Hallo

Welkom, Gast. Alsjeblieft inloggen of registreren.

Recent

350 gasten, 0 leden

Welkom, Gast. Alsjeblieft inloggen of registreren.

29 maart 2024, 15:35:28

Login met gebruikersnaam, wachtwoord en sessielengte

Nieuws

Welkom op het vernieuwde NL Computer Forum!

Auteur Topic: continue pop-up beveiliging melding  (gelezen 20723 keer)

0 leden en 1 gast bekijken dit topic.

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #15 Gepost op: 11 juni 2013, 00:00:17 »
OTL Extras logfile created on: 10-6-2013 21:34:45 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Alissa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
 
3,80 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 65,40% Memory free
7,61 Gb Paging File | 5,91 Gb Available in Paging File | 77,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,01 Gb Total Space | 170,01 Gb Free Space | 37,70% Space Free | Partition Type: NTFS
 
Computer Name: ALISSA-PC | User Name: Alissa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2377495357-3556135038-2084699557-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC49FE5E-94E9-442E-A0AB-1954905B49A5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0646E7CD-1568-436B-AACB-BC187FEFC56D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{11B51EA1-53DD-4AF4-8D2F-E1B2E7EE2589}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{11C6A6B5-0D01-47F2-AA29-7D4983956C54}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{15443025-10F0-4594-A7F1-C22301B7B973}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{1F84E327-4D03-4655-8096-8F0ADEC80055}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{1FED4922-2921-42C5-91DD-24D0C787E594}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{392ECA58-306A-42FA-8E31-CBA74479AF5D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3D176969-BB23-44FD-8DD6-850D491DBFA3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{43029389-6B4A-4243-ADCD-01591C785560}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{4BAD72B1-932F-4E3E-AE7B-F6767A8A3C0A}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{4D8A6BBA-E397-45FF-BD53-D5AD40AD6CE2}" = dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{8194BBDB-5D7C-46C0-AD47-17906729C77E}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{870F3A2E-1730-4838-B966-4024E8A73B71}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{B9605D1B-72DD-4CB6-9CF9-F4FB23EA2BA5}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E07B7763-64DA-44F3-8AC4-40937ACA60B2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FC671EF2-4E8C-4C0E-A0DA-379205F0A71B}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2BEEFC95-A6FD-4B73-A998-EEDFF00DDE63}" = EasylifeGadget
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{44C6BB22-7E25-4A6D-8851-6FB26407D9C1}" = HP Deskjet 1050 J410 series Productverbeteringsonderzoek
"{4567EA14-6BCA-3EF9-859B-92CE48B1D704}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7FCDABCC-1A1E-4D61-909D-BA9495172774}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2007
"{ACE9FB2A-31A5-4285-9510-43F1636EAB21}" = EasyLife Gadget
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA37D2E8-0A8B-46D2-A74A-310F935DE920}" = HP Deskjet 1050 J410 series Basissoftware van het apparaat
"8461-7759-5462-8226" = Vuze
"EasylifeGadget Updater" =
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #16 Gepost op: 11 juni 2013, 00:00:39 »
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F9224B1-9331-4D56-A21B-6D4747F6ACB4}" = iRip
"{3CF4CE35-9FD5-40F1-9A8C-4E2D448132DF}" = SearchMe Toolbar v7.1
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{56CCBC54-8CEE-479F-9302-E0651BCBA13D}" = Nancy Drew: Tomb of the Lost Queen
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Haelp
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{65135558-F1AE-4B9B-8C0B-180730ACA261}" = Garmin Express
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{876AB032-B2A4-41FF-AF87-DBC78454C1B0}" = Garmin Update Service
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0413-1000-0000000FF1CE}_PROHYBRIDR_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{93765DFA-8A67-41FB-9FC0-B12341CA65F3}" = Elevated Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{AC76BA86-7AD7-1043-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Nederlands
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C233BCC3-29C4-49C0-B955-0A94509FC4FC}" = Garmin Express Tray
"{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" = SearchNewTab
"{CC7341D8-5CBC-4A2B-8442-6846027A7A79}" = Nancy Drew: The Deadly Device
"{D6A0DD73-6EF2-9A8D-6F60-4F338F922B37}" = BBC iPlayer Desktop
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{e47a5c85-88a2-47d2-b380-fc2e763c2e6d}" = Garmin Express
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"BFGC" = Big Fish Games: Game Manager
"BFG-Fear For Sale - Nightmare Cinema" = Fear For Sale: Nightmare Cinema
"BFG-Nancy Drew - Alibi in Ashes" = Nancy Drew: Alibi in Ashes
"BFG-Vampire Legends - The True Story of Kisilova" = Vampire Legends: The True Story of Kisilova
"BFG-World Mosaics 6" = World Mosaics 6
"HP Photo Creations" = HP Photo Creations
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.75.0.1300
"Mozilla Firefox 21.0 (x86 nl)" = Mozilla Firefox 21.0 (x86 nl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROHYBRIDR" = 2007 Microsoft Office system
"Raptr" = Raptr
"SP_d33a5824" = EasyLife Search 1.74
"VLC media player" = VLC media player 2.0.6
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 4.0.6
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2377495357-3556135038-2084699557-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
"CopyTrans Suite" = CopyTrans Suite Alleen Verwijderen
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 26-5-2013 1:16:09 | Computer Name = Alissa-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16709923
 
Error - 26-5-2013 1:16:10 | Computer Name = Alissa-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 26-5-2013 1:16:10 | Computer Name = Alissa-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 16710921
 
Error - 26-5-2013 1:16:10 | Computer Name = Alissa-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16710921
 
Error - 26-5-2013 1:16:11 | Computer Name = Alissa-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 26-5-2013 1:16:11 | Computer Name = Alissa-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 16711935
 
Error - 26-5-2013 1:16:11 | Computer Name = Alissa-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16711935
 
Error - 26-5-2013 1:16:12 | Computer Name = Alissa-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 26-5-2013 1:16:12 | Computer Name = Alissa-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 16712934
 
Error - 26-5-2013 1:16:12 | Computer Name = Alissa-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16712934
 
[ System Events ]
Error - 10-6-2013 16:03:39 | Computer Name = Alissa-PC | Source = atapi | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort0.
 
Error - 10-6-2013 16:03:39 | Computer Name = Alissa-PC | Source = atapi | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort0.
 
Error - 10-6-2013 16:03:39 | Computer Name = Alissa-PC | Source = atapi | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort0.
 
Error - 10-6-2013 16:03:39 | Computer Name = Alissa-PC | Source = atapi | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort0.
 
Error - 10-6-2013 16:03:39 | Computer Name = Alissa-PC | Source = atapi | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort0.
 
Error - 10-6-2013 16:36:21 | Computer Name = Alissa-PC | Source = atapi | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort0.
 
Error - 10-6-2013 16:36:21 | Computer Name = Alissa-PC | Source = atapi | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort0.
 
Error - 10-6-2013 16:36:21 | Computer Name = Alissa-PC | Source = atapi | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort0.
 
Error - 10-6-2013 16:36:21 | Computer Name = Alissa-PC | Source = atapi | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort0.
 
Error - 10-6-2013 16:36:21 | Computer Name = Alissa-PC | Source = atapi | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort0.
 
 
< End of report >

Offline Peter

  • Sysop
  • *****
  • Berichten: 5.683
  • Geslacht: Man
Re: continue pop-up beveiliging melding
« Reactie #17 Gepost op: 11 juni 2013, 00:20:24 »
Ok, prima.
Hier kunnen we wat mee :).

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #18 Gepost op: 11 juni 2013, 00:22:01 »
nou ik kan er nog steeds niets mee...;)

Offline Peter

  • Sysop
  • *****
  • Berichten: 5.683
  • Geslacht: Man
Re: continue pop-up beveiliging melding
« Reactie #19 Gepost op: 11 juni 2013, 00:26:13 »
Even geduld, Het uitpluizen neemt wat tijd in beslag.
Eerst maar eens slapen, welterusten alvast.

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #20 Gepost op: 11 juni 2013, 00:35:23 »
geen probleem! alvast bedankt!

Offline Peter

  • Sysop
  • *****
  • Berichten: 5.683
  • Geslacht: Man
Re: continue pop-up beveiliging melding
« Reactie #21 Gepost op: 11 juni 2013, 19:11:45 »
Hoi Alissa,

Doe nu het volgende:

Stap 1:
De-installeer via Configuratiescherm - Programma's en onderdelen, indien aanwezig:
(Lukt de-installeren van een item niet, ga dan verder met het volgende item.)
    EasylifeGadget
    EasyLife Gadget
    EasyLife Search 1.74
    SearchMe Toolbar v7.1
    SearchNewTab
    TornTV
Herstart je computer.

Stap 2:
Start OTL opnieuw.
Plak in het veld Custom Scans/Fixes het volgende:
:OTL
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchy.easylifeapp.com/?pid=388&src=ie1&r=2013/06/10&hid=1943649385&lg=EN&cc=GB
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}: "URL" = http://searchy.easylifeapp.com/?q={searchTerms}&pid=388&src=ie2&r=2013/06/10&hid=1943649385&lg=EN&cc=GB
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2377495357-3556135038-2084699557-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchy.easylifeapp.com/?pid=388&src=ie1&r=2013/06/10&hid=1943649385&lg=EN&cc=GB
IE - HKU\S-1-5-21-2377495357-3556135038-2084699557-1000\..\SearchScopes,DefaultScope = {01bd49d7-c76b-4310-8beb-14d7e5f322c6}
IE - HKU\S-1-5-21-2377495357-3556135038-2084699557-1000\..\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}: "URL" = http://searchy.easylifeapp.com/?q={searchTerms}&pid=388&src=ie2&r=2013/06/10&hid=1943649385&lg=EN&cc=GB
IE - HKU\S-1-5-21-2377495357-3556135038-2084699557-1000\..\SearchScopes\{D859E822-3CD6-4658-84FD-C3A37832F8F9}: "URL" = http://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=888596&p={searchTerms}

FF - prefs.js..browser.search.defaultenginename: "EasyLife"
FF - prefs.js..browser.search.defaultenginename,S: S", "EasyLife"
FF - prefs.js..browser.search.defaulturl: "http://searchy.easylifeapp.com/?pid=388&src=ff2&r=2013/06/10&hid=1943649385&lg=EN&cc=GB&l=1&q="
FF - prefs.js..browser.search.order.1: "EasyLife"
FF - prefs.js..browser.search.order.1,S: S", "EasyLife"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=888596"
FF - prefs.js..browser.search.selectedEngine: "EasyLife"
FF - prefs.js..browser.search.selectedEngine,S: S", "EasyLife"
FF - prefs.js..keyword.URL: "http://searchy.easylifeapp.com/?pid=388&src=ff2&r=2013/06/10&hid=1943649385&lg=EN&cc=GB&l=1&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - user.js - File not found

[2013-06-10 21:02:02 | 000,000,000 | ---D | M] (SearchNewTab) -- C:\Users\Alissa\AppData\Roaming\mozilla\Firefox\Profiles\i31ypmfx.default\extensions\qzsk@eyeu.net
[2013-01-14 20:45:59 | 000,005,482 | ---- | M] () (No name found) -- C:\Users\Alissa\AppData\Roaming\mozilla\firefox\profiles\i31ypmfx.default\extensions\50f46537907fe@50f4653790837.com.xpi
[2013-02-19 15:43:35 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\Alissa\AppData\Roaming\mozilla\firefox\profiles\i31ypmfx.default\extensions\torntv@torntv.com.xpi
[2013-06-10 21:01:55 | 000,000,583 | ---- | M] () -- C:\Users\Alissa\AppData\Roaming\mozilla\firefox\profiles\i31ypmfx.default\searchplugins\EasyLife.xml
CHR - Extension: SearchNewTab = C:\Users\Alissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aehbccjhjmoijijclangcijnfclbjhge\1\
O2 - BHO: (SearchNewTab) - {D65B654A-A2D3-D974-D83C-F3B55460911A} - C:\ProgramData\SearchNewTab\51b6311fb505a.dll ()
O4 - HKLM..\Run: []  File not found
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll) -  File not found
O20 - AppInit_DLLs: (c:\progra~2\easylife\sprote~1.dll) - c:\Program Files (x86)\EasyLife\sprotector.dll ()

:Reg

:Files
[2013-06-10 21:02:00 | 000,000,000 | ---D | C] -- C:\ProgramData\StarApp
[2013-06-10 21:01:58 | 000,000,000 | ---D | C] -- C:\ProgramData\BetterSoft
[2013-06-10 21:01:57 | 000,000,000 | ---D | C] -- C:\ProgramData\SearchNewTab
[2013-06-10 21:01:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab
[2013-06-10 21:01:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EasyLife

@Alternate Data Stream - 233 bytes -> C:\ProgramData\TEMP:8BAD6F90
@Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:97CA3B9E
@Alternate Data Stream - 213 bytes -> C:\ProgramData\TEMP:E33C786A
@Alternate Data Stream - 197 bytes -> C:\ProgramData\TEMP:C5AE4E07
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:6EFFF8B9
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:98CF1A39
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:0FAE191E
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:8866C899
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:7D938C9B
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:2339C9FD
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:FD4C7AD3
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:EF0BD3A1
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:AD179392
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:09629F6E
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:BF6C4AAC
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:036AA5DD
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:5C42F64A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:0B278A1A
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:BB99F46B
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:B504E4C2
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:01F9D1B4
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:94B25DF5
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:8B480195
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:3D1D487A
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:4A5CFD3B
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:48D6EA0F
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:02172F27
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:E94FA418
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:B21F2857
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:5A068EE1
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:C00C7190
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:CB3667AF
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:59A6876B
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:234E9CC5
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:0CEE6109
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:F3A185AE
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8F6B75BF
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:460638C7
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:E517FE76
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:48BCFDB6
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:1CF1FB36
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP434342F
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:3241739E
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:CCD8056E
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:709E81D4
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:04BC9A2C
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:9524D821
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:7EB93F0E

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[createrestorepoint]
[reboot]

Klik op Run Fix.
Wacht tot OTL klaar is met fixen en herstart de computer als daarom gevraagd wordt.
Bewaar de log die verschijnt.
Kopieer en plak de inhoud in een nieuw bericht.

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #22 Gepost op: 11 juni 2013, 23:49:58 »
Cool!
Alles gedaan wat je zei, (het duurde wel even) alles behalve TornTV heb ik van pc gehaald aangezien die niet tussen het lijstje stond.

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKU\S-1-5-21-2377495357-3556135038-2084699557-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-2377495357-3556135038-2084699557-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2377495357-3556135038-2084699557-1000\Software\Microsoft\Internet Explorer\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}\ not found.
Registry key HKEY_USERS\S-1-5-21-2377495357-3556135038-2084699557-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D859E822-3CD6-4658-84FD-C3A37832F8F9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D859E822-3CD6-4658-84FD-C3A37832F8F9}\ not found.
Prefs.js: "EasyLife" removed from browser.search.defaultenginename
Prefs.js: S", "EasyLife" removed from browser.search.defaultenginename,S
Prefs.js: "http://searchy.easylifeapp.com/?pid=388&src=ff2&r=2013/06/10&hid=1943649385&lg=EN&cc=GB&l=1&q=" removed from browser.search.defaulturl
Prefs.js: "EasyLife" removed from browser.search.order.1
Prefs.js: S", "EasyLife" removed from browser.search.order.1,S
Prefs.js: "chr-greentree_ff&ilc=12&type=888596" removed from browser.search.param.yahoo-fr
Prefs.js: "EasyLife" removed from browser.search.selectedEngine
Prefs.js: S", "EasyLife" removed from browser.search.selectedEngine,S
Prefs.js: "http://searchy.easylifeapp.com/?pid=388&src=ff2&r=2013/06/10&hid=1943649385&lg=EN&cc=GB&l=1&q=" removed from keyword.URL
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.selectedEngine
Prefs.js: "" removed from browser.startup.homepage
Prefs.js: "" removed from sweetim.toolbar.previous.keyword.URL
C:\Users\Alissa\AppData\Roaming\mozilla\Firefox\Profiles\i31ypmfx.default\extensions\qzsk@eyeu.net\content folder moved successfully.
C:\Users\Alissa\AppData\Roaming\mozilla\Firefox\Profiles\i31ypmfx.default\extensions\qzsk@eyeu.net folder moved successfully.
C:\Users\Alissa\AppData\Roaming\mozilla\firefox\profiles\i31ypmfx.default\extensions\50f46537907fe@50f4653790837.com.xpi moved successfully.
C:\Users\Alissa\AppData\Roaming\mozilla\firefox\profiles\i31ypmfx.default\extensions\torntv@torntv.com.xpi moved successfully.
C:\Users\Alissa\AppData\Roaming\mozilla\firefox\profiles\i31ypmfx.default\searchplugins\EasyLife.xml moved successfully.
C:\Users\Alissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aehbccjhjmoijijclangcijnfclbjhge\1 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D65B654A-A2D3-D974-D83C-F3B55460911A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D65B654A-A2D3-D974-D83C-F3B55460911A}\ not found.
C:\ProgramData\SearchNewTab\51b6311fb505a.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\easylife\sprote~1.dll deleted successfully.
File c:\Program Files (x86)\EasyLife\sprotector.dll not found.
========== REGISTRY ==========
========== FILES ==========
File\Folder [2013-06-10 21:02:00 | 000,000,000 | ---D | C] -- C:\ProgramData\StarApp not found.
File\Folder [2013-06-10 21:01:58 | 000,000,000 | ---D | C] -- C:\ProgramData\BetterSoft not found.
File\Folder [2013-06-10 21:01:57 | 000,000,000 | ---D | C] -- C:\ProgramData\SearchNewTab not found.
File\Folder [2013-06-10 21:01:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab not found.
File\Folder [2013-06-10 21:01:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EasyLife not found.
ADS C:\ProgramData\TEMP:8BAD6F90 deleted successfully.
ADS C:\ProgramData\TEMP:97CA3B9E deleted successfully.
ADS C:\ProgramData\TEMP:E33C786A deleted successfully.
ADS C:\ProgramData\TEMP:C5AE4E07 deleted successfully.
ADS C:\ProgramData\TEMP:6EFFF8B9 deleted successfully.
ADS C:\ProgramData\TEMP:98CF1A39 deleted successfully.
ADS C:\ProgramData\TEMP:0FAE191E deleted successfully.
ADS C:\ProgramData\TEMP:8866C899 deleted successfully.
ADS C:\ProgramData\TEMP:7D938C9B deleted successfully.
ADS C:\ProgramData\TEMP:2339C9FD deleted successfully.
ADS C:\ProgramData\TEMP:FD4C7AD3 deleted successfully.
ADS C:\ProgramData\TEMP:EF0BD3A1 deleted successfully.
ADS C:\ProgramData\TEMP:AD179392 deleted successfully.
ADS C:\ProgramData\TEMP:09629F6E deleted successfully.
ADS C:\ProgramData\TEMP:BF6C4AAC deleted successfully.
ADS C:\ProgramData\TEMP:036AA5DD deleted successfully.
ADS C:\ProgramData\TEMP:5C42F64A deleted successfully.
ADS C:\ProgramData\TEMP:0B278A1A deleted successfully.
ADS C:\ProgramData\TEMP:BB99F46B deleted successfully.
ADS C:\ProgramData\TEMP:B504E4C2 deleted successfully.
ADS C:\ProgramData\TEMP:01F9D1B4 deleted successfully.
ADS C:\ProgramData\TEMP:94B25DF5 deleted successfully.
ADS C:\ProgramData\TEMP:8B480195 deleted successfully.
ADS C:\ProgramData\TEMP:3D1D487A deleted successfully.
ADS C:\ProgramData\TEMP:4A5CFD3B deleted successfully.
ADS C:\ProgramData\TEMP:48D6EA0F deleted successfully.
ADS C:\ProgramData\TEMP:02172F27 deleted successfully.
ADS C:\ProgramData\TEMP:E94FA418 deleted successfully.
ADS C:\ProgramData\TEMP:B21F2857 deleted successfully.
ADS C:\ProgramData\TEMP:5A068EE1 deleted successfully.
ADS C:\ProgramData\TEMP:C00C7190 deleted successfully.
ADS C:\ProgramData\TEMP:CB3667AF deleted successfully.
ADS C:\ProgramData\TEMP:59A6876B deleted successfully.
ADS C:\ProgramData\TEMP:234E9CC5 deleted successfully.
ADS C:\ProgramData\TEMP:0CEE6109 deleted successfully.
ADS C:\ProgramData\TEMP:F3A185AE deleted successfully.
ADS C:\ProgramData\TEMP:8F6B75BF deleted successfully.
ADS C:\ProgramData\TEMP:460638C7 deleted successfully.
ADS C:\ProgramData\TEMP:E517FE76 deleted successfully.
ADS C:\ProgramData\TEMP:48BCFDB6 deleted successfully.
ADS C:\ProgramData\TEMP:1CF1FB36 deleted successfully.
Unable to delete ADS C:\ProgramData\TEMP434342F .
ADS C:\ProgramData\TEMP:3241739E deleted successfully.
ADS C:\ProgramData\TEMP:CCD8056E deleted successfully.
ADS C:\ProgramData\TEMP:709E81D4 deleted successfully.
ADS C:\ProgramData\TEMP:04BC9A2C deleted successfully.
ADS C:\ProgramData\TEMP:9524D821 deleted successfully.
ADS C:\ProgramData\TEMP:7EB93F0E deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Alissa
->Temp folder emptied: 5310343230 bytes
->Temporary Internet Files folder emptied: 385222271 bytes
->FireFox cache emptied: 20022161 bytes
->Flash cache emptied: 152843 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 187139833 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78134 bytes
RecycleBin emptied: 24326827284 bytes
 
Total Files Cleaned = 28.829,00 mb
 
 
[EMPTYJAVA]
 
User: Alissa
 
User: All Users
 
User: Default
 
User: Default User
 
User: Public
 
Total Java Files Cleaned = 0,00 mb
 
 
[EMPTYFLASH]
 
User: Alissa
->Flash cache emptied: 0 bytes
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
Restore point Set: OTL Restore Point
 
OTL by OldTimer - Version 3.2.69.0 log created on 06112013_220243

Files\Folders moved on Reboot...
C:\Users\Alissa\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Users\Alissa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XDGO3NKB\get[1].htm scheduled to be moved on reboot.
File move failed. C:\Users\Alissa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XDGO3NKB\index[1].htm scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Offline Peter

  • Sysop
  • *****
  • Berichten: 5.683
  • Geslacht: Man
Re: continue pop-up beveiliging melding
« Reactie #23 Gepost op: 12 juni 2013, 00:14:10 »
Hoi Alissa,

Dat ruimt al lekker op.
TornTV, een dubieuze toolbar, is ook verwijdert.

Probeer of je nu Zoek.exe kan starten:
Download zoek.exe naar het bureaublad.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Windows XP gebruikers: Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers: Rechtsklik op Zoek.exe en klik op Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
standardsearch;
installedprogs;
silentrunners;
autoclean;
  • Klik nu op de knop "Run Script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Kopieer en plak de inhoud van het geopende logje in je volgend bericht.

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #24 Gepost op: 12 juni 2013, 00:41:45 »
Ook dat werkte probleemloos, top!


Zoek.exe Version 4.0.0.2 Updated 03-June-2013
Tool run by Alissa on di 11-06-2013 at 23:17:26,22.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

2007 Microsoft Office system 
Adobe AIR 
Adobe Flash Player 11 Plugin 
Adobe Reader XI (11.0.03) - Nederlands 
Apple Application Support 
Apple Mobile Device Support 
Apple Software Update 
Avira Free Antivirus 
BBC iPlayer Desktop 
Big Fish Games: Game Manager 
Bonjour 
CopyTrans Suite Alleen Verwijderen 
Dell Resource CD 
Dell System Detect 
Elevated Installer 
Fear For Sale: Nightmare Cinema 
Garmin Express 
Garmin Express Tray 
Garmin Update Service 
HP Deskjet 1050 J410 series Basissoftware van het apparaat 
HP Deskjet 1050 J410 series Haelp 
HP Deskjet 1050 J410 series Productverbeteringsonderzoek 
HP Photo Creations 
HP Update 
HPDiagnosticAlert 
IDT Audio 
iTunes 
Malwarebytes Anti-Malware versie 1.75.0.1300 
Microsoft .NET Framework 4 Client Profile 
Microsoft .NET Framework 4 Client Profile NLD Language Pack 
Microsoft Office 2007 Service Pack 3 (SP3) 
Microsoft Office Access MUI (Dutch) 2007 
Microsoft Office Excel MUI (Dutch) 2007 
Microsoft Office File Validation Add-In 
Microsoft Office Office 64-bit Components 2007 
Microsoft Office Outlook MUI (Dutch) 2007 
Microsoft Office PowerPoint MUI (Dutch) 2007 
Microsoft Office Professional Hybrid 2007 
Microsoft Office Proof (Dutch) 2007 
Microsoft Office Proof (English) 2007 
Microsoft Office Proof (French) 2007 
Microsoft Office Proof (German) 2007 
Microsoft Office Proofing (Dutch) 2007 
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) 
Microsoft Office Publisher MUI (Dutch) 2007 
Microsoft Office Shared 64-bit MUI (Dutch) 2007 
Microsoft Office Shared MUI (Dutch) 2007 
Microsoft Office Word MUI (Dutch) 2007 
Microsoft Silverlight 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 
Mozilla Firefox 21.0 (x86 nl) 
Mozilla Maintenance Service 
Nancy Drew: Alibi in Ashes 
Nancy Drew: The Deadly Device 
Nancy Drew: Tomb of the Lost Queen 
NVIDIA PhysX 
QuickTime 
Raptr 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) 
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition  
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition  
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition  
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition 
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition  
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition  
Skype Click to Call 
SkypeT 6.3 
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD 
Update for 2007 Microsoft Office System (KB967642) 
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) 
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) 
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) 
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition 
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition 
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition 
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition 
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition 
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition 
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition 
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition 
Update voor Microsoft Office Excel 2007 Help (KB963678) 
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) 
Update voor Microsoft Office Word 2007 Help (KB963665) 
Vampire Legends: The True Story of Kisilova 
VLC media player 2.0.6 
Vuze 
Windows 7 Codec Pack 4.0.6 
World Mosaics 6 

==== Running Processes ======================

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Windows\SysWOW64\C2MP\TrayMenu.exe
C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Users\Alissa\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== FireFox Fix ======================

ProfilePath: C:\Users\Alissa\AppData\Roaming\Mozilla\Firefox\Profiles\i31ypmfx.default

user.js not found
---- Lines qzsk@eyeu.net removed from prefs.js ----


---- Lines qzsk@eyeu.net modified from prefs.js ----


---- FireFox user.js and prefs.js backups ----

prefs_11-06-2013_2321_.backup

==== Deleting Files \ Folders ======================

"C:\ProgramData\SearchNewTab" deleted
"C:\Program Files (x86)\EasyLife" deleted
"C:\ProgramData\StarApp" deleted
"C:\ProgramData\SearchNewTab" deleted
"C:\ProgramData\InstallMate" deleted

==== System Specs ======================

Windows: Windows XP Home Edition Service Pack 2 (Build 2600)
Memory (RAM): 3895 MB
CPU Info: Intel(R) Pentium(R) CPU        P6000  @ 1.87GHz
CPU Speed: 1854,4 MHz
Sound Card: Luidsprekers / Koptelefoon (IDT |
Onafhankelijk (R.T.C.) koptelef |
Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: DW1501 Wireless-N WLAN Half-Mini Card
CD / DVD Drives: 1x (D: | ) D: MATSHITADVD+-RW UJ890
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 3 Button Mouse Present
Hard Disks: C:  451,0GB
Hard Disks - Free: C:  197,9GB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE | 01/09/10 | DELL   - 1072009
Time Zone: GMT (standaardtijd)
Motherboard *: Dell Inc. 0XRYW2
Internet Explorer Version: 10.0.9200.16576
Sun Java version: No Java Installed?
Country: Nederland
Language: NLD

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-06-02 20:41:20    0454F4A88EBBC0DE3C99E3ECBEFFD4EE    323988861    ----a-w-    C:\Windows\MEMORY.DMP
====== C:\Users\Alissa\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
2013-05-29 19:58:42    60FEE6F524865950EF0A40D49F969320    178688    ----a-w-    C:\Windows\SysWOW64\unrar.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-05-29 19:32:40    BA94B32024178DB58A20AA005E1BB82D    524288    ----a-w-    C:\Windows\Sysnative\ctapo32.dll
2013-05-29 19:32:40    B4F1BFD9165FDD72C03B7D9C20A39F71    601088    ----a-w-    C:\Windows\Sysnative\ctapo64.dll
2013-05-29 19:32:39    E571EABD1753F1A1474C1EA8C2AD0B36    442368    ----a-w-    C:\Windows\Sysnative\AESTEC64.dll
2013-05-29 19:32:39    C469893743E18BA547DB3C7ED98B32F5    68608    ----a-w-    C:\Windows\Sysnative\AESTAR64.dll
2013-05-29 19:32:39    8578CD6C0C1BCE8FD6C26F16F1404920    162304    ----a-w-    C:\Windows\Sysnative\AESTAC64.dll
2013-05-29 19:32:38    C9E8C68135CA9D8453C9D64899CBFBDB    57856    ----a-w-    C:\Windows\Sysnative\ctppld64.dll
2013-05-29 19:32:38    C6C53CBE1A2E06854F800993E881C8FE    564224    ----a-w-    C:\Windows\Sysnative\idt64mp1.exe
2013-05-29 19:32:38    8FFD6B88B0A488022CD258AF855BAABC    3467264    ----a-w-    C:\Windows\Sysnative\stlang64.dll
2013-05-29 19:32:38    702261F7ED392FC60D3CCB85158059FE    12800512    ----a-w-    C:\Windows\Sysnative\idtcpl64.cpl
2013-05-29 19:32:38    5F9479B2BD3575E789F06F4DEB86C9E0    90624    ----a-w-    C:\Windows\Sysnative\AESTCo64.dll
====== C:\Windows\Sysnative\drivers =====
2013-05-15 08:51:53    AF2E16242AA723F68F461B6EAE2EAD3D    983400    ----a-w-    C:\Windows\Sysnative\drivers\dxgkrnl.sys
2013-05-15 08:51:53    1F04CFB79DD5FB7694468CE3FB3DCC31    265064    ----a-w-    C:\Windows\Sysnative\drivers\dxgmms1.sys
====== C:\Windows\Tasks ======
2013-06-09 10:45:23    E157C6776E8364492B8B350E4D82B734    3114    ----a-w-    C:\Windows\Sysnative\Tasks\{A0E8EC16-3C0E-47FC-BF6B-03A12D49F415}
2013-06-09 10:42:32    915C01983D5D2CB6272A3976E19BBB57    3116    ----a-w-    C:\Windows\Sysnative\Tasks\{93821C06-9131-49B6-B2CB-CA1EEE256671}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-05-19 22:37:43    --------    d-----w-    C:\Program Files\iPod
2013-05-19 22:37:42    --------    d-----w-    C:\Program Files\iTunes
======= C:\Program Files (x86) =====
======= C: =====
2013-06-09 10:26:20    848D0757CDED9DF2F906BE7FB24BFF69    15248    ----a-w-    C:\AdwCleaner[S1].txt
====== C:\Users\Alissa\AppData\Roaming ======
2013-06-10 20:01:57    --------    d-----w-    C:\users\Alissa\AppData\Local\Google
2013-05-29 07:14:36    --------    d-----w-    C:\users\Alissa\AppData\Local\ElevatedDiagnostics
2013-05-13 19:43:32    --------    d-----w-    C:\users\Alissa\AppData\Roaming\Meridian93
====== C:\Users\Alissa ======
2013-06-10 20:31:36    4ADCFEE16EE9978F06157634669D36FB    602112    ----a-w-    C:\Users\Alissa\Desktop\OTL.com
2013-06-10 20:04:07    ED9F6B0ECF9B557ABAE460A44CFE0F99    538254    ----a-w-    C:\Users\Alissa\Desktop\EnableCMD.exe
2013-06-09 09:49:43    4EF33D516F31BEB1C9847D1FDA69375C    648201    ----a-w-    C:\Users\Alissa\Desktop\adwcleaner.exe
2013-05-29 22:22:15    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack
2013-05-29 22:18:28    6810717C3DF2193268361D0F9EC69152    22154472    ----a-w-    C:\Users\Alissa\Downloads\windows.7.codec.pack.v4.0.6.setup.exe
2013-05-29 19:57:27    4184ADB74711EC490DD895C40A2D0078    19736815    ----a-w-    C:\Users\Alissa\Downloads\K-Lite_Codec_Pack_990_Full.exe
2013-05-19 22:38:13    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2013-05-19 22:37:42    --------    d-----w-    C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-13 20:09:29    --------    d-----w-    C:\ProgramData\Meridian93

====== C: exe-files ==
=== C: other files ==
2013-06-06 09:07:26    EC97A1ABC5F29E6043403F9A86CB06F7    330499    ------w-    C:\Program Files\Vuze\bunndle.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2377495357-3556135038-2084699557-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Startup Folders ======================

2013-02-25 20:04:57    1093    ----a-w-    C:\users\Alissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk
2013-05-29 22:22:30    1866    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk
2013-05-29 22:22:30    1901    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-05-2013 23:11]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Alissa\AppData\Roaming\Mozilla\Firefox\Profiles\i31ypmfx.default
- New Tab Homepage - %ProfilePath%\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
- Menu Editor - %ProfilePath%\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

==== Firefox Plugins ======================

Profilepath: C:\Users\Alissa\AppData\Roaming\Mozilla\Firefox\Profiles\i31ypmfx.default
7ABE33792F2787D599B6963E71B9E8CD    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll -    Shockwave Flash


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx[]
icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx[]
mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx[]
pfndaklgolladniicklehhancnlgocpp - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx[]


==== Chrome Fix ======================

C:\Users\Alissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aehbccjhjmoijijclangcijnfclbjhge deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&r=654"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #25 Gepost op: 12 juni 2013, 00:43:08 »
==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: BBC iPlayer Desktop.lnk = C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
O4 - Global Startup: CodecPackTrayMenu.lnk = C:\Windows\SysWOW64\C2MP\TrayMenu.exe
O4 - Global Startup: CodecPackUpdateChecker.lnk = C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Silent Runners ======================

"Silent Runners.vbs", revision 69.2, http://www.silentrunners.org/
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
Skype = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [Skype Technologies S.A.]
GarminExpressTrayApp = "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [null data]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
IgfxTray = C:\Windows\system32\igfxtray.exe [Intel Corporation]
HotKeysCmds = C:\Windows\system32\hkcmd.exe [Intel Corporation]
Persistence = C:\Windows\system32\igfxpers.exe [Intel Corporation]
SysTrayApp = C:\Program Files\IDT\WDM\sttray64.exe

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++}
avgnt = "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [Avira Operations GmbH & Co. KG]
Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated]
APSDaemon = "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [Apple Inc.]
HP Software Update = C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [Hewlett-Packard]
QuickTime Task = "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [Apple Inc.]
iTunesHelper = "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [Apple Inc.]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = SkypeIEPluginBHO
  -> {HKLM...CLSID} = Skype add-on for Internet Explorer
                   \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [Skype Technologies S.A.]
  -> {HKLM...Wow...CLSID} = Skype Browser Helper
                         \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype Technologies S.A.]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = SkypeIEPluginBHO
  -> {HKLM...CLSID} = Skype add-on for Internet Explorer
                   \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [Skype Technologies S.A.]
  -> {HKLM...Wow...CLSID} = Skype Browser Helper
                         \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype Technologies S.A.]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{45AC2688-0253-4ED8-97DE-B5370FA7D48A} = Shell Extension for Malware scanning
  -> {HKLM...CLSID} = Shell Extension for Malware scanning
                   \InProcServer32\(Default) = C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [Avira Operations GmbH & Co. KG]

{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler
  -> {HKLM...CLSID} = (no title provided)
                   \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\MSOHEVI.DLL [MS]

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler
  -> {HKLM...CLSID} = Microsoft Office Metadata Handler
                   \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler
  -> {HKLM...CLSID} = Microsoft Office Thumbnail Handler
                   \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} = iTunes
  -> {HKLM...CLSID} = iTunes
                   \InProcServer32\(Default) = C:\Program Files\iTunes\iTunesMiniPlayer.dll [Apple Inc.]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler
  -> {HKLM...Wow...CLSID} = Outlook File Icon Extension
                         \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\OLKFSTUB.DLL [MS]

{00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler
  -> {HKLM...Wow...CLSID} = Microsoft Office Outlook
                         \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\MLSHEXT.DLL [MS]

{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler
  -> {HKLM...Wow...CLSID} = (no title provided)
                         \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll [MS]

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler
  -> {HKLM...Wow...CLSID} = Microsoft Office Metadata Handler
                         \InProcServer32\(Default) = C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler
  -> {HKLM...Wow...CLSID} = Microsoft Office Thumbnail Handler
                         \InProcServer32\(Default) = C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\


<<!>> text/xml\CLSID = {807563E5-5146-11D5-A672-00B0D022E945}
  -> {HKLM...CLSID} = Microsoft Office InfoPath XML Mime Filter
                   \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

<<!>> skype-ie-addon-data\CLSID = {91774881-D725-4E58-B298-07617B9B86A8}
  -> {HKLM...CLSID} = Skype IE add-on Pluggable Protocol
                   \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [Skype Technologies S.A.]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

Shell Extension for Malware scanning\(Default) = {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
  -> {HKLM...CLSID} = Shell Extension for Malware scanning
                   \InProcServer32\(Default) = C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [Avira Operations GmbH & Co. KG]

HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\

MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
  -> {HKLM...CLSID} = MBAMShlExt Class
                   \InProcServer32\(Default) = C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

igfxcui\(Default) = {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
  -> {HKLM...CLSID} = GraphicsShellExt Class
                   \InProcServer32\(Default) = C:\Windows\system32\igfxpph.dll [Intel Corporation]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info
  -> {HKLM...Wow...CLSID} = PDF Shell Extension
                         \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
  -> {HKLM...CLSID} = MBAMShlExt Class
                   \InProcServer32\(Default) = C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation]

Shell Extension for Malware scanning\(Default) = {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
  -> {HKLM...CLSID} = Shell Extension for Malware scanning
                   \InProcServer32\(Default) = C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [Avira Operations GmbH & Co. KG]


Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\

DisableLockWorkstation = (REG_DWORD) dword:0x00000000
{unrecognized setting}

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #26 Gepost op: 12 juni 2013, 00:44:07 »
Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
Wallpaper = C:\Users\Alissa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg


Windows Portable Device AutoPlay Handlers
-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

iTunesBurnCDOnArrival\
Provider = iTunes
InvokeProgID = iTunes.BurnCD
InvokeVerb = burn
HKLM\SOFTWARE\Classes\iTunes.BurnCD\shell\burn\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /AutoPlayBurn "%L" [Apple Inc.]

iTunesImportSongsOnArrival\
Provider = iTunes
InvokeProgID = iTunes.ImportSongsOnCD
InvokeVerb = import
HKLM\SOFTWARE\Classes\iTunes.ImportSongsOnCD\shell\import\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /AutoPlayImportSongs "%L" [Apple Inc.]

iTunesPlaySongsOnArrival\
Provider = iTunes
InvokeProgID = iTunes.PlaySongsOnCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\iTunes.PlaySongsOnCD\shell\play\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /playCD "%L" [Apple Inc.]

iTunesShowSongsOnArrival\
Provider = iTunes
InvokeProgID = iTunes.ShowSongsOnCD
InvokeVerb = showsongs
HKLM\SOFTWARE\Classes\iTunes.ShowSongsOnCD\shell\showsongs\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /AutoPlayShowSongs "%L" [Apple Inc.]

MSPlayBluRayOnArrival\
Provider = Windows Media Player
InvokeProgID = WMP.BD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.BD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:12 /Play "%L\BDMV\index.bdmv" [MS]

MSPlayCDAudioOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.AudioCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS]

MSPlayDVDMovieOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.DVD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L" [MS]

MSPlaySuperVideoCDMovieOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.VCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS]

MSPlayVideoCDMovieOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.VCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS]

MSWMPBurnCDOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.BurnCD
InvokeVerb = Burn
HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS]

VLCPlayCDAudioOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.CDAudio
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.CDAudio\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file cdda:///%1 [VideoLAN]

VLCPlayDVDAudioOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.OPENFolder
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" %1 [VideoLAN]

VLCPlayDVDMovieOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.DVDMovie
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.DVDMovie\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file dvd:///%1 [VideoLAN]

VLCPlayMusicFilesOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.OPENFolder
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" %1 [VideoLAN]

VLCPlaySVCDMovieOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.SVCDMovie
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.SVCDMovie\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN]

VLCPlayVCDMovieOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.VCDMovie
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.VCDMovie\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN]

VLCPlayVideoFilesOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.OPENFolder
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" %1 [VideoLAN]


Startup items in "Alissa" & "All Users" startup folders:
--------------------------------------------------------

C:\Users\Alissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup {++}
BBC iPlayer Desktop -> shortcut to: C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe [null data]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup {++}
CodecPackTrayMenu -> shortcut to: C:\Windows\SysWOW64\C2MP\TrayMenu.exe [null data]
CodecPackUpdateChecker -> shortcut to: C:\Windows\SysWOW64\C2MP\UpdateChecker.exe [null data]


Non-disabled Scheduled Tasks: {++}
-----------------------------

C:\Windows\System32\Tasks
Adobe Flash Player Updater ->  launches: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated]
CreateChoiceProcessTask ->  launches: C:\Windows\System32\browserchoice.exe /launch [MS]
HPCustParticipation HP Deskjet 1050 J410 series ->  launches: "C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe" /UA 9.5 /DDV 0x0800 [Hewlett-Packard Co.]
{93821C06-9131-49B6-B2CB-CA1EEE256671} ->  launches: C:\Windows\system32\pcalua.exe -a C:\Users\Alissa\Desktop\zoek.exe -d C:\Users\Alissa\Desktop [MS]
{A0E8EC16-3C0E-47FC-BF6B-03A12D49F415} ->  launches: C:\Windows\system32\pcalua.exe -a C:\Users\Alissa\AppData\Local\Temp\Temp1_zoek.zip\zoek.exe [MS]
{A9909038-4DE5-4F17-A088-B195012A8A05} ->  launches: "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.0.59.126/nl/abandoninstall?page=tsProgressBar [Mozilla Corporation]

C:\Windows\System32\Tasks\Apple
AppleSoftwareUpdate ->  launches: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task [Apple Inc.]

C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client
AD RMS Rights Policy Template Management (Manual) ->  launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C}
  -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler
                   \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS]
  -> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler
                         \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience
AitAgent ->  launches: aitagent [MS]
ProgramDataUpdater ->  launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Autochk
Proxy ->  launches: %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth
UninstallDeviceTask ->  launches: BthUdTask.exe $(Arg0) [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient
SystemTask ->  launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}
  -> {HKLM...CLSID} = Certificate Services Client Task Handler
                   \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
  -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler
                         \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
UserTask ->  launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}
  -> {HKLM...CLSID} = Certificate Services Client Task Handler
                   \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
  -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler
                         \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program
Consolidator ->  launches: %SystemRoot%\System32\wsqmcons.exe [MS]
KernelCeipTask -> (HIDDEN!) launches: {e7ed314f-2816-4c26-aeb5-54a34d02404c}
  -> {HKLM...CLSID} = KernelCeipCustomHandler
                   \InProcServer32\(Default) = C:\Windows\System32\kernelceip.dll [MS]
UsbCeip -> (HIDDEN!) launches: {c27f6b1d-fe0b-45e4-9257-38799fa69bc8}
  -> {HKLM...CLSID} = UsbCeip
                   \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS]
  -> {HKLM...Wow...CLSID} = UsbCeip
                         \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Defrag
ScheduledDefrag ->  launches: %windir%\system32\defrag.exe -c [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis
Scheduled -> (HIDDEN!) launches: {c1f85ef8-bcc2-4606-bb39-70c523715eb3}
  -> {HKLM...CLSID} = ScheduledDiagnosticCustomHandler
                   \InProcServer32\(Default) = C:\Windows\System32\sdiagschd.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Location
Notifications ->  launches: %windir%\System32\LocationNotifications.exe [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance
WinSAT ->  launches: {A9A33436-678B-4C9C-A211-7CC38785E79D}
  -> {HKLM...CLSID} = WinSAT Task Manger Task
                   \InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS]
  -> {HKLM...Wow...CLSID} = WinSAT Task Manger Task
                         \InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Media Center
ActivateWindowsSearch ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch [MS]
ConfigureInternetTimeService ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService [MS]
DispatchRecoveryTasks ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) [MS]
ehDRMInit ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS]
InstallPlayReady ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) [MS]
mcupdate ->  launches: %SystemRoot%\ehome\mcupdate $(Arg0) [MS]
MediaCenterRecoveryTask ->  launches: %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [MS]
ObjectStoreRecoveryTask ->  launches: %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [MS]
OCURActivate ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS]
OCURDiscovery ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) [MS]
PBDADiscovery ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery [MS]
PBDADiscoveryW1 ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery [MS]
PBDADiscoveryW2 ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery [MS]
PvrRecoveryTask ->  launches: %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [MS]
PvrScheduleTask ->  launches: %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [MS]
RegisterSearch ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) [MS]
ReindexSearchRoot ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot [MS]
SqlLiteRecoveryTask ->  launches: %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [MS]
UpdateRecordPath ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #27 Gepost op: 12 juni 2013, 00:44:19 »
CorruptionDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2}
  -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler
                   \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS]
DecompressionFailureDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2}
  -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler
                   \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC
HotStart ->  launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
  -> {HKLM...CLSID} = HotStart User Agent
                   \InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MUI
Lpksetup ->  launches: C:\Windows\System32\lpksetup.exe -v [MS]
LPRemove ->  launches: %windir%\system32\lpremove.exe [MS]
Mcbuilder ->  launches: C:\Windows\System32\mcbuilder.exe [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia
SystemSoundsService ->  launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543}
  -> {HKLM...CLSID} = Microsoft PlaySoundService Class
                   \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS]
  -> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class
                         \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace
GatherNetworkInfo ->  launches: %windir%\system32\gatherNetworkInfo.vbs [null data]

C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics
AnalyzeSystem ->  launches: %SystemRoot%\System32\powercfg.exe -energy -auto [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RAC
RacTask -> (HIDDEN!) launches: {42060D27-CA53-41f5-96E4-B1E8169308A6}
  -> {HKLM...CLSID} = ReliabilityAnalysisCustomHandler
                   \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS]
  -> {HKLM...Wow...CLSID} = ReliabilityAnalysisCustomHandler
                         \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Ras
MobilityManager ->  launches: {c463a0fc-794f-4fdf-9201-01938ceacafa}
  -> {HKLM...CLSID} = RasMobilityManager
                   \InProcServer32\(Default) = C:\Windows\system32\rasmbmgr.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Registry
RegIdleBackup -> (HIDDEN!) launches: {ca767aa8-9157-4604-b64b-40747123d5f2}
  -> {HKLM...CLSID} = RegistryIdleBackupHandler
                   \InProcServer32\(Default) = C:\Windows\System32\regidle.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance
RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\SideShow
GadgetManager ->  launches: {FF87090D-4A9A-4f47-879B-29A80C355D61}
  -> {HKLM...CLSID} = GadgetsManager Class
                   \InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore
SR ->  launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager
Interactive -> (HIDDEN!) launches: {855fec53-d2e4-4999-9e87-3414e9cf0ff4}
  -> {HKLM...CLSID} = RunTask
                   \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS]
  -> {HKLM...Wow...CLSID} = RunTask
                         \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip
IpAddressConflict1 ->  launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS]
IpAddressConflict2 ->  launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework
MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1}
  -> {HKLM...CLSID} = MsCtfMonitor task handler
                   \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS]
  -> {HKLM...Wow...CLSID} = MsCtfMonitor task handler
                         \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization
SynchronizeTime ->  launches: %windir%\system32\sc.exe start w32time task_started [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\UPnP
UPnPHostConfig ->  launches: sc.exe config upnphost start= auto [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WDI
ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1}
  -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler
                   \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS]
  -> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler
                         \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Activation Technologies
ValidationTask -> (HIDDEN!) launches: %SystemRoot%\system32\Wat\WatAdminSvc.exe /run [MS]
ValidationTaskDeadline -> (HIDDEN!) launches: %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting
QueueReporting ->  launches: %windir%\system32\wermgr.exe -queuereporting [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform
BfeOnServiceStartTypeChange -> (HIDDEN!) launches: %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing
UpdateLibrary ->  launches: "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup
ConfigNotification ->  launches: %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Wininet
CacheTask ->  launches: {0358b920-0ac7-461f-98f4-58e32cd89148}
  -> {HKLM...CLSID} = Wininet Cache task object
                   \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS]
  -> {HKLM...Wow...CLSID} = Wininet Cache task object
                         \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows Defender
MP Scheduled Scan -> (HIDDEN!) launches: c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan [MS]

C:\Windows\System32\Tasks\WPD
SqmUpload_S-1-5-21-2377495357-3556135038-2084699557-1000 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS]
000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS]
000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]
000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]
000000000005\LibraryPath = C:\Program Files (x86)\Bonjour\mdnsNSP.dll [Apple Inc.]
000000000006\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]
000000000007\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\ {++}
000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS]
000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS]
000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]
000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]
000000000005\LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll [Apple Inc.]
000000000006\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]
000000000007\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 10

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries64\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 10


Toolbars, Explorer Bars, Extensions:
------------------------------------

Explorer Bars

HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Onderzoeken
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\
ButtonText = Skype Click to Call
CLSIDExtension = {898EA8C8-E7FF-479B-8935-AEC46303B9E5}
  -> {HKLM...CLSID} = Skype add-on for Internet Explorer (toolbar button)
                   \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [Skype Technologies S.A.]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\
ButtonText = Skype Click to Call
CLSIDExtension = {898EA8C8-E7FF-479B-8935-AEC46303B9E5}
  -> {HKLM...Wow...CLSID} = Skype Browser Helper
                         \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype Technologies S.A.]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
ButtonText = Research
BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
  -> {HKLM...Wow...CLSID} = &Onderzoeken
                         \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL [MS]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Adobe Acrobat Update Service, AdobeARMservice, "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [Adobe Systems Incorporated]
Andrea ST Filters Service, AESTFilters, C:\Program Files\IDT\WDM\AESTSr64.exe [Andrea Electronics Corporation]
Apple Mobile Device, Apple Mobile Device, "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [Apple Inc.]
Audio Service, STacSV, C:\Program Files\IDT\WDM\STacSV64.exe [IDT, Inc.]
Avira Real-Time Protection, AntiVirService, "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [Avira Operations GmbH & Co. KG]
Avira Scheduler, AntiVirSchedulerService, "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [Avira Operations GmbH & Co. KG]
Bonjour-service, Bonjour Service, "C:\Program Files\Bonjour\mDNSResponder.exe" [Apple Inc.]
Garmin Core Update Service, Garmin Core Update Service, "C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe" [null data]
iPod-service, iPod Service, "C:\Program Files\iPod\bin\iPodService.exe" [Apple Inc.]
MBAMScheduler, MBAMScheduler, "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [Malwarebytes Corporation]
MBAMService, MBAMService, "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [Malwarebytes Corporation]
Skype C2C Service, Skype C2C Service, "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe" [Skype Technologies S.A.]


Print Monitors:
---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
HP 8911 Status Monitor\Driver = hpinksts8911LM.dll [Hewlett-Packard Co.]




==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Alissa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XDGO3NKB will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Alissa\AppData\Local\Mozilla\Firefox\Profiles\i31ypmfx.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Alissa\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Alissa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XDGO3NKB" not found

==== EOF on di 11-06-2013 at 23:37:25,17 ======================

Offline Peter

  • Sysop
  • *****
  • Berichten: 5.683
  • Geslacht: Man
Re: continue pop-up beveiliging melding
« Reactie #28 Gepost op: 12 juni 2013, 00:53:46 »
Mooi, dan gaan we dat nakijken.

Hoe gaat het inmiddels met je computer?


Peter

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #29 Gepost op: 12 juni 2013, 09:07:42 »
Het ziet ernaar uit dat het inderdaad al een stuk beter gaat...gister ging t weer even heel slecht, dat hij gewoon niets wil doen en soort van vast loopt en soms start hij zich dan automatich opnieuw op met een foutmelding scherm.

Maar zover ziet het er al beter uit!