MichelVonk

Super alles opgelost, hartelijk dank

Ik kan echter combofix niet uninstalleren. als ik in mijn zoekbalk combofix /uninstall doe, dan loopt mijn laptop vast. Erg opmerkelijk, daarnaast kan ik handmatig Qoobox niet verwijderen uit mijn C:, omdat ik geen administrator ben, terwijl mijn account waarop ik dat doe wel een administrator is. Erg krom dus

Google Chrome is weer actief, ik kan het weer gebruiken. Zou je nog even mijn combofix na kunnen kijken of alles in orde is? Het werkt in ieder geval wel weer, Super bedankt voor je hulp! Top!

ComboFix 12-10-26.05 - Michel 27-10-2012 12:04:09.2.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.16277.13635 [GMT 2:00] Gestart vanuit: c:\users\Michel\Desktop\Malware en Recuva\ComboFix.exe gebruikte Opdracht switches :: c:\users\Michel\Desktop\CFScript.txt AV: Lavasoft Ad-Aware *Enabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800} AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B} SP: Lavasoft Ad-Aware *Enabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD} SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\adawaretb c:\program files (x86)\adawaretb\adawareDx.dll c:\program files (x86)\adawaretb\adawaretb.dll c:\program files (x86)\adawaretb\adawaretb.xml c:\program files (x86)\adawaretb\chrome\content\custom.js c:\program files (x86)\adawaretb\chrome\content\lib\about.xml c:\program files (x86)\adawaretb\chrome\content\lib\dtxpanel.xul c:\program files (x86)\adawaretb\chrome\content\lib\dtxpaneltransparent.xul c:\program files (x86)\adawaretb\chrome\content\lib\dtxpanelwin.xul c:\program files (x86)\adawaretb\chrome\content\lib\dtxprefwin.xul c:\program files (x86)\adawaretb\chrome\content\lib\dtxtransparentwin.xul c:\program files (x86)\adawaretb\chrome\content\lib\dtxwin.xul c:\program files (x86)\adawaretb\chrome\content\lib\emailnotifierproviders.xml c:\program files (x86)\adawaretb\chrome\content\lib\external.js c:\program files (x86)\adawaretb\chrome\content\lib\neterror.xhtml c:\program files (x86)\adawaretb\chrome\content\lib\rsspreview.html c:\program files (x86)\adawaretb\chrome\content\lib\rsswin.xml c:\program files (x86)\adawaretb\chrome\content\lib\rsswin.xsl c:\program files (x86)\adawaretb\chrome\content\modules\datastore.jsm c:\program files (x86)\adawaretb\chrome\content\modules\nsDragAndDrop.js c:\program files (x86)\adawaretb\chrome\content\newtab\images\bullet.gif c:\program files (x86)\adawaretb\chrome\content\newtab\images\field_bg.gif c:\program files (x86)\adawaretb\chrome\content\newtab\images\powered_by_yahoo.gif c:\program files (x86)\adawaretb\chrome\content\newtab\newtab.html c:\program files (x86)\adawaretb\chrome\content\preferences.xml c:\program files (x86)\adawaretb\chrome\content\toolbar.htm c:\program files (x86)\adawaretb\chrome\content\toolbar.xul c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\ClearBrowserDataDialog.xml c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\tb_icon.png c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\widget.js c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\widget.xml c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.ToolbarCleaner\tb_icon.png c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.ToolbarCleaner\widget.js c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.ToolbarCleaner\widget.xml c:\program files (x86)\adawaretb\chrome\data\search\engines.xml c:\program files (x86)\adawaretb\chrome\data\search\search.xsl c:\program files (x86)\adawaretb\chrome\locale\lib\de.js c:\program files (x86)\adawaretb\chrome\locale\lib\en.js c:\program files (x86)\adawaretb\chrome\locale\lib\es.js c:\program files (x86)\adawaretb\chrome\locale\lib\fr.js c:\program files (x86)\adawaretb\chrome\locale\lib\it.js c:\program files (x86)\adawaretb\chrome\locale\toolbar\de.js c:\program files (x86)\adawaretb\chrome\locale\toolbar\en.js c:\program files (x86)\adawaretb\chrome\locale\toolbar\es.js c:\program files (x86)\adawaretb\chrome\locale\toolbar\fr.js c:\program files (x86)\adawaretb\chrome\locale\toolbar\it.js c:\program files (x86)\adawaretb\chrome\skin\blekko16.png c:\program files (x86)\adawaretb\chrome\skin\bluelite.gif c:\program files (x86)\adawaretb\chrome\skin\bluesky.gif c:\program files (x86)\adawaretb\chrome\skin\btn-safe-de.png c:\program files (x86)\adawaretb\chrome\skin\btn-safe-en.png c:\program files (x86)\adawaretb\chrome\skin\btn-safe-es.png c:\program files (x86)\adawaretb\chrome\skin\btn-safe-fr.png c:\program files (x86)\adawaretb\chrome\skin\btn-safe-it.png c:\program files (x86)\adawaretb\chrome\skin\btn-safe.png c:\program files (x86)\adawaretb\chrome\skin\btn-search-de-over.png c:\program files (x86)\adawaretb\chrome\skin\btn-search-de.png c:\program files (x86)\adawaretb\chrome\skin\btn-search-en-over.png c:\program files (x86)\adawaretb\chrome\skin\btn-search-en.png c:\program files (x86)\adawaretb\chrome\skin\btn-search-es-over.png c:\program files (x86)\adawaretb\chrome\skin\btn-search-es.png c:\program files (x86)\adawaretb\chrome\skin\btn-search-fr-over.png c:\program files (x86)\adawaretb\chrome\skin\btn-search-fr.png c:\program files (x86)\adawaretb\chrome\skin\btn-search-it-over.png c:\program files (x86)\adawaretb\chrome\skin\btn-search-it.png c:\program files (x86)\adawaretb\chrome\skin\btn-settings-over.png c:\program files (x86)\adawaretb\chrome\skin\btn-settings.png c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe-de.png c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe-en.png c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe-es.png c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe-fr.png c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe-it.png c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe.png c:\program files (x86)\adawaretb\chrome\skin\custom.css c:\program files (x86)\adawaretb\chrome\skin\dictionary.png c:\program files (x86)\adawaretb\chrome\skin\downloadcom.png c:\program files (x86)\adawaretb\chrome\skin\facebook.png c:\program files (x86)\adawaretb\chrome\skin\games.png c:\program files (x86)\adawaretb\chrome\skin\grey.gif c:\program files (x86)\adawaretb\chrome\skin\ico-cleaner.png c:\program files (x86)\adawaretb\chrome\skin\ico-clear.png c:\program files (x86)\adawaretb\chrome\skin\images.png c:\program files (x86)\adawaretb\chrome\skin\lib\add.png c:\program files (x86)\adawaretb\chrome\skin\lib\aol.png c:\program files (x86)\adawaretb\chrome\skin\lib\arrow-dn.gif c:\program files (x86)\adawaretb\chrome\skin\lib\arrow-right-disabled.gif c:\program files (x86)\adawaretb\chrome\skin\lib\arrow-right.gif c:\program files (x86)\adawaretb\chrome\skin\lib\arrow-up.gif c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btn-end.png c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btn-mdl.png c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btn-mdl_ff.png c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btn-start.png c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btnover-end.png c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btnover-mdl.png c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btnover-mdl_ff.png c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btnover-start.png c:\program files (x86)\adawaretb\chrome\skin\lib\blank.gif c:\program files (x86)\adawaretb\chrome\skin\lib\btnback-down-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\btnback-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\btnleft-down-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\btnleft-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\btnright-down-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\btnright-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\button-splitter-down-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\button-splitter-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\checkmark.png c:\program files (x86)\adawaretb\chrome\skin\lib\chevron.png c:\program files (x86)\adawaretb\chrome\skin\lib\collapse.png c:\program files (x86)\adawaretb\chrome\skin\lib\comcast.png c:\program files (x86)\adawaretb\chrome\skin\lib\dtx.css c:\program files (x86)\adawaretb\chrome\skin\lib\edit-back-hot.png c:\program files (x86)\adawaretb\chrome\skin\lib\edit-back.png c:\program files (x86)\adawaretb\chrome\skin\lib\expand.png c:\program files (x86)\adawaretb\chrome\skin\lib\found.png c:\program files (x86)\adawaretb\chrome\skin\lib\gmail.png c:\program files (x86)\adawaretb\chrome\skin\lib\highlight.png c:\program files (x86)\adawaretb\chrome\skin\lib\highlight_blue.png c:\program files (x86)\adawaretb\chrome\skin\lib\highlight_cyan.png c:\program files (x86)\adawaretb\chrome\skin\lib\highlight_lime.png c:\program files (x86)\adawaretb\chrome\skin\lib\highlight_magenta.png c:\program files (x86)\adawaretb\chrome\skin\lib\highlight_yellow.png c:\program files (x86)\adawaretb\chrome\skin\lib\hotmail.png c:\program files (x86)\adawaretb\chrome\skin\lib\imap.png c:\program files (x86)\adawaretb\chrome\skin\lib\lastsearch-thumb-back.gif c:\program files (x86)\adawaretb\chrome\skin\lib\loadingMid.gif c:\program files (x86)\adawaretb\chrome\skin\lib\lock.png c:\program files (x86)\adawaretb\chrome\skin\lib\mailcom.png c:\program files (x86)\adawaretb\chrome\skin\lib\menu_bg-basic.png c:\program files (x86)\adawaretb\chrome\skin\lib\menu_separator_bar.png c:\program files (x86)\adawaretb\chrome\skin\lib\menuitem-splitter.png c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemback-down-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemback-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemleft-down-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemleft-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemright-down-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemright-vista.png c:\program files (x86)\adawaretb\chrome\skin\lib\modify.png c:\program files (x86)\adawaretb\chrome\skin\lib\move.gif c:\program files (x86)\adawaretb\chrome\skin\lib\movetarget.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\css\ie-only.css c:\program files (x86)\adawaretb\chrome\skin\lib\panels\css\ie7-only.css c:\program files (x86)\adawaretb\chrome\skin\lib\panels\css\popupAbout.css c:\program files (x86)\adawaretb\chrome\skin\lib\panels\css\popupWidgets.css c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\css\dialog.css c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\bg.gif c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\btn-close-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\btn-close.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\btn-wide-close-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\btn-wide-close.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\default.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\footer-short-left.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\footer-short-middle.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\footer-short-right.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\titlebar-left.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\titlebar-middle.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\titlebar-right.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\transparent.gif c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\win-btm-left.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\win-btm-mdl.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\win-btm-right-resize.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\win-btm-right.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\main.html c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\scripts\defscript.js c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ajax-loader.gif c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\apps-bg-gradient-grid.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\apps-hover.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\appsfeatured-bg-gradient-grid.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\arrow-down-white.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\arrow-left.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\arrow-right.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\arrow-sml-drop.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\arrow-sml.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\arrowr-bluew5.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\bg-aboutbox.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\bg-btnover.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\bg-pnl520x390.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\bg-scrollbar-thumb-y.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\bg-scrollbar-track-y.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\bg-scrollbar-trackend-y.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-add-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-add.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-addtoolbar-left.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-addtoolbar-right.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-close-grey-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-close-grey.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-close-greyover.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-close-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-close.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-dark-left22-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-dark-left22.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-dark-middle22-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-dark-middle22.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-dark-right22-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-dark-right22.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-drag.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-install.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-launch-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-launch.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-mdl-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-mdl.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-next-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-next.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-previous-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-previous.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-right-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-search-pnlbtm.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\categories-bg-gradient-grid.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\featured-bg-btm-gradient.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\footer-short-left.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\footer-short-middle.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\footer-short-right.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\gamethumb-on.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ico-box-next.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ico-calendar.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ico-download.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ico-info-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ico-info.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ico-pref-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ico-pref.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ico-tags.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ico-user-monitor.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\icon-Add.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\icon-Info.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\left-menu-hover.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\menul-bgon.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\menul-bgover.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\panel-botm-noscroll.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scroll-bg-206.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scroll-bg.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scroll-topwin.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollb-disable.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollb-down.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollb-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollb.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollt-disable.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollt-down.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollt-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollt.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\searchbox-pnlbtm.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\searchbox.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\shadow-leftmenu.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\star.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\star_blank.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\star_x_grey.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\star_x_orange.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\throbber.gif c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\titlebar-left.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\titlebar-middle.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\titlebar-right.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\topbar-inside-gradient.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\TRUSTe_about.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\view-detailed-on.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\view-detailed-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\view-thumb-on.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\view-thumb-over.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\widgets-square-16px.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\widgets-square-24px.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\win-bottom-middleglow.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\win-left-bottomglow.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\win-left-middleglow.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\win-left-topglow.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\win-right-bottomglow.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\win-right-middleglow.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\win-right-topglow.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\win-top-middleglow.png c:\program files (x86)\adawaretb\chrome\skin\lib\panels\js\default.js c:\program files (x86)\adawaretb\chrome\skin\lib\panels\js\jquery-ui.js c:\program files (x86)\adawaretb\chrome\skin\lib\panels\js\jquery.js c:\program files (x86)\adawaretb\chrome\skin\lib\panels\js\jquery.tinyscrollbar.js c:\program files (x86)\adawaretb\chrome\skin\lib\panels\js\jquery.tinyscrollbar.min.js c:\program files (x86)\adawaretb\chrome\skin\lib\panels\js\jquery.url.js c:\program files (x86)\adawaretb\chrome\skin\lib\panels\js\kendo.all.min.js c:\program files (x86)\adawaretb\chrome\skin\lib\panels\popupWidgets.html c:\program files (x86)\adawaretb\chrome\skin\lib\pop.png c:\program files (x86)\adawaretb\chrome\skin\lib\radio.png c:\program files (x86)\adawaretb\chrome\skin\lib\reload.png c:\program files (x86)\adawaretb\chrome\skin\lib\remove.png c:\program files (x86)\adawaretb\chrome\skin\lib\rename.gif c:\program files (x86)\adawaretb\chrome\skin\lib\resize-box.gif c:\program files (x86)\adawaretb\chrome\skin\lib\rss.png c:\program files (x86)\adawaretb\chrome\skin\lib\rsschannelback.png c:\program files (x86)\adawaretb\chrome\skin\lib\RSSLogo.png c:\program files (x86)\adawaretb\chrome\skin\lib\rsstabdivider.gif c:\program files (x86)\adawaretb\chrome\skin\lib\scroll-left.png c:\program files (x86)\adawaretb\chrome\skin\lib\scroll-right.png c:\program files (x86)\adawaretb\chrome\skin\lib\search-go.png c:\program files (x86)\adawaretb\chrome\skin\lib\search.png c:\program files (x86)\adawaretb\chrome\skin\lib\text-ellipsis.xml c:\program files (x86)\adawaretb\chrome\skin\lib\throbber.gif c:\program files (x86)\adawaretb\chrome\skin\lib\toolbarsplitter.gif c:\program files (x86)\adawaretb\chrome\skin\lib\transparent_1px.gif c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_02.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_03.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_04.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_06.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_07.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_08.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_09.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_10.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_11.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_12.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_13.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_14.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_15.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_16.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_18.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_19.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_20.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_21.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\btn-close-grey.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\btn-close-greyover.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\close-hot.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\close-normal.png c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\loadingMid.gif c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\paneltemplate.html c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\proxy.html c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\template.html c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\template.xml c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\templateFF.html c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\throbber.gif c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\icons\cond999.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\icons\icons.xml c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\icons\na-s.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\icons\na.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\icons\weather.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\add.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\box-check.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\ico-check.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\options-weather.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\over-blue.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\over-orange.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\popupWeather.css c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\popupWeather.html c:\program files (x86)\adawaretb\chrome\skin\lib\yahoo.png c:\program files (x86)\adawaretb\chrome\skin\lichen.gif c:\program files (x86)\adawaretb\chrome\skin\logo-about.png c:\program files (x86)\adawaretb\chrome\skin\logo-over.png c:\program files (x86)\adawaretb\chrome\skin\logo.png c:\program files (x86)\adawaretb\chrome\skin\modify-save.png c:\program files (x86)\adawaretb\chrome\skin\modify.png c:\program files (x86)\adawaretb\chrome\skin\music.png c:\program files (x86)\adawaretb\chrome\skin\news.png c:\program files (x86)\adawaretb\chrome\skin\options\options-main.png c:\program files (x86)\adawaretb\chrome\skin\options\options-search.png c:\program files (x86)\adawaretb\chrome\skin\options\options-weather.png c:\program files (x86)\adawaretb\chrome\skin\options\options-widgets.png c:\program files (x86)\adawaretb\chrome\skin\orange.gif c:\program files (x86)\adawaretb\chrome\skin\search-background-de.png c:\program files (x86)\adawaretb\chrome\skin\search-background-en.png c:\program files (x86)\adawaretb\chrome\skin\search-background-es.png c:\program files (x86)\adawaretb\chrome\skin\search-background-fr.png c:\program files (x86)\adawaretb\chrome\skin\search-background-it.png c:\program files (x86)\adawaretb\chrome\skin\search-background.png c:\program files (x86)\adawaretb\chrome\skin\shopping.png c:\program files (x86)\adawaretb\chrome\skin\skin-bluelite.png c:\program files (x86)\adawaretb\chrome\skin\skin-bluesky.png c:\program files (x86)\adawaretb\chrome\skin\skin-grey.png c:\program files (x86)\adawaretb\chrome\skin\skin-lichen.png c:\program files (x86)\adawaretb\chrome\skin\skin-orange.png c:\program files (x86)\adawaretb\chrome\skin\skin-yellow.png c:\program files (x86)\adawaretb\chrome\skin\technorati.png c:\program files (x86)\adawaretb\chrome\skin\throbber.gif c:\program files (x86)\adawaretb\chrome\skin\toolbarsplitter.png c:\program files (x86)\adawaretb\chrome\skin\vertical_separator.png c:\program files (x86)\adawaretb\chrome\skin\web.png c:\program files (x86)\adawaretb\chrome\skin\wikipedia.png c:\program files (x86)\adawaretb\chrome\skin\yellow.gif c:\program files (x86)\adawaretb\chrome\skin\youtube.png c:\program files (x86)\adawaretb\components\windowmediator.js c:\program files (x86)\adawaretb\dtUser.exe c:\program files (x86)\adawaretb\ffHelper.exe c:\program files (x86)\adawaretb\ieUtils.exe c:\program files (x86)\adawaretb\install.ico c:\program files (x86)\adawaretb\manifest.xml c:\program files (x86)\adawaretb\search.ico c:\program files (x86)\adawaretb\uninstall.exe c:\users\Michel\AppData\Local\{9A51B9F7-E6AF-4C55-9C1E-E02A701F9C0C} c:\users\Michel\AppData\Local\{9A51B9F7-E6AF-4C55-9C1E-E02A701F9C0C}\1043.MST c:\users\Michel\AppData\Local\{9A51B9F7-E6AF-4C55-9C1E-E02A701F9C0C}\Vodafone Mobile Connect.msi . . (((((((((((((((((((( Bestanden Gemaakt van 2012-09-27 to 2012-10-27 )))))))))))))))))))))))))))))) . . 2012-10-27 10:08 . 2012-10-27 10:08 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-10-27 10:08 . 2012-10-27 10:08 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-10-26 13:21 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A013C114-236B-42C5-9F45-67C8A495D0CF}\mpengine.dll 2012-10-26 12:13 . 2012-10-27 09:54 -------- d-----w- c:\users\Michel\AppData\Roaming\LavasoftStatistics 2012-10-26 09:37 . 2012-10-26 09:37 -------- d-----w- c:\users\Michel\AppData\Roaming\Malwarebytes 2012-10-26 09:37 . 2012-10-26 09:37 -------- d-----w- c:\programdata\Malwarebytes 2012-10-26 09:37 . 2012-10-26 09:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-10-26 09:37 . 2012-09-29 17:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-26 06:58 . 2012-10-26 06:58 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-26 06:58 . 2012-10-26 06:58 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-26 06:58 . 2012-10-26 06:58 -------- d-----w- c:\windows\system32\Macromed 2012-10-26 05:46 . 2011-12-19 11:21 45936 ----a-w- c:\windows\system32\sbbd.exe 2012-10-26 05:46 . 2011-12-19 10:44 60536 ----a-w- c:\windows\system32\drivers\sbhips.sys 2012-10-26 05:46 . 2011-10-26 12:23 57976 ----a-w- c:\windows\system32\drivers\sbredrv.sys 2012-10-26 05:46 . 2012-10-26 05:46 -------- d-----w- c:\programdata\Lavasoft 2012-10-26 05:46 . 2012-10-26 05:52 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus 2012-10-26 05:46 . 2012-10-26 05:46 -------- d-----w- c:\users\Michel\AppData\Local\Downloaded Installations 2012-10-26 05:45 . 2012-10-26 05:45 -------- d-----w- c:\users\Michel\AppData\Local\adawarebp 2012-10-26 05:45 . 2012-10-27 09:54 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection 2012-10-26 05:45 . 2012-10-26 05:45 -------- d-----w- c:\program files (x86)\Toolbar Cleaner 2012-10-26 05:44 . 2012-10-26 12:13 -------- d-----w- c:\users\Michel\AppData\Roaming\Ad-Aware Antivirus 2012-10-24 17:21 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-10-20 09:50 . 2012-10-04 10:35 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3DD0AD7D-C31D-499B-B530-CB755620B945}\gapaengine.dll 2012-10-10 16:41 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys 2012-10-01 09:01 . 2012-10-01 09:01 -------- d-----w- c:\users\Michel\AppData\Roaming\FLEXnet 2012-10-01 08:55 . 2012-10-01 08:55 -------- d-----w- c:\users\Michel\AppData\Roaming\Vodafone 2012-10-01 08:55 . 2009-11-04 14:59 117120 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys 2012-10-01 08:55 . 2009-11-04 14:59 133632 ----a-w- c:\windows\system32\drivers\ewusbnet.sys 2012-10-01 08:55 . 2009-11-04 14:59 114304 ----a-w- c:\windows\system32\drivers\ewusbfake.sys 2012-10-01 08:54 . 2012-10-01 08:54 -------- d-----w- c:\programdata\Vodafone 2012-10-01 08:54 . 2012-10-01 08:54 -------- d-----w- c:\program files (x86)\Vodafone 2012-09-30 19:40 . 2012-09-30 19:40 -------- d-----w- c:\windows\SysWow64\Macromed 2012-09-27 15:45 . 2012-09-27 15:45 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-09-27 15:45 . 2012-09-24 21:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-09-27 15:45 . 2012-10-25 18:14 -------- d-----w- c:\program files (x86)\Java . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-12 15:37 . 2012-05-15 08:19 65309168 ----a-w- c:\windows\system32\MRT.exe 2012-10-04 10:35 . 2012-06-13 15:22 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-10-02 22:21 . 2012-09-15 17:45 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll 2012-10-02 22:21 . 2012-05-12 17:16 1760104 ----a-w- c:\windows\system32\nvdispco64.dll 2012-10-02 22:21 . 2012-05-12 17:16 973672 ----a-w- c:\windows\system32\nvumdshimx.dll 2012-10-02 22:21 . 2012-05-12 17:16 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2012-10-02 22:21 . 2012-05-12 17:16 247144 ----a-w- c:\windows\system32\nvinitx.dll 2012-10-02 22:21 . 2012-05-12 17:16 202600 ----a-w- c:\windows\SysWow64\nvinit.dll 2012-10-02 22:21 . 2012-05-12 17:16 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll 2012-10-02 22:21 . 2012-05-12 17:16 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-10-02 22:21 . 2012-05-12 17:16 2731880 ----a-w- c:\windows\system32\nvapi64.dll 2012-10-02 22:21 . 2012-05-12 17:16 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-10-02 19:51 . 2012-05-12 17:16 3536817 ----a-w- c:\windows\system32\nvcoproc.bin 2012-10-02 19:51 . 2012-05-12 17:16 3293544 ----a-w- c:\windows\system32\nvsvc64.dll 2012-10-02 19:51 . 2012-05-12 17:16 6200680 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 19:50 . 2012-05-12 17:16 891240 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:50 . 2012-05-12 17:16 866664 ----a-w- c:\windows\system32\nv3dappshext.dll 2012-10-02 19:50 . 2012-05-12 17:16 63336 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 19:50 . 2012-05-12 17:16 55144 ----a-w- c:\windows\system32\nv3dappshextr.dll 2012-10-02 19:50 . 2012-05-12 17:16 2557800 ----a-w- c:\windows\system32\nvsvcr.dll 2012-10-02 19:50 . 2012-05-12 17:16 118120 ----a-w- c:\windows\system32\nvmctray.dll 2012-09-27 15:45 . 2012-05-14 11:12 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-09-27 15:45 . 2012-05-14 11:12 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-08-30 20:03 . 2012-08-30 20:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-08-30 20:03 . 2012-03-20 18:44 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-08-24 11:15 . 2012-09-25 15:01 17810944 ----a-w- c:\windows\system32\mshtml.dll 2012-08-24 10:39 . 2012-09-25 15:01 10925568 ----a-w- c:\windows\system32\ieframe.dll 2012-08-24 10:31 . 2012-09-25 15:01 2312704 ----a-w- c:\windows\system32\jscript9.dll 2012-08-24 10:22 . 2012-09-25 15:01 1346048 ----a-w- c:\windows\system32\urlmon.dll 2012-08-24 10:21 . 2012-09-25 15:01 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-08-24 10:20 . 2012-09-25 15:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-24 10:18 . 2012-09-25 15:01 237056 ----a-w- c:\windows\system32\url.dll 2012-08-24 10:17 . 2012-09-25 15:01 85504 ----a-w- c:\windows\system32\jsproxy.dll 2012-08-24 10:14 . 2012-09-25 15:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-08-24 10:14 . 2012-09-25 15:01 816640 ----a-w- c:\windows\system32\jscript.dll 2012-08-24 10:13 . 2012-09-25 15:01 599040 ----a-w- c:\windows\system32\vbscript.dll 2012-08-24 10:12 . 2012-09-25 15:01 2144768 ----a-w- c:\windows\system32\iertutil.dll 2012-08-24 10:11 . 2012-09-25 15:01 729088 ----a-w- c:\windows\system32\msfeeds.dll 2012-08-24 10:10 . 2012-09-25 15:01 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-08-24 10:09 . 2012-09-25 15:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-08-24 10:04 . 2012-09-25 15:01 248320 ----a-w- c:\windows\system32\ieui.dll 2012-08-24 06:59 . 2012-09-25 15:01 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-08-24 06:51 . 2012-09-25 15:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll 2012-08-24 06:51 . 2012-09-25 15:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-08-24 06:47 . 2012-09-25 15:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-08-24 06:47 . 2012-09-25 15:01 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2012-08-24 06:43 . 2012-09-25 15:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-08-22 18:12 . 2012-09-12 17:10 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-08-22 18:12 . 2012-09-12 17:10 950128 ----a-w- c:\windows\system32\drivers\ndis.sys 2012-08-22 18:12 . 2012-09-12 17:10 376688 ----a-w- c:\windows\system32\drivers\netio.sys 2012-08-22 18:12 . 2012-09-12 17:10 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-08-21 21:01 . 2012-09-26 15:45 245760 ----a-w- c:\windows\system32\OxpsConverter.exe 2012-08-20 17:38 . 2012-10-10 16:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-08-02 17:58 . 2012-09-12 17:10 574464 ----a-w- c:\windows\system32\d3d10level9.dll 2012-08-02 16:57 . 2012-09-12 17:10 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X] "THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-01 1374720] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440] "USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "MobileConnect"="c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2009-11-16 2463744] "Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-08-08 540056] . c:\users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Hotkey.lnk - c:\program files (x86)\Hotkey\Hotkey.exe [2012-3-17 4729344] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service] @="Ad-Aware Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-26 250808] R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-02-17 276248] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-11-04 133632] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-05-16 1432400] R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2009-11-04 114304] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896] R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2011-12-19 60536] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x] R3 VMfilt;VMfilt;c:\windows\system32\drivers\VMfilt64.sys [2009-07-31 25600] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-18 1255736] S0 iusb3hcs;Intel® USB 3.0 hostcontrollerswitch-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-26 16152] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-02 30056] S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2011-10-26 57976] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-09-20 1236368] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928] S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592] S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448] S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-02-07 128280] S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-02 1258856] S2 PowerBiosServer;PowerBiosServer;c:\program files (x86)\Hotkey\PowerBiosServer.exe [2011-02-18 35328] S2 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032] S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [2011-11-29 74872] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-02-07 363800] S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-11-16 9216] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2011-12-05 196904] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 331264] S3 iusb3hub;Intel® USB 3.0 hub-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-26 356120] S3 iusb3xhc;Intel® USB 3.0 uitbreidbare hostcontroller-stuurprogramma;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-26 787736] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928] S3 MEIx64;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-03 677480] S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-12-22 876136] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . Inhoud van de 'Gedeelde Taken' map . 2012-10-27 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-26 06:58] . 2012-10-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3600737594-1630505132-1445678362-1000Core.job - c:\users\Michel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-12 17:26] . 2012-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3600737594-1630505132-1445678362-1000UA.job - c:\users\Michel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-12 17:26] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-17 170264] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-17 398616] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-17 440600] "CECAPLF"="c:\program files (x86)\ChiconyCam\CECAPLF.exe" [2011-07-06 121456] "THXCfg64"="c:\windows\system32\THXCfg64.dll" [2010-09-14 25600] "ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\Michel\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm IE: Free YouTube to MP3 Converter - c:\users\Michel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm TCP: DhcpNameServer = 192.168.1.254 192.168.2.1 . - - - - ORPHANS VERWIJDERD - - - - . BHO-{6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files (x86)\adawaretb\adawareDx.dll AddRemove-adawaretb - c:\program files (x86)\adawaretb\uninstall.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-10-27 12:09:34 ComboFix-quarantined-files.txt 2012-10-27 10:09 ComboFix2.txt 2012-10-26 13:04 . Pre-Run: 72.323.497.984 bytes beschikbaar Post-Run: 72.247.267.328 bytes beschikbaar . - - End Of File - - C5ADD7ACDB663A7C33035CCD285FD8E7

Dit is mijn Combofix lijst. Nogal een waslijst, hoop dat je er wat uit kan halen: ComboFix 12-10-26.01 - Michel 26-10-2012 14:48:16.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.16277.13072 [GMT 2:00] Gestart vanuit: c:\users\Michel\Desktop\Malware en Recuva\ComboFix.exe AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800} AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B} SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_nvsvc . . (((((((((((((((((((( Bestanden Gemaakt van 2012-09-26 to 2012-10-26 )))))))))))))))))))))))))))))) . . 2012-10-26 12:13 . 2012-10-26 12:13 -------- d-----w- c:\users\Michel\AppData\Roaming\LavasoftStatistics 2012-10-26 09:37 . 2012-10-26 09:37 -------- d-----w- c:\users\Michel\AppData\Roaming\Malwarebytes 2012-10-26 09:37 . 2012-10-26 09:37 -------- d-----w- c:\programdata\Malwarebytes 2012-10-26 09:37 . 2012-10-26 09:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-10-26 09:37 . 2012-09-29 17:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-26 06:58 . 2012-10-26 06:58 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-26 06:58 . 2012-10-26 06:58 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-26 06:58 . 2012-10-26 06:58 -------- d-----w- c:\windows\system32\Macromed 2012-10-26 05:46 . 2011-12-19 11:21 45936 ----a-w- c:\windows\system32\sbbd.exe 2012-10-26 05:46 . 2011-12-19 10:44 60536 ----a-w- c:\windows\system32\drivers\sbhips.sys 2012-10-26 05:46 . 2011-10-26 12:23 57976 ----a-w- c:\windows\system32\drivers\sbredrv.sys 2012-10-26 05:46 . 2012-10-26 05:46 -------- d-----w- c:\programdata\Lavasoft 2012-10-26 05:46 . 2012-10-26 05:52 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus 2012-10-26 05:46 . 2012-10-26 05:46 -------- d-----w- c:\users\Michel\AppData\Local\Downloaded Installations 2012-10-26 05:45 . 2012-10-26 05:45 -------- d-----w- c:\users\Michel\AppData\Local\adawarebp 2012-10-26 05:45 . 2012-10-26 12:18 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection 2012-10-26 05:45 . 2012-10-26 05:45 -------- d-----w- c:\program files (x86)\Toolbar Cleaner 2012-10-26 05:45 . 2012-10-26 05:45 -------- d-----w- c:\program files (x86)\adawaretb 2012-10-26 05:44 . 2012-10-26 12:13 -------- d-----w- c:\users\Michel\AppData\Roaming\Ad-Aware Antivirus 2012-10-25 18:11 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{505753A3-8BEF-4EA6-A050-449F532DF8B6}\mpengine.dll 2012-10-24 17:21 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-10-20 09:50 . 2012-10-04 10:35 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3DD0AD7D-C31D-499B-B530-CB755620B945}\gapaengine.dll 2012-10-10 16:41 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys 2012-10-01 09:01 . 2012-10-01 09:01 -------- d-----w- c:\users\Michel\AppData\Roaming\FLEXnet 2012-10-01 08:55 . 2012-10-01 08:55 -------- d-----w- c:\users\Michel\AppData\Roaming\Vodafone 2012-10-01 08:55 . 2009-11-04 14:59 117120 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys 2012-10-01 08:55 . 2009-11-04 14:59 133632 ----a-w- c:\windows\system32\drivers\ewusbnet.sys 2012-10-01 08:55 . 2009-11-04 14:59 114304 ----a-w- c:\windows\system32\drivers\ewusbfake.sys 2012-10-01 08:54 . 2012-10-01 08:54 -------- d-----w- c:\programdata\Vodafone 2012-10-01 08:54 . 2012-10-01 08:54 -------- d-----w- c:\program files (x86)\Vodafone 2012-10-01 08:54 . 2012-10-01 08:54 -------- d-----w- c:\users\Michel\AppData\Local\{9A51B9F7-E6AF-4C55-9C1E-E02A701F9C0C} 2012-09-30 19:40 . 2012-09-30 19:40 -------- d-----w- c:\windows\SysWow64\Macromed 2012-09-27 15:45 . 2012-09-27 15:45 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-09-27 15:45 . 2012-09-24 21:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-09-27 15:45 . 2012-10-25 18:14 -------- d-----w- c:\program files (x86)\Java 2012-09-26 15:45 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-12 15:37 . 2012-05-15 08:19 65309168 ----a-w- c:\windows\system32\MRT.exe 2012-10-04 10:35 . 2012-06-13 15:22 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-10-02 22:21 . 2012-09-15 17:45 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll 2012-10-02 22:21 . 2012-05-12 17:16 1760104 ----a-w- c:\windows\system32\nvdispco64.dll 2012-10-02 22:21 . 2012-05-12 17:16 973672 ----a-w- c:\windows\system32\nvumdshimx.dll 2012-10-02 22:21 . 2012-05-12 17:16 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2012-10-02 22:21 . 2012-05-12 17:16 247144 ----a-w- c:\windows\system32\nvinitx.dll 2012-10-02 22:21 . 2012-05-12 17:16 202600 ----a-w- c:\windows\SysWow64\nvinit.dll 2012-10-02 22:21 . 2012-05-12 17:16 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll 2012-10-02 22:21 . 2012-05-12 17:16 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-10-02 22:21 . 2012-05-12 17:16 2731880 ----a-w- c:\windows\system32\nvapi64.dll 2012-10-02 22:21 . 2012-05-12 17:16 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-10-02 19:51 . 2012-05-12 17:16 3536817 ----a-w- c:\windows\system32\nvcoproc.bin 2012-10-02 19:51 . 2012-05-12 17:16 3293544 ----a-w- c:\windows\system32\nvsvc64.dll 2012-10-02 19:51 . 2012-05-12 17:16 6200680 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 19:50 . 2012-05-12 17:16 891240 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:50 . 2012-05-12 17:16 866664 ----a-w- c:\windows\system32\nv3dappshext.dll 2012-10-02 19:50 . 2012-05-12 17:16 63336 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 19:50 . 2012-05-12 17:16 55144 ----a-w- c:\windows\system32\nv3dappshextr.dll 2012-10-02 19:50 . 2012-05-12 17:16 2557800 ----a-w- c:\windows\system32\nvsvcr.dll 2012-10-02 19:50 . 2012-05-12 17:16 118120 ----a-w- c:\windows\system32\nvmctray.dll 2012-09-27 15:45 . 2012-05-14 11:12 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-09-27 15:45 . 2012-05-14 11:12 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-08-30 20:03 . 2012-08-30 20:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-08-30 20:03 . 2012-03-20 18:44 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-08-24 11:15 . 2012-09-25 15:01 17810944 ----a-w- c:\windows\system32\mshtml.dll 2012-08-24 10:39 . 2012-09-25 15:01 10925568 ----a-w- c:\windows\system32\ieframe.dll 2012-08-24 10:31 . 2012-09-25 15:01 2312704 ----a-w- c:\windows\system32\jscript9.dll 2012-08-24 10:22 . 2012-09-25 15:01 1346048 ----a-w- c:\windows\system32\urlmon.dll 2012-08-24 10:21 . 2012-09-25 15:01 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-08-24 10:20 . 2012-09-25 15:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-24 10:18 . 2012-09-25 15:01 237056 ----a-w- c:\windows\system32\url.dll 2012-08-24 10:17 . 2012-09-25 15:01 85504 ----a-w- c:\windows\system32\jsproxy.dll 2012-08-24 10:14 . 2012-09-25 15:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-08-24 10:14 . 2012-09-25 15:01 816640 ----a-w- c:\windows\system32\jscript.dll 2012-08-24 10:13 . 2012-09-25 15:01 599040 ----a-w- c:\windows\system32\vbscript.dll 2012-08-24 10:12 . 2012-09-25 15:01 2144768 ----a-w- c:\windows\system32\iertutil.dll 2012-08-24 10:11 . 2012-09-25 15:01 729088 ----a-w- c:\windows\system32\msfeeds.dll 2012-08-24 10:10 . 2012-09-25 15:01 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-08-24 10:09 . 2012-09-25 15:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-08-24 10:04 . 2012-09-25 15:01 248320 ----a-w- c:\windows\system32\ieui.dll 2012-08-24 06:59 . 2012-09-25 15:01 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-08-24 06:51 . 2012-09-25 15:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll 2012-08-24 06:51 . 2012-09-25 15:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-08-24 06:47 . 2012-09-25 15:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-08-24 06:47 . 2012-09-25 15:01 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2012-08-24 06:43 . 2012-09-25 15:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-08-22 18:12 . 2012-09-12 17:10 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-08-22 18:12 . 2012-09-12 17:10 950128 ----a-w- c:\windows\system32\drivers\ndis.sys 2012-08-22 18:12 . 2012-09-12 17:10 376688 ----a-w- c:\windows\system32\drivers\netio.sys 2012-08-22 18:12 . 2012-09-12 17:10 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-08-20 17:38 . 2012-10-10 16:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-08-02 17:58 . 2012-09-12 17:10 574464 ----a-w- c:\windows\system32\d3d10level9.dll 2012-08-02 16:57 . 2012-09-12 17:10 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}] 2012-09-20 20:06 87448 ----a-w- c:\program files (x86)\adawaretb\adawareDx.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files (x86)\adawaretb\adawareDx.dll" [2012-09-20 87448] . [HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 94208 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X] "THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-01 1374720] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440] "USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "MobileConnect"="c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2009-11-16 2463744] "Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-08-08 540056] . c:\users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Hotkey.lnk - c:\program files (x86)\Hotkey\Hotkey.exe [2012-3-17 4729344] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service] @="Ad-Aware Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-26 250808] R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-02-17 276248] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-05-16 1432400] R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2009-11-04 114304] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896] R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2011-12-19 60536] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x] R3 VMfilt;VMfilt;c:\windows\system32\drivers\VMfilt64.sys [2009-07-31 25600] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-18 1255736] S0 iusb3hcs;Intel® USB 3.0 hostcontrollerswitch-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-26 16152] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-02 30056] S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2011-10-26 57976] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-09-20 1236368] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928] S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592] S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448] S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-02-07 128280] S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-02 1258856] S2 PowerBiosServer;PowerBiosServer;c:\program files (x86)\Hotkey\PowerBiosServer.exe [2011-02-18 35328] S2 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032] S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [2011-11-29 74872] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-02-07 363800] S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-11-16 9216] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2011-12-05 196904] S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-11-04 133632] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 331264] S3 iusb3hub;Intel® USB 3.0 hub-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-26 356120] S3 iusb3xhc;Intel® USB 3.0 uitbreidbare hostcontroller-stuurprogramma;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-26 787736] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928] S3 MEIx64;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-03 677480] S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-12-22 876136] S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2012-10-26 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-26 06:58] . 2012-10-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3600737594-1630505132-1445678362-1000Core.job - c:\users\Michel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-12 17:26] . 2012-10-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3600737594-1630505132-1445678362-1000UA.job - c:\users\Michel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-12 17:26] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-15 00:32 97792 ----a-w- c:\users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-17 170264] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-17 398616] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-17 440600] "CECAPLF"="c:\program files (x86)\ChiconyCam\CECAPLF.exe" [2011-07-06 121456] "THXCfg64"="c:\windows\system32\THXCfg64.dll" [2010-09-14 25600] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=60FB099F6D1CA4062D979B508A237F4E mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\Michel\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm IE: Free YouTube to MP3 Converter - c:\users\Michel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm TCP: DhcpNameServer = 62.140.140.251 62.140.138.233 . - - - - ORPHANS VERWIJDERD - - - - . HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe . ************************************************************************** . Voltooingstijd: 2012-10-26 15:04:49 - machine werd herstart ComboFix-quarantined-files.txt 2012-10-26 13:04 . Pre-Run: 72.293.470.208 bytes beschikbaar Post-Run: 72.304.041.984 bytes beschikbaar . - - End Of File - - FC8BD5D49453D5BA6EB475D0B791A598

Alleen als ik alles 'als administator open' dan kan ik m'n programma's gebruiken.

Heb dat gedaan, PC startte opnieuw op maar nu kan ik helemaal niks meer. Krijg bij elk programma dat ik wil openen een foutmelding. "Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleitel die is gemarkeerd voor verwijdering" Wat nu? Heb dit gepost via mijn telefoon omdat m'n laptop niks meer kan draaien.

Precies hetzelfde, krijg na het opstarten van Google Chrome een flits van mijn startpagina en daarna direct about:blank te zien.

Heb ADW Cleaner gebruikt, dit is de Log file die ik kreeg. # AdwCleaner v2.005 - Verslag gemaakt op 26/10/2012 om 14:15:15 # Geactualiseerd op 14/10/2012 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : Michel - MRMICHEL # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Michel\Desktop\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\user.js Map Verwijdert : C:\ProgramData\blekko toolbars Map Verwijdert : C:\Users\Michel\AppData\LocalLow\Softonic ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v22.0.1229.94 File : C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Preferences Verwijdert [l.48] : keyword = "blekko", ************************* AdwCleaner[s1].txt - [1455 octets] - [26/10/2012 14:15:15] ########## EOF - C:\AdwCleaner[s1].txt - [1515 octets] ##########

Heb Malwarebytes eroverheen gegooit, eerst snelle scan wat geen resultaat opleverde. Daarna volledige scan maar dat levert ook niks op. Chrome werkt nog steeds niet, wat nu? Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.1.1000 www.malwarebytes.org Databaseversie: v2012.10.26.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Michel :: MRMICHEL [administrator] Realtime bescherming: Ingeschakeld 26-10-2012 11:42:34 mbam-log-2012-10-26 (11-42-34).txt Scantype: Volledige scan (C:\|D:\|E:\|F:\|) Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 428158 Verstreken tijd: 54 minuut/minuten, 39 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

Goedendag, Na opstarten van Google Chrome krijg ik na een seconde de pagina te zien gelijk About:Blank. Heb al een virusscanner eroverheen gegooid. AD Aware ook geprobeert maar dat baat ook niet, heb even gegoogled naar mensen met hetzelfde probleem en toen kwam ik al terecht bij het bekende HiJackThis. Heb hieronder mijn logfile geplaatst. Ik hoop dat jullie mij hiermee kunnen helpen. Alvast bedankt, hieronder mijn log. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:58:53, on 26-10-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\ChiconyCam\CECAPLF.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Hotkey\Hotkey.exe C:\Users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\ProgramData\FLEXnet\Connect\11\agent.exe C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R74NRARW\Adaware_Installer.exe C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe C:\Program Files (x86)\adawaretb\ffHelper.exe C:\PROGRA~2\AD-AWA~1\AdAware.exe C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe C:\Users\Michel\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Lavasoft R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r O4 - HKLM\..\Run: [updReg] C:\Windows\UpdReg.EXE O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run O4 - HKCU\..\Run: [Google Update] "C:\Users\Michel\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f O4 - HKCU\..\RunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-21-3600737594-1630505132-1445678362-1000\..\Run: [Google Update] "C:\Users\Michel\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User '?') O4 - HKUS\S-1-5-21-3600737594-1630505132-1445678362-1000\..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f (User '?') O4 - HKUS\S-1-5-21-3600737594-1630505132-1445678362-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-21-3600737594-1630505132-1445678362-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - S-1-5-21-3600737594-1630505132-1445678362-1000 Startup: Dropbox.lnk = C:\Users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe (User '?') O4 - Startup: Dropbox.lnk = C:\Users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Michel\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Michel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13652 bytes