EYES-T

Nu doet ie het weer ! Bedankt!

Hoi, Mijn Nexus 7 verliest zijn wifi-connectie altijd wanneer hij "in rust" is geweest. Bij instellingen kan ik de wifi niet terug opzetten(knopje grijs). MAAR elke keer hij terug wordt opgestart is de wifi in orde. Als hij maar eventjes inactief is, blijft de wifi soms ook werken. Iemand enige oplossing? Alvast bedankt voor elke reactie!

Zal ik proberen, laat binnen een paar dagen weten of het werkt!

Hoi, De titel zegt het zelf al : de PC gaat niet meer in slaapstand. Ik heb al geprobeerd om de tijdsduur met een minuutje te wijzigen maar dit gaf geen effect. Het scherm schakelt zich wél op de correcte manier uit. Het probleem doet zich sinds enkele dagen voor. Ik heb recentelijk geen nieuwe software geïnstalleerd. Ook heb ik geen instellingen gewijzigd. Iemand enig idee hoe ik dit kan oplossen? Alvast bedankt voor jullie reacties!

Nee, alles is duidelijk, bedankt allebei!

De bestanden waren jpg en zijn nu allemaal jpeg

O ja, vergeten te vermelden : als ik rechts klik op de file en kies "openen met Windows Photo Gallery" doen ze het wel. Maar als ik via "eigenschappen" dit wil wijzigen voor alle files van dit type blijft het vakje om dit aan te vinken "grijs" en kan ik dit niet wijzigen. - - - Updated - - - Eggers, onze berichtjes hebben mekaar blijkbaar gekruist. Maar jouw oplossing werkt, bedankt!

Hoi, Ik heb zopas Office 2011 geïnstalleerd(ja, ik weet het, ik loop achter! ). Nu blijken al mijn JPG-bestanden een Word-document geworden. In een lijst staat het Word-icoontje ervoor en bij het openen krijg ik uiteraard een foutmelding ivm bestandsconversie en codering. Waarschijnlijk moet ik ergens terug gaan aanpassen met welk programma ik JPG's standaard moet openen, maar ik weet niet hoe... Iemand een oplossing? Alvast bedankt voor alle reacties!

Bedankt voor de tips! Heb zopas een image gemaakt met die Macrium Reflect Free. Werkte perfect!

Die Fbackup begint al goed : wil (na 3 keer proberen)gewoon niet installeren.... Dan ga ik maar voor Macrium Reflect Free, de nr1 in de CNet reviews : Macrium Reflect Free - Free download and software reviews - CNET Download.com Op hoop van zege(n)!

Ja, ik was gisteren ook al eens gaan snuisteren tussen de verschillende BU-progaramma's die worden aangeboden via Cnet en ik zal die FBackup eens proberen. Blijft mijn vraag wel : waarom maakt ie die fout met de W7-BU? Misschien is er hier nog een expert die hierover zijn licht kan doen schijnen? Zalig Kerstfeest!

Hoi, Telkens wanneer ik een backup maak wordt de overgebleven ruimte op mijn externe schijf steeds kleiner, soms tot 10gig. Tussen de backups zijn geen grote bestanden gedownload. Ik gebruik het standaard backupprogramma van Windows7. Iemand enig idee hoe dit komt? Wordt er misschien een gedeelte van de vorige backup bijgehouden? Lijkt me niet erg waarschijnlijk en zeker niet met zo'n grote "hoeveelheden". Alvast bedankt voor elke reactie en prettige feestdagen!

't Heeft zich vanzelf opgelost, gisterenavond was 't even plots weer verdwenen als 't gekomen was... Microsoft zal gezien hebben dat ik toch een brave jongen ben...

Waarom krijg je die boodschap dan pas na 2 jaar?

Hoi, Heeft iemand dit al eens meegemaakt? Plots staat er links onderaan mijn scherm: “Windows 7 Build 7601 Dit exemplaar van Windows is niet legitiem.” Mijn Windows 7 stond gewoon op mijn PC toen ik hem kocht.(+/- 2 jaar geleden) Verschenen terwijl de PC aan stond, niet bij het opstarten. Voor de rest werkt alles perfect. Ook na het heropstarten van de PC blijft het staan. ‘k Heb al wel even extra op virussen gescand, ook hier alles positief. Alvast bedankt voor jullie reacties!

Ondertussen heb ik op Youtube verschillende filmpjes gevonden hoe je van je modemantenne een richtbare paraboolantenne kan maken, met gebruik van aluminiumfolie, blijkbaar met erg goede resultaten. Aangezien de Telenet-modem geen antenne heeft kan ik dit niet toepassen. Maar wat ik wel heb gedaan is : onder de modem(vloer), achter de modem(buitenmuur) en links van de modem(muur van de buren) folie bevestigd maar....geen positief effect te meten.....

Hoi, Mijn dochter gebruikt regelmatig draadloos internet op haar kamer op de 1e verdieping. Het signaal dat ze krijgt van de modem(gelijkvloers) is zeer zwak of soms tijdelijk zelfs onbestaande. Haar Laptop is nog geen jaar oud dus ik denk niet dat daar het probleem zit. Bij het contactcenter van Telenet suggereerden ze om eerst eens de gebruikte kanalen te veranderen. Ze hebben er meerdere en de nrs. 1,6 en 11 zouden de sterkste zijn. Het gebruikte kanaal was al nr. 6 maar ook het switchen naar 1 en 11 gaf geen verbetering. Tweede suggestie : gebruik 2 powerline adapters. (die kosten bij Telenet wel eventjes 50 euro 't stuk) Heeft iemand van jullie hier ervaring mee of kent iemand een oplossing voor dit probleem? Alvast bedankt voor alle reacties!

Het blijkt volledig verdwenen. Bedankt!

Voorlopig ziet het er goed uit, zal het een paar dagen aankijken. Alvast bedankt!

Zoek.exe Version 4.0.0.2 Updated 02-March-2013 Tool run by Wim Van Loock on ma 04/03/2013 at 16:02:55,69. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== System Restore Info ====================== 4/03/2013 16:04:47 Zoek.exe System Restore Point Created Succesfully. ==== Creating Sample_20130403_1608.zip ====================== Process chrome.exe killed Copied file C:\Users\Wim Van Loock\TatSet.exe to sample sample\TatSet.exe renamed to A2A1BA6024BCF5E2B3B533E77C146619 C:\Users\Public\Desktop\sample_20130403_1608.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Internet Explorer\SearchScopes\{96146D96-9783-4982-878A-745B72327058} deleted successfully HKEY_USERS\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Files \ Folders ====================== "C:\Users\Wim Van Loock\TatSet.exe" deleted "C:\Windows\SysWow64\searchplugins" deleted "C:\Windows\SysWow64\Extensions" deleted "C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69" deleted "C:\Program Files (x86)\NCH_EN" deleted "C:\Program Files (x86)\fbphotozoom" deleted "C:\Users\Wim Van Loock\AppData\Roaming\Babylon" deleted "C:\Windows\SysWow64\searchplugins" deleted "C:\Windows\SysWow64\Extensions" deleted "C:\ProgramData\boost_interprocess" deleted "C:\ProgramData\InstallMate" deleted "C:\ProgramData\Tarma Installer" deleted "C:\ProgramData\Trymedia" deleted "C:\Users\Wim Van Loock\AppData\Local\APN" deleted "C:\Users\Wim Van Loock\AppData\LocalLow\DataMngr" deleted "C:\Users\Wim Van Loock\AppData\LocalLow\PriceGong" deleted "C:\Users\Wim Van Loock\AppData\LocalLow\Conduit" deleted "C:\Users\Wim Van Loock\AppData\LocalLow\NCH_EN" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - No path found[] mpieaakhacmfleokhjcjnpcnmnmpfkid - C:\Program Files (x86)\fbphotozoom\fbphotozoom.crx[] nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.0.26\Exts\Chrome.crx[14/02/2013 04:02] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[] Tetris - Wim Van Loock - Default\Extensions\angmfbilgjakmniilgadoakegkjdcpja Windows Media Player Extension for HTML5 - Wim Van Loock - Default\Extensions\hokdglbhghcebcopdbanieangmcamaak DSL speedtest - Wim Van Loock - Default\Extensions\mibbfkdeofpfmkclkgjfnjppdblhpddj FBPHOTOZOOM - Wim Van Loock - Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://internetradio.vrt.be/radiospeler/v2_prod/wmp.html?qsbrand=11" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://internetradio.vrt.be/radiospeler/v2_prod/wmp.html?qsbrand=11" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}" {483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {852E32AC-4B74-4EA0-A396-8B607175B3AE} Yahoo//search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=642886&p={searchTerms}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Wim Van Loock\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Wim Van Loock\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\users\Wim Van Loock\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\Wim Van Loock\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\WIMVAN~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ********************************************************* 't Zit blijkbaar diep verstopt, nie?

ComboFix 13-03-04.01 - Wim Van Loock 04/03/2013 12:08:55.6.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4040.2892 [GMT 1:00] Gestart vanuit: c:\users\Wim Van Loock\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\users\Wim Van Loock\Desktop\CFScript.txt AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7} AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC} SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A} SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2013-02-04 to 2013-03-04 )))))))))))))))))))))))))))))) . . 2013-03-04 11:17 . 2013-03-04 11:17 -------- d-----w- c:\users\Public\AppData\Local\temp 2013-03-04 11:17 . 2013-03-04 11:17 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-03-04 07:05 . 2013-03-04 07:05 -------- d-----w- c:\users\Wim Van Loock\AppData\Roaming\LavasoftStatistics 2013-03-04 07:05 . 2013-03-04 07:05 -------- d-----w- c:\programdata\Ad-Aware Antivirus 2013-03-04 07:02 . 2013-03-04 07:02 -------- d-----w- c:\programdata\Lavasoft 2013-03-04 07:02 . 2013-03-04 07:05 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus 2013-03-04 07:02 . 2013-03-04 07:02 -------- d-----w- c:\programdata\Downloaded Installations 2013-03-04 07:02 . 2013-03-04 07:02 -------- d-----w- c:\users\Wim Van Loock\AppData\Local\adawarebp 2013-03-04 07:02 . 2013-03-04 07:02 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection 2013-03-04 07:02 . 2013-03-04 07:02 -------- d-----w- c:\program files (x86)\adawaretb 2013-03-04 07:02 . 2013-03-04 07:02 -------- d-----w- c:\program files (x86)\Toolbar Cleaner 2013-03-04 07:01 . 2013-03-04 07:01 47496 ----a-w- c:\windows\system32\sbbd.exe 2013-03-04 07:01 . 2013-03-04 07:01 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys 2013-03-04 07:01 . 2013-03-04 07:05 -------- d-----w- c:\users\Wim Van Loock\AppData\Roaming\Ad-Aware Antivirus 2013-03-03 16:15 . 2013-03-03 16:15 -------- d-----w- c:\users\Wim Van Loock\AppData\Local\Programs 2013-02-27 05:45 . 2013-02-17 00:40 28672 ----a-w- c:\windows\system32\IEUDINIT.EXE 2013-02-27 05:42 . 2013-02-27 05:43 -------- d-----w- c:\windows\system32\drivers\NAVx64\1403000.024 2013-02-27 05:38 . 2013-02-27 05:38 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-02-26 11:03 . 2013-02-26 11:03 -------- d-----w- c:\windows\SysWow64\searchplugins 2013-02-26 11:03 . 2013-02-26 11:03 -------- d-----w- c:\windows\SysWow64\Extensions 2013-02-26 07:48 . 2013-02-26 16:01 -------- d-s---w- c:\users\Wim Van Loock\Google Drive 2013-02-23 14:18 . 2013-02-23 14:18 -------- d-----w- c:\program files (x86)\Common Files\Java 2013-02-23 14:13 . 2013-02-23 14:12 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-02-23 14:12 . 2013-02-23 14:12 -------- d-----w- c:\program files (x86)\Java 2013-02-21 15:41 . 2013-02-21 15:41 -------- d-----w- c:\program files\iPod 2013-02-21 15:41 . 2013-02-21 15:41 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-02-21 15:41 . 2013-02-21 15:41 -------- d-----w- c:\program files (x86)\iTunes 2013-02-21 15:41 . 2013-02-21 15:41 -------- d-----w- c:\program files\iTunes 2013-02-19 08:24 . 2013-02-19 08:24 -------- d-----w- c:\windows\system32\drivers\NSTx64\7DD03000.01A 2013-02-15 18:58 . 2013-02-15 18:58 106088 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll 2013-02-13 19:50 . 2013-02-13 19:50 -------- d-----w- c:\users\Wim Van Loock\AppData\Roaming\theBluCache 2013-02-13 08:14 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-13 08:14 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-02-13 08:14 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-02-13 08:14 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-02-13 08:14 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll 2013-02-13 08:14 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2013-02-13 08:14 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2013-02-13 08:14 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2013-02-13 08:14 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2013-02-13 08:14 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe 2013-02-13 08:14 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-02-13 08:14 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-02 07:12 . 2012-04-01 06:58 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-03-02 07:12 . 2011-11-29 07:04 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-23 14:12 . 2012-06-26 13:47 861088 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2013-02-23 14:12 . 2011-12-04 16:41 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-02-13 11:08 . 2011-08-02 05:07 70004024 ----a-w- c:\windows\system32\MRT.exe 2013-01-04 04:43 . 2013-02-13 08:14 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-12-16 17:11 . 2012-12-21 11:01 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 14:45 . 2012-12-21 11:01 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-21 11:01 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-16 14:13 . 2012-12-21 11:01 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-14 15:49 . 2012-12-11 07:58 24176 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-07 13:20 . 2013-01-09 11:12 441856 ----a-w- c:\windows\system32\Wpc.dll 2012-12-07 13:15 . 2013-01-09 11:12 2746368 ----a-w- c:\windows\system32\gameux.dll 2012-12-07 12:26 . 2013-01-09 11:12 308736 ----a-w- c:\windows\SysWow64\Wpc.dll 2012-12-07 12:20 . 2013-01-09 11:12 2576384 ----a-w- c:\windows\SysWow64\gameux.dll 2012-12-07 11:20 . 2013-01-09 11:12 30720 ----a-w- c:\windows\system32\usk.rs 2012-12-07 11:20 . 2013-01-09 11:12 43520 ----a-w- c:\windows\system32\csrr.rs 2012-12-07 11:20 . 2013-01-09 11:12 23552 ----a-w- c:\windows\system32\oflc.rs 2012-12-07 11:20 . 2013-01-09 11:12 45568 ----a-w- c:\windows\system32\oflc-nz.rs 2012-12-07 11:20 . 2013-01-09 11:12 44544 ----a-w- c:\windows\system32\pegibbfc.rs 2012-12-07 11:20 . 2013-01-09 11:12 20480 ----a-w- c:\windows\system32\pegi-fi.rs 2012-12-07 11:20 . 2013-01-09 11:12 20480 ----a-w- c:\windows\system32\pegi-pt.rs 2012-12-07 11:19 . 2013-01-09 11:12 20480 ----a-w- c:\windows\system32\pegi.rs 2012-12-07 11:19 . 2013-01-09 11:12 46592 ----a-w- c:\windows\system32\fpb.rs 2012-12-07 11:19 . 2013-01-09 11:12 40960 ----a-w- c:\windows\system32\cob-au.rs 2012-12-07 11:19 . 2013-01-09 11:12 21504 ----a-w- c:\windows\system32\grb.rs 2012-12-07 11:19 . 2013-01-09 11:12 15360 ----a-w- c:\windows\system32\djctq.rs 2012-12-07 11:19 . 2013-01-09 11:12 55296 ----a-w- c:\windows\system32\cero.rs 2012-12-07 11:19 . 2013-01-09 11:12 51712 ----a-w- c:\windows\system32\esrb.rs 2012-12-07 10:46 . 2013-01-09 11:12 43520 ----a-w- c:\windows\SysWow64\csrr.rs 2012-12-07 10:46 . 2013-01-09 11:12 30720 ----a-w- c:\windows\SysWow64\usk.rs 2012-12-07 10:46 . 2013-01-09 11:12 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs 2012-12-07 10:46 . 2013-01-09 11:12 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs 2012-12-07 10:46 . 2013-01-09 11:12 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs 2012-12-07 10:46 . 2013-01-09 11:12 23552 ----a-w- c:\windows\SysWow64\oflc.rs 2012-12-07 10:46 . 2013-01-09 11:12 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs 2012-12-07 10:46 . 2013-01-09 11:12 46592 ----a-w- c:\windows\SysWow64\fpb.rs 2012-12-07 10:46 . 2013-01-09 11:12 20480 ----a-w- c:\windows\SysWow64\pegi.rs 2012-12-07 10:46 . 2013-01-09 11:12 21504 ----a-w- c:\windows\SysWow64\grb.rs 2012-12-07 10:46 . 2013-01-09 11:12 40960 ----a-w- c:\windows\SysWow64\cob-au.rs 2012-12-07 10:46 . 2013-01-09 11:12 15360 ----a-w- c:\windows\SysWow64\djctq.rs 2012-12-07 10:46 . 2013-01-09 11:12 55296 ----a-w- c:\windows\SysWow64\cero.rs 2012-12-07 10:46 . 2013-01-09 11:12 51712 ----a-w- c:\windows\SysWow64\esrb.rs . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service] @="Ad-Aware Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled] "IAStorIcon"=c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe "Hotkey Utility"=c:\program files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "RIMBBLaunchAgent.exe"=c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2000-01-01 246376] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-09-07 147288] R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-07-31 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-03-04 14456] S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1402010.016\SYMDS64.SYS [2012-10-04 493216] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1402010.016\SYMEFA64.SYS [2012-10-04 1133216] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-01-16 1388120] S1 ccSet_MCLIENT;Norton Management Settings Manager;c:\windows\system32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys [2012-10-04 168096] S1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAVx64\1402010.016\ccSetx64.sys [2012-08-20 168096] S1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\NSTx64\7DD03000.01A\ccSetx64.sys [2012-11-16 168096] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130301.002\IDSvia64.sys [2013-01-05 513184] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1402010.016\Ironx64.SYS [2012-09-07 224416] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1402010.016\SYMNETS.SYS [2012-09-07 432800] S2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2013-02-21 1236336] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2011-01-17 164520] S2 Live Updater Service;Live Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [2011-01-31 244624] S2 MCLIENT;Norton Management;c:\program files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe [2012-10-11 143928] S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\20.2.1.22\ccSvcHst.exe [2012-12-05 143928] S2 NCO;Norton Identity Safe;c:\program files (x86)\Norton Identity Safe\Engine\2013.3.0.26\ccSvcHst.exe [2012-12-24 144520] S2 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2012-09-20 3677000] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-18 138912] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - GFIBTO [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}] start [bU] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-02-25 05:45 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-26 15:13] . 2013-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-26 15:13] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-11 11580520] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://internetradio.vrt.be/radiospeler/v2_prod/wmp.html?qsbrand=11 mLocal Page = c:\windows\system32\blank.htm uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.132 195.130.130.4 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file) WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file) WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MCLIENT] "ImagePath"="\"c:\program files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe\" /s \"MCLIENT\" /m \"c:\program files (x86)\Norton Management\Engine\3.2.0.19\diMaster.dll\" /prefetch:1" -- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NAV] "ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\20.2.1.22\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\20.2.1.22\diMaster.dll\" /prefetch:1" -- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NCO] "ImagePath"="\"c:\program files (x86)\Norton Identity Safe\Engine\2013.3.0.26\ccSvcHst.exe\" /s \"NCO\" /m \"c:\program files (x86)\Norton Identity Safe\Engine\2013.3.0.26\diMaster.dll\" /prefetch:1" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice] @Denied: (2) (S-1-5-21-3977435860-3031932681-990377046-1001) @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.bmp.15.4" . [HKEY_USERS\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.bmp.15.4" . [HKEY_USERS\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.ico.15.4" . [HKEY_USERS\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2) (S-1-5-21-3977435860-3031932681-990377046-1001) @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2) (S-1-5-21-3977435860-3031932681-990377046-1001) @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] @Denied: (2) (S-1-5-21-3977435860-3031932681-990377046-1001) @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.jpg.15.4" . [HKEY_USERS\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (S-1-5-21-3977435860-3031932681-990377046-1001) @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.png.15.4" . [HKEY_USERS\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (S-1-5-21-3977435860-3031932681-990377046-1001) @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.tif.15.4" . [HKEY_USERS\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (S-1-5-21-3977435860-3031932681-990377046-1001) @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.tif.15.4" . [HKEY_USERS\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLive.PhotoGallery.wdp.15.4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-03-04 12:24:33 ComboFix-quarantined-files.txt 2013-03-04 11:24 ComboFix2.txt 2013-02-08 22:29 . Pre-Run: 389.253.595.136 bytes beschikbaar Post-Run: 388.942.745.600 bytes beschikbaar . - - End Of File - - DDCC2C00291F75DCC23F77F74C5E3023

In geen van beide gevallen staat CouponDropDown bij de extensies...

Hoi, Sinds enige tijd heb ik last van CouponDropDown met de vervelende advertenties verborgen onder onderlijnde woorden op bijna elke website. Wat ik al heb ondernomen : 1/ Eerst en vooral : Norton Anti Virus vindt er niks van terug. 2/ Malwarebytes Ant-Malware geeft ook een volledig positief rapportje. 3/ AdwCleaner vindt ook niks terug.(2e logbestand) 4/ Combofix laten lopen = logje onderaan 4/ HiJackThis geeft volgend logbestand : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:43:09, on 4/03/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16521) Boot mode: Normal Running processes: C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.0.26\ccSvcHst.exe C:\Program Files (x86)\Norton AntiVirus\Engine\20.2.1.22\ccSvcHst.exe C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe C:\Program Files (x86)\adawaretb\ffHelper.exe C:\PROGRA~2\AD-AWA~1\AdAware.exe C:\Users\Wim Van Loock\Downloads\adwcleaner.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Wim Van Loock\Downloads\HijackThis (2).exe C:\Windows\SysWOW64\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = VRT Radiospeler R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.2.1.22\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.0.26\coIEPlg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.0.26\coIEPlg.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run O4 - HKCU\..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f O4 - HKCU\..\RunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Norton Management (MCLIENT) - Symantec Corporation - C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\20.2.1.22\ccSvcHst.exe O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.0.26\ccSvcHst.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10894 bytes ******************************************************************** ADWCleaner geeft volgend logje: # AdwCleaner v2.113 - Verslag gemaakt op 04/03/2013 om 08:34:04 # Geactualiseerd op 23/02/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : Wim Van Loock - DESKTOP # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Wim Van Loock\Downloads\adwcleaner.exe # Optie [Zoeken] ***** [Diensten] ***** ***** [Files / Mappen] ***** Map Aanwezig : C:\Program Files (x86)\adawaretb Map Aanwezig : C:\Program Files (x86)\fbphotozoom Map Aanwezig : C:\Program Files (x86)\NCH_EN Map Aanwezig : C:\ProgramData\Babylon Map Aanwezig : C:\ProgramData\blekko toolbars Map Aanwezig : C:\ProgramData\boost_interprocess Map Aanwezig : C:\ProgramData\InstallMate Map Aanwezig : C:\ProgramData\Tarma Installer Map Aanwezig : C:\ProgramData\Trymedia Map Aanwezig : C:\Users\Wim Van Loock\AppData\Local\APN Map Aanwezig : C:\Users\Wim Van Loock\AppData\LocalLow\adawaretb Map Aanwezig : C:\Users\Wim Van Loock\AppData\LocalLow\Conduit Map Aanwezig : C:\Users\Wim Van Loock\AppData\LocalLow\NCH_EN Map Aanwezig : C:\Users\Wim Van Loock\AppData\LocalLow\PriceGong Map Aanwezig : C:\Users\Wim Van Loock\AppData\Roaming\Babylon Map Aanwezig : C:\Users\Wim Van Loock\AppData\Roaming\pdfforge ***** [Register] ***** Sleutel Aanwezig : HKCU\Software\1ClickDownload Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\Conduit Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\NCH_EN Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Aanwezig : HKCU\Software\Conduit Sleutel Aanwezig : HKCU\Software\DataMngr Sleutel Aanwezig : HKCU\Software\DataMngr_Toolbar Sleutel Aanwezig : HKCU\Software\InstallCore Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Aanwezig : HKCU\Software\Softonic Sleutel Aanwezig : HKCU\Software\5855d8dbb639ed10 Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} Sleutel Aanwezig : HKLM\Software\Babylon Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Aanwezig : HKLM\Software\Conduit Sleutel Aanwezig : HKLM\Software\DataMngr Sleutel Aanwezig : HKLM\Software\Iminent Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Sleutel Aanwezig : HKLM\Software\NCH_EN Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\5855d8dbb639ed10 Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90901388-E660-4EF5-82B0-31632F1CC75D} Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1A9BA14-5FB3-4209-9F7E-6DBA0511AD36} Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} Sleutel Aanwezig : HKU\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Aanwezig : HKU\S-1-5-21-3977435860-3031932681-990377046-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{37483B40-C254-4A72-BDA4-22EE90182C1E}] Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{37483B40-C254-4A72-BDA4-22EE90182C1E}] Waarde Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10] ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16521 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v25.0.1364.97 File : C:\Users\Wim Van Loock\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[R1].txt - [5933 octets] - [04/03/2013 08:34:04] ########## EOF - C:\AdwCleaner[R1].txt - [5993 octets] ########## ********************************************************************* Combofix logbestand : ComboFix 13-03-04.01 - Wim Van Loock 04/03/2013 8:55:08.5.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4040.2114 [GMT 1:00] Gestart vanuit: C:\Users\Wim Van Loock\Downloads\ComboFix.exe AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7} AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC} SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A} SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} (((((((((((((((((((( Bestanden Gemaakt van 2013-02-04 to 2013-03-04 )))))))))))))))))))))))))))))) 2013-03-04 08:04:56 . 2013-03-04 08:04:56 -------- d-----w- C:\Users\Public\AppData\Local\temp 2013-03-04 08:04:56 . 2013-03-04 08:04:56 -------- d-----w- C:\Users\Default\AppData\Local\temp 2013-03-04 07:05:12 . 2013-03-04 07:05:12 -------- d-----w- C:\Users\Wim Van Loock\AppData\Roaming\LavasoftStatistics 2013-03-04 07:05:12 . 2013-03-04 07:05:12 -------- d-----w- C:\ProgramData\Ad-Aware Antivirus 2013-03-04 07:02:58 . 2013-03-04 07:02:58 -------- d-----w- C:\ProgramData\Lavasoft 2013-03-04 07:02:57 . 2013-03-04 07:05:16 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus 2013-03-04 07:02:37 . 2013-03-04 07:02:37 -------- d-----w- C:\ProgramData\Downloaded Installations 2013-03-04 07:02:35 . 2013-03-04 07:02:36 -------- d-----w- C:\Users\Wim Van Loock\AppData\Local\adawarebp 2013-03-04 07:02:33 . 2013-03-04 07:02:34 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection 2013-03-04 07:02:25 . 2013-03-04 07:02:35 -------- d-----w- C:\Program Files (x86)\adawaretb 2013-03-04 07:02:24 . 2013-03-04 07:02:24 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner 2013-03-04 07:01:07 . 2013-03-04 07:01:07 47496 ----a-w- C:\Windows\system32\sbbd.exe 2013-03-04 07:01:07 . 2013-03-04 07:01:07 14456 ----a-w- C:\Windows\system32\drivers\gfibto.sys 2013-03-04 07:01:06 . 2013-03-04 07:05:20 -------- d-----w- C:\Users\Wim Van Loock\AppData\Roaming\Ad-Aware Antivirus 2013-03-03 16:15:54 . 2013-03-03 16:15:54 -------- d-----w- C:\Users\Wim Van Loock\AppData\Local\Programs 2013-02-27 05:45:43 . 2013-02-17 00:40:40 28672 ----a-w- C:\Windows\system32\IEUDINIT.EXE 2013-02-27 05:42:46 . 2013-02-27 05:43:02 -------- d-----w- C:\Windows\system32\drivers\NAVx64\1403000.024 2013-02-27 05:38:45 . 2013-02-27 05:38:45 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-02-26 11:03:54 . 2013-02-26 11:03:54 -------- d-----w- C:\Windows\SysWow64\searchplugins 2013-02-26 11:03:54 . 2013-02-26 11:03:54 -------- d-----w- C:\Windows\SysWow64\Extensions 2013-02-26 07:48:03 . 2013-02-26 16:01:38 -------- d-s---w- C:\Users\Wim Van Loock\Google Drive 2013-02-23 14:18:47 . 2013-02-23 14:18:47 -------- d-----w- C:\Program Files (x86)\Common Files\Java 2013-02-23 14:13:09 . 2013-02-23 14:12:58 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-02-23 14:12:56 . 2013-02-23 14:12:56 -------- d-----w- C:\Program Files (x86)\Java 2013-02-21 15:41:09 . 2013-02-21 15:41:09 -------- d-----w- C:\Program Files\iPod 2013-02-21 15:41:08 . 2013-02-21 15:41:35 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-02-21 15:41:08 . 2013-02-21 15:41:34 -------- d-----w- C:\Program Files (x86)\iTunes 2013-02-21 15:41:05 . 2013-02-21 15:41:35 -------- d-----w- C:\Program Files\iTunes 2013-02-19 08:24:12 . 2013-02-19 08:24:16 -------- d-----w- C:\Windows\system32\drivers\NSTx64\7DD03000.01A 2013-02-15 18:58:12 . 2013-02-15 18:58:12 106088 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll 2013-02-13 19:50:01 . 2013-02-13 19:50:01 -------- d-----w- C:\Users\Wim Van Loock\AppData\Roaming\theBluCache 2013-02-13 08:14:54 . 2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\system32\ntoskrnl.exe 2013-02-13 08:14:54 . 2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-02-13 08:14:53 . 2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-02-13 08:14:49 . 2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\system32\win32k.sys 2013-02-13 08:14:48 . 2013-01-04 05:46:09 215040 ----a-w- C:\Windows\system32\winsrv.dll 2013-02-13 08:14:48 . 2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-02-13 08:14:48 . 2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-02-13 08:14:48 . 2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-02-13 08:14:48 . 2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-02-13 08:14:47 . 2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-02-13 08:14:46 . 2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\system32\drivers\tcpip.sys 2013-02-13 08:14:45 . 2013-01-03 06:00:42 288088 ----a-w- C:\Windows\system32\drivers\FWPKCLNT.SYS . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) 2013-03-02 07:12:38 . 2012-04-01 06:58:07 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-03-02 07:12:38 . 2011-11-29 07:04:36 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-23 14:12:58 . 2012-06-26 13:47:28 861088 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2013-02-23 14:12:58 . 2011-12-04 16:41:34 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-02-13 11:08:03 . 2011-08-02 05:07:14 70004024 ----a-w- C:\Windows\system32\MRT.exe 2013-01-04 04:43:21 . 2013-02-13 08:14:48 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2012-12-16 17:11:22 . 2012-12-21 11:01:29 46080 ----a-w- C:\Windows\system32\atmlib.dll 2012-12-16 14:45:03 . 2012-12-21 11:01:29 367616 ----a-w- C:\Windows\system32\atmfd.dll 2012-12-16 14:13:28 . 2012-12-21 11:01:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-16 14:13:20 . 2012-12-21 11:01:29 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2012-12-14 15:49:28 . 2012-12-11 07:58:36 24176 ----a-w- C:\Windows\system32\drivers\mbam.sys 2012-12-07 13:20:16 . 2013-01-09 11:12:19 441856 ----a-w- C:\Windows\system32\Wpc.dll 2012-12-07 13:15:31 . 2013-01-09 11:12:19 2746368 ----a-w- C:\Windows\system32\gameux.dll 2012-12-07 12:26:17 . 2013-01-09 11:12:18 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll 2012-12-07 12:20:43 . 2013-01-09 11:12:19 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll 2012-12-07 11:20:04 . 2013-01-09 11:12:19 30720 ----a-w- C:\Windows\system32\usk.rs 2012-12-07 11:20:03 . 2013-01-09 11:12:19 43520 ----a-w- C:\Windows\system32\csrr.rs 2012-12-07 11:20:03 . 2013-01-09 11:12:18 23552 ----a-w- C:\Windows\system32\oflc.rs 2012-12-07 11:20:01 . 2013-01-09 11:12:19 45568 ----a-w- C:\Windows\system32\oflc-nz.rs 2012-12-07 11:20:01 . 2013-01-09 11:12:19 44544 ----a-w- C:\Windows\system32\pegibbfc.rs 2012-12-07 11:20:01 . 2013-01-09 11:12:18 20480 ----a-w- C:\Windows\system32\pegi-fi.rs 2012-12-07 11:20:00 . 2013-01-09 11:12:19 20480 ----a-w- C:\Windows\system32\pegi-pt.rs 2012-12-07 11:19:59 . 2013-01-09 11:12:19 20480 ----a-w- C:\Windows\system32\pegi.rs 2012-12-07 11:19:58 . 2013-01-09 11:12:19 46592 ----a-w- C:\Windows\system32\fpb.rs 2012-12-07 11:19:57 . 2013-01-09 11:12:19 40960 ----a-w- C:\Windows\system32\cob-au.rs 2012-12-07 11:19:57 . 2013-01-09 11:12:19 21504 ----a-w- C:\Windows\system32\grb.rs 2012-12-07 11:19:57 . 2013-01-09 11:12:19 15360 ----a-w- C:\Windows\system32\djctq.rs 2012-12-07 11:19:56 . 2013-01-09 11:12:18 55296 ----a-w- C:\Windows\system32\cero.rs 2012-12-07 11:19:55 . 2013-01-09 11:12:18 51712 ----a-w- C:\Windows\system32\esrb.rs 2012-12-07 10:46:42 . 2013-01-09 11:12:19 43520 ----a-w- C:\Windows\SysWow64\csrr.rs 2012-12-07 10:46:42 . 2013-01-09 11:12:19 30720 ----a-w- C:\Windows\SysWow64\usk.rs 2012-12-07 10:46:41 . 2013-01-09 11:12:19 45568 ----a-w- C:\Windows\SysWow64\oflc-nz.rs 2012-12-07 10:46:41 . 2013-01-09 11:12:19 44544 ----a-w- C:\Windows\SysWow64\pegibbfc.rs 2012-12-07 10:46:41 . 2013-01-09 11:12:19 20480 ----a-w- C:\Windows\SysWow64\pegi-pt.rs 2012-12-07 10:46:41 . 2013-01-09 11:12:18 23552 ----a-w- C:\Windows\SysWow64\oflc.rs 2012-12-07 10:46:40 . 2013-01-09 11:12:18 20480 ----a-w- C:\Windows\SysWow64\pegi-fi.rs 2012-12-07 10:46:39 . 2013-01-09 11:12:19 46592 ----a-w- C:\Windows\SysWow64\fpb.rs 2012-12-07 10:46:39 . 2013-01-09 11:12:19 20480 ----a-w- C:\Windows\SysWow64\pegi.rs 2012-12-07 10:46:38 . 2013-01-09 11:12:19 21504 ----a-w- C:\Windows\SysWow64\grb.rs 2012-12-07 10:46:37 . 2013-01-09 11:12:19 40960 ----a-w- C:\Windows\SysWow64\cob-au.rs 2012-12-07 10:46:37 . 2013-01-09 11:12:19 15360 ----a-w- C:\Windows\SysWow64\djctq.rs 2012-12-07 10:46:36 . 2013-01-09 11:12:18 55296 ----a-w- C:\Windows\SysWow64\cero.rs 2012-12-07 10:46:36 . 2013-01-09 11:12:18 51712 ----a-w- C:\Windows\SysWow64\esrb.rs ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Ad-Aware Antivirus"="C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X] "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 14:39:05 41208] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 07:35:28 946352] "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 12:08:14 59720] "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 17:36:46 30040] "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 11:35:28 152392] "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 08:04:54 252848] "Ad-Aware Browsing Protection"="C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" [2013-01-31 15:11:58 542632] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service] @="Ad-Aware Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc] @="Service" [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe "Hotkey Utility"=C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe R0 gfibto;gfibto;C:\Windows\system32\drivers\gfibto.sys [2013-03-04 07:01:07 14456] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 12:27:14 138576] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys [2000-01-01 00:00:00 246376] R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 03:24:33 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 03:23:47 31232] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-09-07 15:38:22 147288] R3 VBoxNetFlt;VirtualBox Bridged Networking Service;C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-31 21:20:55 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 16:10:10 57184] S0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 16:02:18 17720] S0 sptd;sptd;C:\Windows\\SystemRoot\System32\Drivers\sptd.sys [x] S0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NAVx64\1402010.016\SYMDS64.SYS [2012-10-04 01:40:20 493216] S0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NAVx64\1402010.016\SYMEFA64.SYS [2012-10-04 01:40:35 1133216] S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-01-16 02:51:11 1388120] S1 ccSet_MCLIENT;Norton Management Settings Manager;C:\Windows\system32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys [2012-10-04 01:19:14 168096] S1 ccSet_NAV;Norton AntiVirus Settings Manager;C:\Windows\system32\drivers\NAVx64\1402010.016\ccSetx64.sys [2012-08-20 19:50:10 168096] S1 ccSet_NST;Norton Identity Safe Settings Manager;C:\Windows\system32\drivers\NSTx64\7DD03000.01A\ccSetx64.sys [2012-11-16 02:18:04 168096] S1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130301.002\IDSvia64.sys [2013-01-05 06:18:02 513184] S1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NAVx64\1402010.016\Ironx64.SYS [2012-09-07 01:48:08 224416] S1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\Drivers\NAVx64\1402010.016\SYMNETS.SYS [2012-09-07 02:05:14 432800] S2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2013-02-21 04:37:06 1236336] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 01:32:32 13336] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe [2011-01-17 14:00:50 164520] S2 Live Updater Service;Live Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2011-01-31 20:55:14 244624] S2 MCLIENT;Norton Management;C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe [2012-10-11 02:29:13 143928] S2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\20.2.1.22\ccSvcHst.exe [2012-12-05 01:40:03 143928] S2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.0.26\ccSvcHst.exe [2012-12-24 03:33:29 144520] S2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2012-09-20 04:39:12 3677000] S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 05:24:42 2656280] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-18 01:00:00 138912] S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 16:28:16 317440] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-02-25 05:45:06 1629648 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe Inhoud van de 'Gedeelde Taken' map 2013-03-04 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-26 15:13:47 . 2011-10-26 15:13:43] 2013-03-04 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-26 15:13:47 . 2011-10-26 15:13:43] --------- X64 Entries ----------- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-12-17 18:50:30 755816 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-12-17 18:50:30 755816 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-12-17 18:50:30 755816 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-12-17 18:50:30 755816 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-11 00:20:42 11580520] "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2012-03-19 21:44:20 398616] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache ------- Bijkomende Scan ------- uLocal Page = C:\Windows\system32\blank.htm uStart Page = hxxp://internetradio.vrt.be/radiospeler/v2_prod/wmp.html?qsbrand=11 mLocal Page = C:\WINDOWS\system32\blank.htm uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.132 195.130.130.4 - - - - ORPHANS VERWIJDERD - - - - Toolbar-Locked - (no file) Toolbar-10 - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file) WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file) WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file) ********************************************************************* Hebben jullie enig idee hoe ik dit kan verhelpen? Alvast bedankt voor alle reacties!

Combofix is verwijderd en het probleem lijkt opgelost. Allen bedankt voor de goede raad!

Dit zal ik uitvoeren wanneer ik nog eens bij dat familielid op bezoek ben. Maar zal dit dan niet het probleem dat nu opgelost is doen terugkeren?