-07-25 02:26:10 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-07-25 02:25:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2013-07-25 02:23:59 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2013-07-25 02:23:58 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2013-07-25 02:22:35 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
    2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
    2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
    2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
    2012-12-05 16:29:41 4096000 -c--a-w- C:\Program Files (x86)\GUTFE0E.tmp
    .
    ============= FINISH: 18:49:11,04 ===============

    Gmer

    GMER 2.1.19163 - http://www.gmer.net
    Rootkit scan 2013-09-12 19:05:03
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2 Hitachi_HTS541680J9SA00 rev.SB2OC7BP 74,53GB
    Running: 2eebwsj1.exe; Driver: C:\Users\bor\AppData\Local\Temp\uwliipow.sys


    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077b21465 2 bytes [B2, 77]
    .text C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077b214bb 2 bytes [B2, 77]
    .text ... * 2
    .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2528] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077b21465 2 bytes [B2, 77]
    .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[2528] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077b214bb 2 bytes [B2, 77]
    .text ... * 2
    .text C:\Program Files (x86)\AVG\AVG2012\avgtray.exe[2652] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077b21465 2 bytes [B2, 77]
    .text C:\Program Files (x86)\AVG\AVG2012\avgtray.exe[2652] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077b214bb 2 bytes [B2, 77]
    .text ... * 2
    .text C:\Program Files (x86)\AVG Secure Search\vprot.exe[2716] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000077b21465 2 bytes [B2, 77]
    .text C:\Program Files (x86)\AVG Secure Search\vprot.exe[2716] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 0000000077b214bb 2 bytes [B2, 77]
    .text ... * 2
    .text C:\Program Files (x86)\Ask.com\Updater\Updater.exe[2080] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077b21465 2 bytes [B2, 77]
    .text C:\Program Files (x86)\Ask.com\Updater\Updater.exe[2080] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077b214bb 2 bytes [B2, 77]
    .text ... * 2

    ---- Threads - GMER 2.1 ----

    Thread [344:352] 000007feffa56e50
    Thread [344:364] 000007feff9b4d00
    Thread [344:376] 000007feff8d3b90
    Thread [344:380] 000007feff8d3b90
    Thread [344:396] 000007feff8d3b90
    Thread [344:412] 000007feff8d3b90
    Thread [344:424] 000007feff8d3b90
    Thread [344:456] 000007feff8d3b90
    Thread [344:468] 000007feff8d3b90
    Thread [344:480] 000007feff8d3b90
    Thread [344:492] 000007feff8d3b90
    Thread [344:504] 000007feff8d3b90
    Thread [344:4084] 000007feff9b4d00
    Thread [344:4088] 000007feff9b4d00
    Thread [344:4092] 000007feff9b4d00
    Thread [344:2420] 000007feff9b4d00
    Thread [344:2380] 000007feff9b4d00
    Thread [344:2356] 000007feff9b4d00
    Thread [344:3088] 000007feff9b4d00
    Thread [344:2632] 000007feff9b4d00
    Thread [344:2424] 000007feff9b4d00
    Thread [344:2696] 000007feff9b4d00

    ---- Registry - GMER 2.1 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001a6bedc440
    Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\[email protected] 517
    Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{BB75D2E8-D274-4CC1-A707-2BE0539070AE}@LeaseObtainedTime 1379005125
    Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{BB75D2E8-D274-4CC1-A707-2BE0539070AE}@T1 1379006925
    Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{BB75D2E8-D274-4CC1-A707-2BE0539070AE}@T2 1379008275
    Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{BB75D2E8-D274-4CC1-A707-2BE0539070AE}@LeaseTerminatesTime 1379008725
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001a6bedc440 (not active ControlSet)

    ---- EOF - GMER 2.1 ----

  • #2
    Download Zoek.zip naar het bureaublad.
    1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
    2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

    • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
    • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
      Code:
      emptyclsid;
      firefoxlook; 
      Chromelook; 
      CHRdefaults;
      autoclean; 
      iedefaults; 
      filesrcm;
    • Klik nu op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht als bijlage.
    Last edited by Juisterr; 12-09-13, 19:26.

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      hierbij het logje als bijlage:
      Bijgevoegde Bestanden

      Comment


      • #4
        Vertel eens hoe het nu gaat ?

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          hoi

          gaat stukken beter geloof ik,
          hij hapert niet echt meer.

          dankjewel

          Comment


          • #6
            Download AdwCleaner by Xplode naar het bureaublad.
            • Sluit alle openstaande vensters.
            • Dubbelklik op AdwCleaner om hem te starten.
            • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
            • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
            • Klik vervolgens op Scan.
            • Klik vervolgens op Clean als er items zijn gevonden.
            • Klik bij Herstarten Noodzakelijk op OK


            Nadat de PC opnieuw is opgestart, opent meestal een logfile.
            Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[R1].txt.
            Post aansluitend de inhoud van dit log in je volgende bericht.





            Download Delfix by Xplode naar het bureaublad.

            Dubbelklik op Delfix.exe om de tool te starten.
            Zet nu vinkjes voor de volgende items:
            • Activate UAC
            • Remove disinfection tools
            • Create registry backup
            • Purge System Restore
            • Reset system settings

            Klik nu op "Run" en wacht geduldig tot de tool gereed is.
            Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              # AdwCleaner v3.004 - Report created 15/09/2013 at 12:13:52
              # Updated 15/09/2013 by Xplode
              # Operating System : Windows 7 Professional Service Pack 1 (64 bits)
              # Username : bor - TANTEGAB
              # Running from : C:\Users\bor\Downloads\adwcleaner.exe
              # Option : Scan

              ***** [ Services ] *****


              ***** [ Files / Folders ] *****

              Folder Found : C:\Users\bor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
              Folder Found : C:\Users\bor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
              Folder Found C:\Program Files (x86)\AVG Secure Search
              Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
              Folder Found C:\ProgramData\AVG Secure Search
              Folder Found C:\Users\bor\AppData\Local\AVG Secure Search
              Folder Found C:\Users\bor\AppData\LocalLow\AVG Secure Search

              ***** [ Shortcuts ] *****


              ***** [ Registry ] *****

              Key Found : HKCU\Software\APN
              Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
              Key Found : HKCU\Software\AppDataLow\Software\Conduit
              Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
              Key Found : HKCU\Software\AppDataLow\Software\PriceGong
              Key Found : HKCU\Software\AppDataLow\Software\SmartBar
              Key Found : HKCU\Software\Ask.com
              Key Found : HKCU\Software\AVG Secure Search
              Key Found : HKCU\Software\Conduit
              Key Found : HKCU\Software\IGearSettings
              Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
              Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
              Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
              Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
              Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
              Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
              Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
              Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
              Key Found : [x64] HKCU\Software\APN
              Key Found : [x64] HKCU\Software\Ask.com
              Key Found : [x64] HKCU\Software\AVG Secure Search
              Key Found : [x64] HKCU\Software\Conduit
              Key Found : [x64] HKCU\Software\IGearSettings
              Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
              Key Found : HKLM\Software\APN
              Key Found : HKLM\Software\AskToolbar
              Key Found : HKLM\Software\AVG Secure Search
              Key Found : HKLM\Software\AVG Security Toolbar
              Key Found : HKLM\Software\Babylon
              Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
              Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
              Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
              Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
              Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
              Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
              Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
              Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
              Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
              Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
              Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
              Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
              Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
              Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
              Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
              Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
              Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
              Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
              Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
              Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
              Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
              Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
              Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
              Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
              Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
              Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
              Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
              Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
              Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
              Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
              Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
              Key Found : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
              Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
              Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
              Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
              Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
              Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
              Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
              Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
              Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
              Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
              Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
              Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
              Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
              Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
              Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
              Key Found : HKLM\SOFTWARE\Classes\Prod.cap
              Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
              Key Found : HKLM\SOFTWARE\Classes\S
              Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
              Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
              Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2865317
              Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
              Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
              Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
              Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
              Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
              Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
              Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
              Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
              Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
              Key Found : HKLM\Software\Conduit
              Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
              Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
              Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
              Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
              Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
              Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
              Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
              Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
              Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
              Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
              Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
              Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
              Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
              Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
              Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
              Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
              Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
              Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
              Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
              Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
              Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
              Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
              Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
              Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
              Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]

              ***** [ Browsers ] *****

              -\\ Internet Explorer v9.0.8112.16506


              -\\ Google Chrome v

              [ File : C:\Users\bor\AppData\Local\Google\Chrome\User Data\Default\preferences ]


              *************************

              AdwCleaner[R0].txt - [11219 octets] - [15/09/2013 12:13:52]

              ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [11280 octets] ##########



              # AdwCleaner v3.004 - Report created 15/09/2013 at 12:14:41
              # Updated 15/09/2013 by Xplode
              # Operating System : Windows 7 Professional Service Pack 1 (64 bits)
              # Username : bor - TANTEGAB
              # Running from : C:\Users\bor\Downloads\adwcleaner.exe
              # Option : Clean

              ***** [ Services ] *****


              ***** [ Files / Folders ] *****

              Folder Deleted : C:\ProgramData\AVG Secure Search
              Folder Deleted : C:\Program Files (x86)\AVG Secure Search
              Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
              Folder Deleted : C:\Users\bor\AppData\Local\AVG Secure Search
              Folder Deleted : C:\Users\bor\AppData\LocalLow\AVG Secure Search
              Folder Deleted : C:\Users\bor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
              Folder Deleted : C:\Users\bor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

              ***** [ Shortcuts ] *****


              ***** [ Registry ] *****

              Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
              Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
              Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
              Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
              Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
              Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
              Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
              Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
              Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
              Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
              Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
              Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
              Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
              Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
              Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
              Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
              Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
              Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
              Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
              Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
              Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
              Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
              Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
              Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
              Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
              Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
              Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
              Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
              Key Deleted : HKLM\SOFTWARE\Classes\S
              Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
              Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
              Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
              Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
              Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
              Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
              Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
              Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
              Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
              Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
              Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
              Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2865317
              Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
              Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
              Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
              Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
              Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
              Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
              Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
              Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
              Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
              Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
              Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
              Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
              Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
              Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
              Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
              Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
              Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
              Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
              Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
              Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
              Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
              Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
              Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
              Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
              Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
              Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
              Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
              Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
              Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
              Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
              Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
              Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
              Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
              Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
              Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
              Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
              Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
              Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
              Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
              Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
              Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
              Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
              Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
              Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
              Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
              Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
              Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
              Key Deleted : HKCU\Software\APN
              Key Deleted : HKCU\Software\Ask.com
              Key Deleted : HKCU\Software\AVG Secure Search
              Key Deleted : HKCU\Software\Conduit
              Key Deleted : HKCU\Software\IGearSettings
              Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
              Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
              Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
              Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
              Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
              Key Deleted : HKLM\Software\APN
              Key Deleted : HKLM\Software\AskToolbar
              Key Deleted : HKLM\Software\AVG Secure Search
              Key Deleted : HKLM\Software\AVG Security Toolbar
              Key Deleted : HKLM\Software\Babylon
              Key Deleted : HKLM\Software\Conduit
              Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
              Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
              Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
              Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
              Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar

              ***** [ Browsers ] *****

              -\\ Internet Explorer v9.0.8112.16506


              -\\ Google Chrome v

              [ File : C:\Users\bor\AppData\Local\Google\Chrome\User Data\Default\preferences ]


              *************************

              AdwCleaner[R0].txt - [11397 octets] - [15/09/2013 12:13:52]
              AdwCleaner[S0].txt - [11255 octets] - [15/09/2013 12:14:41]

              ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11316 octets] ##########

              Comment


              • #8
                Het gaat vast al beter nu?

                Windows 10 opstarten in Veilige Modus

                Comment

                Sorry, you are not authorized to view this page
                Working...
                X