Ga naar inhoud

MikeSchellaars

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    6

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door MikeSchellaars

  1. MikeSchellaars
    Ik kan het nog steeds niet achter het probleem komen heb zo wat alles gedaan maar blijf maar terug komen nu krijg ik deze melding te zien eerst kreeg ik het niet mischien help het idk
  2. MikeSchellaars
    nog steeds het zelfde
  3. MikeSchellaars
    ComboFix 12-12-19.01 - Mike 19-12-2012 18:19:36.4.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6049.4478 [GMT 1:00] Gestart vanuit: c:\users\Mike\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\users\Mike\Desktop\CFScript..txt AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\50bcd2c768e4c@50b cd2c768e85.com" "c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\plugin@yontoo.com" "c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\torntv@torntv.com .xpi" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\TornTV.com . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-19 to 2012-12-19 )))))))))))))))))))))))))))))) . . 2012-12-19 17:27 . 2012-12-19 17:27 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-12-19 17:27 . 2012-12-19 17:27 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-18 19:43 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76252772-5675-4F19-A8D8-08DDBE610245}\mpengine.dll 2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\users\Mike\AppData\Roaming\Malwarebytes 2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\programdata\Malwarebytes 2012-12-17 19:45 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-12 19:32 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll 2012-12-12 19:32 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-12-12 19:30 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll 2012-12-12 19:30 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll 2012-12-12 16:33 . 2012-12-12 16:33 -------- d-----w- c:\users\Mike\AppData\Local\Adobe 2012-12-12 16:32 . 2012-12-12 17:56 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2012-12-04 12:20 . 2012-12-17 19:19 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2012-12-04 12:20 . 2012-12-12 17:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-12-04 12:15 . 2012-12-12 17:55 -------- d-----w- c:\program files (x86)\F-Secure 2012-12-04 12:11 . 2012-12-04 12:15 -------- d-----w- c:\programdata\F-Secure 2012-11-29 20:57 . 2012-12-04 09:21 -------- d-----w- c:\program files (x86)\GoforFiles 2012-11-29 20:57 . 2012-11-29 20:57 -------- d-----w- c:\users\Mike\AppData\Roaming\GoforFiles 2012-11-28 17:41 . 2012-11-28 17:42 -------- d-----w- c:\users\Mike\AppData\Local\DownTango 2012-11-28 17:41 . 2012-11-28 17:41 -------- d-----w- c:\program files (x86)\Red Sky 2012-11-21 11:58 . 2012-11-21 11:58 -------- d-----w- c:\program files (x86)\SystemRequirementsLab 2012-11-21 11:58 . 2012-11-21 11:58 -------- d-----w- c:\users\Mike\AppData\Roaming\SystemRequirementsLab 2012-11-19 18:42 . 2012-12-03 14:53 -------- d-----r- c:\users\Mike\Dropbox 2012-11-19 17:48 . 2012-12-17 18:46 -------- d-----w- c:\users\Mike\AppData\Roaming\Dropbox . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-19 17:12 . 2012-09-03 04:16 45056 ----a-w- c:\windows\system32\acovcnt.exe 2012-12-13 15:58 . 2012-09-07 04:21 67413224 ----a-w- c:\windows\system32\MRT.exe 2012-11-09 08:39 . 2012-11-09 08:39 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-11-09 08:39 . 2012-11-08 09:09 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-11-09 08:39 . 2012-11-08 09:09 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-11-05 19:09 . 2012-11-05 19:09 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2012-10-16 08:38 . 2012-11-27 23:22 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-11-27 23:22 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-11-27 23:22 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-10 01:22 . 2012-10-10 01:22 80384 ----a-w- c:\windows\system32\igdde64.dll 2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc 2012-10-10 01:22 . 2012-10-10 01:22 216064 ----a-w- c:\windows\system32\iglhcp64.dll 2012-10-10 01:22 . 2012-10-10 01:22 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll 2012-10-10 01:22 . 2012-10-10 01:22 5903392 ----a-w- c:\windows\system32\GfxUI.exe 2012-10-10 01:22 . 2012-10-10 01:22 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrhun.lrc 2012-10-10 01:22 . 2012-10-10 01:22 3776512 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll 2012-10-10 01:22 . 2012-10-10 01:22 10673664 ----a-w- c:\windows\SysWow64\ig4icd32.dll 2012-10-10 01:22 . 2012-10-10 01:22 64512 ----a-w- c:\windows\SysWow64\igdde32.dll 2012-10-10 01:22 . 2012-10-10 01:22 501760 ----a-w- c:\windows\system32\igfxcmrt64.dll 2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrus.lrc 2012-10-10 01:22 . 2012-10-10 01:22 431104 ----a-w- c:\windows\system32\igfxrkor.lrc 2012-10-10 01:22 . 2012-10-10 01:22 410624 ----a-w- c:\windows\system32\igfxTMM.dll 2012-10-10 01:22 . 2011-07-12 03:29 12836864 ----a-w- c:\windows\system32\igd10umd64.dll 2012-10-10 01:22 . 2011-07-12 03:29 110592 ----a-w- c:\windows\system32\hccutils.dll 2012-10-10 01:22 . 2012-10-10 01:22 330240 ----a-w- c:\windows\SysWow64\igfxdv32.dll 2012-10-10 01:22 . 2011-07-12 03:29 12604416 ----a-w- c:\windows\system32\igdumd64.dll 2012-10-10 01:22 . 2012-10-10 01:22 441888 ----a-w- c:\windows\system32\igfxpers.exe 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc 2012-10-10 01:22 . 2012-10-10 01:22 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll 2012-10-10 01:22 . 2012-10-10 01:22 5343584 ----a-w- c:\windows\system32\drivers\igdkmd64.sys 2012-10-10 01:22 . 2012-10-10 01:22 448512 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll 2012-10-10 01:22 . 2012-10-10 01:22 441856 ----a-w- c:\windows\system32\igfxdev.dll 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrnld.lrc 2012-10-10 01:22 . 2012-10-10 01:22 399392 ----a-w- c:\windows\system32\hkcmd.exe 2012-10-10 01:22 . 2012-10-10 01:22 272928 ----a-w- c:\windows\system32\igvpkrng600.bin 2012-10-10 01:22 . 2012-10-10 01:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl 2012-10-10 01:22 . 2012-10-10 01:22 116224 ----a-w- c:\windows\system32\igfxCoIn_v2867.dll 2012-10-10 01:22 . 2011-07-12 03:29 63488 ----a-w- c:\windows\system32\igfxsrvc.dll 2012-10-10 01:22 . 2011-07-12 03:29 9007616 ----a-w- c:\windows\system32\igfxress.dll 2012-10-10 01:22 . 2012-10-10 01:22 604160 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll 2012-10-10 01:22 . 2012-10-10 01:22 4571136 ----a-w- c:\windows\system32\igfxcmjit64.dll 2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxresn.lrc 2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrom.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrsve.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrslv.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrnor.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrdan.lrc 2012-10-10 01:22 . 2012-10-10 01:22 277024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe 2012-10-10 01:22 . 2012-10-10 01:22 185376 ----a-w- c:\windows\system32\difx64.exe 2012-10-10 01:22 . 2012-10-10 01:22 173568 ----a-w- c:\windows\system32\gfxSrvc.dll 2012-10-10 01:22 . 2012-10-10 01:22 12887040 ----a-w- c:\windows\system32\ig4icd64.dll 2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrheb.lrc 2012-10-10 01:22 . 2012-10-10 01:22 429056 ----a-w- c:\windows\system32\igfxrcht.lrc 2012-10-10 01:22 . 2012-10-10 01:22 171040 ----a-w- c:\windows\system32\igfxtray.exe 2012-10-10 01:22 . 2011-07-12 03:29 11158528 ----a-w- c:\windows\SysWow64\igd10umd32.dll 2012-10-10 01:22 . 2012-10-10 01:22 509984 ----a-w- c:\windows\system32\igfxsrvc.exe 2012-10-10 01:22 . 2012-10-10 01:22 440320 ----a-w- c:\windows\system32\igfxrell.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrptg.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrplk.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrita.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrfin.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrtha.lrc 2012-10-10 01:22 . 2012-10-10 01:22 428544 ----a-w- c:\windows\system32\igfxrchs.lrc 2012-10-10 01:22 . 2012-10-10 01:22 286208 ----a-w- c:\windows\system32\igfxrenu.lrc 2012-10-10 01:22 . 2012-10-10 01:22 142336 ----a-w- c:\windows\system32\igfxdo.dll 2012-10-10 01:22 . 2012-10-10 01:22 963452 ----a-w- c:\windows\system32\igcodeckrng600.bin 2012-10-10 01:22 . 2012-10-10 01:22 482304 ----a-w- c:\windows\system32\igfx11cmrt64.dll 2012-10-10 01:22 . 2012-10-10 01:22 386048 ----a-w- c:\windows\system32\igfxpph.dll 2012-10-10 01:22 . 2012-10-10 01:22 524800 ----a-w- c:\windows\system32\iglhsip64.dll 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrsky.lrc 2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrara.lrc 2012-10-10 01:22 . 2012-10-10 01:22 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc 2012-10-10 01:22 . 2012-10-10 01:22 28672 ----a-w- c:\windows\system32\igfxexps.dll 2012-10-10 01:22 . 2012-10-10 01:22 252448 ----a-w- c:\windows\system32\igfxext.exe 2012-10-10 01:22 . 2011-07-12 03:29 11040256 ----a-w- c:\windows\SysWow64\igdumd32.dll 2012-10-10 01:22 . 2012-10-10 01:22 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll 2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxrfra.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrptb.lrc 2012-10-09 18:17 . 2012-11-15 05:11 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-10-09 18:17 . 2012-11-15 05:11 226816 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-10-09 17:40 . 2012-11-15 05:11 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll 2012-10-09 17:40 . 2012-11-15 05:11 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll 2012-10-09 16:09 . 2012-09-03 08:37 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-09 16:09 . 2012-09-03 08:37 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-09 15:35 . 2012-09-03 04:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2012-10-09 15:35 . 2012-09-03 04:14 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll 2012-10-08 10:42 . 2012-10-08 10:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2012-10-08 10:42 . 2012-10-08 10:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-10-08 10:42 . 2012-10-08 10:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll 2012-10-08 10:42 . 2012-10-08 10:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll 2012-10-08 10:42 . 2012-10-08 10:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-10-08 10:42 . 2012-10-08 10:42 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-10-08 10:42 . 2012-10-08 10:42 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-10-08 10:42 . 2012-09-03 03:52 973672 ----a-w- c:\windows\system32\nvumdshimx.dll 2012-10-08 10:42 . 2012-10-08 10:42 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-10-08 10:42 . 2012-10-08 10:42 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-10-08 10:42 . 2012-10-08 10:42 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "midi2"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x] R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-05 1255736] R3 X6va010;X6va010;c:\windows\SysWOW64\Drivers\X6va010 [x] R4 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520] R4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400] R4 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912] R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000] R4 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488] R4 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056] S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-11-05 30568] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] S2 fshoster;F-Secure Dll Hoster;c:\program files (x86)\F-Secure\fshoster32.exe [2012-10-19 183864] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280] S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-05 711112] S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832] S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376] S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456] S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272] S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024] S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-02-25 302592] S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-02-25 81920] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136] . . Inhoud van de 'Gedeelde Taken' map . 2012-12-19 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-03 16:09] . 2012-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2353280605-2388377470-476608550-1001Core.job - c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 12:04] . 2012-12-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2353280605-2388377470-476608550-1001UA.job - c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 12:04] . 2012-12-19 c:\windows\Tasks\SDMsgUpdate (TE).job - c:\progra~2\SMARTD~1\Messages\SDNotify.exe [2012-09-18 18:22] . 2012-12-19 c:\windows\Tasks\SpeedUpMyPC.job - c:\program files (x86)\Uniblue\SpeedUpMyPC\sump.exe [2012-09-16 18:44] . 2012-12-19 c:\windows\Tasks\spmonitor.job - c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2012-09-16 18:44] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B] @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}" [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O] @="{64174815-8D98-4CE6-8646-4C039977D808}" [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384] "ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848] "AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120] "AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552] "snp2uvc"="c:\windows\vsnp2uvc.exe" [2010-01-21 909824] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SYSTEM32\blank.htm TCP: DhcpNameServer = 192.168.2.254 192.168.50.1 FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://google.nl/ FF - ExtSQL: 2012-11-28 18:47; torntv@torntv.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\torntv@torntv.com.xpi FF - ExtSQL: 2012-12-03 17:26; 50bcd2c768e4c@50bcd2c768e85.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\50bcd2c768e4c@50bcd2c768e85.com . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) AddRemove-1ClickDownload - c:\program files (x86)\TornTV.com\uninst.exe AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fshoster] "ImagePath"="\"c:\program files (x86)\F-Secure\fshoster32.exe\" -hosterid:0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va010] "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va010" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\F-Secure\My Services Agent\Protected] @Denied: ) (Everyone) "AgentIdentifier"="" "AuthorizationCode"="" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-12-19 18:29:04 ComboFix-quarantined-files.txt 2012-12-19 17:29 ComboFix2.txt 2012-12-19 14:11 ComboFix3.txt 2012-12-19 12:23 ComboFix4.txt 2012-12-19 12:06 . Pre-Run: 369.450.672.128 bytes beschikbaar Post-Run: 369.762.684.928 bytes beschikbaar . - - End Of File - - 254CD0B14720F000F711AF637B81F8D9
  4. MikeSchellaars
    ComboFix 12-12-19.01 - Mike 19-12-2012 14:59:58.3.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6049.4470 [GMT 1:00] Gestart vanuit: c:\users\Mike\Downloads\ComboFix.exe AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Mozilla Firefox\searchplugins\search.xml c:\windows\msvcr71.dll c:\windows\wininit.ini . Besmet exemplaar van c:\windows\SysWow64\userinit.exe werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - c:\windows\erdnt\cache86\userinit.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-19 to 2012-12-19 )))))))))))))))))))))))))))))) . . 2012-12-19 14:06 . 2012-12-19 14:06 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-12-19 14:06 . 2012-12-19 14:06 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-18 19:43 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76252772-5675-4F19-A8D8-08DDBE610245}\mpengine.dll 2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\users\Mike\AppData\Roaming\Malwarebytes 2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\programdata\Malwarebytes 2012-12-17 19:45 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-12 19:32 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll 2012-12-12 19:32 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-12-12 19:30 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll 2012-12-12 19:30 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll 2012-12-12 16:33 . 2012-12-12 16:33 -------- d-----w- c:\users\Mike\AppData\Local\Adobe 2012-12-12 16:32 . 2012-12-12 17:56 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2012-12-04 12:20 . 2012-12-17 19:19 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2012-12-04 12:20 . 2012-12-12 17:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-12-04 12:15 . 2012-12-12 17:55 -------- d-----w- c:\program files (x86)\F-Secure 2012-12-04 12:11 . 2012-12-04 12:15 -------- d-----w- c:\programdata\F-Secure 2012-11-29 20:57 . 2012-12-04 09:21 -------- d-----w- c:\program files (x86)\GoforFiles 2012-11-29 20:57 . 2012-11-29 20:57 -------- d-----w- c:\users\Mike\AppData\Roaming\GoforFiles 2012-11-28 17:47 . 2012-12-04 20:00 -------- d-----w- c:\program files (x86)\TornTV.com 2012-11-28 17:41 . 2012-11-28 17:42 -------- d-----w- c:\users\Mike\AppData\Local\DownTango 2012-11-28 17:41 . 2012-11-28 17:41 -------- d-----w- c:\program files (x86)\Red Sky 2012-11-21 11:58 . 2012-11-21 11:58 -------- d-----w- c:\program files (x86)\SystemRequirementsLab 2012-11-21 11:58 . 2012-11-21 11:58 -------- d-----w- c:\users\Mike\AppData\Roaming\SystemRequirementsLab 2012-11-19 18:42 . 2012-12-03 14:53 -------- d-----r- c:\users\Mike\Dropbox 2012-11-19 17:48 . 2012-12-17 18:46 -------- d-----w- c:\users\Mike\AppData\Roaming\Dropbox . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-19 14:07 . 2012-09-03 04:16 45056 ----a-w- c:\windows\system32\acovcnt.exe 2012-12-13 15:58 . 2012-09-07 04:21 67413224 ----a-w- c:\windows\system32\MRT.exe 2012-11-09 08:39 . 2012-11-09 08:39 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-11-09 08:39 . 2012-11-08 09:09 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-11-09 08:39 . 2012-11-08 09:09 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-11-05 19:09 . 2012-11-05 19:09 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2012-10-16 08:38 . 2012-11-27 23:22 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-11-27 23:22 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-11-27 23:22 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-10 01:22 . 2012-10-10 01:22 80384 ----a-w- c:\windows\system32\igdde64.dll 2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc 2012-10-10 01:22 . 2012-10-10 01:22 216064 ----a-w- c:\windows\system32\iglhcp64.dll 2012-10-10 01:22 . 2012-10-10 01:22 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll 2012-10-10 01:22 . 2012-10-10 01:22 5903392 ----a-w- c:\windows\system32\GfxUI.exe 2012-10-10 01:22 . 2012-10-10 01:22 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrhun.lrc 2012-10-10 01:22 . 2012-10-10 01:22 3776512 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll 2012-10-10 01:22 . 2012-10-10 01:22 10673664 ----a-w- c:\windows\SysWow64\ig4icd32.dll 2012-10-10 01:22 . 2012-10-10 01:22 64512 ----a-w- c:\windows\SysWow64\igdde32.dll 2012-10-10 01:22 . 2012-10-10 01:22 501760 ----a-w- c:\windows\system32\igfxcmrt64.dll 2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrus.lrc 2012-10-10 01:22 . 2012-10-10 01:22 431104 ----a-w- c:\windows\system32\igfxrkor.lrc 2012-10-10 01:22 . 2012-10-10 01:22 410624 ----a-w- c:\windows\system32\igfxTMM.dll 2012-10-10 01:22 . 2011-07-12 03:29 12836864 ----a-w- c:\windows\system32\igd10umd64.dll 2012-10-10 01:22 . 2011-07-12 03:29 110592 ----a-w- c:\windows\system32\hccutils.dll 2012-10-10 01:22 . 2012-10-10 01:22 330240 ----a-w- c:\windows\SysWow64\igfxdv32.dll 2012-10-10 01:22 . 2011-07-12 03:29 12604416 ----a-w- c:\windows\system32\igdumd64.dll 2012-10-10 01:22 . 2012-10-10 01:22 441888 ----a-w- c:\windows\system32\igfxpers.exe 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc 2012-10-10 01:22 . 2012-10-10 01:22 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll 2012-10-10 01:22 . 2012-10-10 01:22 5343584 ----a-w- c:\windows\system32\drivers\igdkmd64.sys 2012-10-10 01:22 . 2012-10-10 01:22 448512 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll 2012-10-10 01:22 . 2012-10-10 01:22 441856 ----a-w- c:\windows\system32\igfxdev.dll 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrnld.lrc 2012-10-10 01:22 . 2012-10-10 01:22 399392 ----a-w- c:\windows\system32\hkcmd.exe 2012-10-10 01:22 . 2012-10-10 01:22 272928 ----a-w- c:\windows\system32\igvpkrng600.bin 2012-10-10 01:22 . 2012-10-10 01:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl 2012-10-10 01:22 . 2012-10-10 01:22 116224 ----a-w- c:\windows\system32\igfxCoIn_v2867.dll 2012-10-10 01:22 . 2011-07-12 03:29 63488 ----a-w- c:\windows\system32\igfxsrvc.dll 2012-10-10 01:22 . 2011-07-12 03:29 9007616 ----a-w- c:\windows\system32\igfxress.dll 2012-10-10 01:22 . 2012-10-10 01:22 604160 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll 2012-10-10 01:22 . 2012-10-10 01:22 4571136 ----a-w- c:\windows\system32\igfxcmjit64.dll 2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxresn.lrc 2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrom.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrsve.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrslv.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrnor.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrdan.lrc 2012-10-10 01:22 . 2012-10-10 01:22 277024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe 2012-10-10 01:22 . 2012-10-10 01:22 185376 ----a-w- c:\windows\system32\difx64.exe 2012-10-10 01:22 . 2012-10-10 01:22 173568 ----a-w- c:\windows\system32\gfxSrvc.dll 2012-10-10 01:22 . 2012-10-10 01:22 12887040 ----a-w- c:\windows\system32\ig4icd64.dll 2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrheb.lrc 2012-10-10 01:22 . 2012-10-10 01:22 429056 ----a-w- c:\windows\system32\igfxrcht.lrc 2012-10-10 01:22 . 2012-10-10 01:22 171040 ----a-w- c:\windows\system32\igfxtray.exe 2012-10-10 01:22 . 2011-07-12 03:29 11158528 ----a-w- c:\windows\SysWow64\igd10umd32.dll 2012-10-10 01:22 . 2012-10-10 01:22 509984 ----a-w- c:\windows\system32\igfxsrvc.exe 2012-10-10 01:22 . 2012-10-10 01:22 440320 ----a-w- c:\windows\system32\igfxrell.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrptg.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrplk.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrita.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrfin.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrtha.lrc 2012-10-10 01:22 . 2012-10-10 01:22 428544 ----a-w- c:\windows\system32\igfxrchs.lrc 2012-10-10 01:22 . 2012-10-10 01:22 286208 ----a-w- c:\windows\system32\igfxrenu.lrc 2012-10-10 01:22 . 2012-10-10 01:22 142336 ----a-w- c:\windows\system32\igfxdo.dll 2012-10-10 01:22 . 2012-10-10 01:22 963452 ----a-w- c:\windows\system32\igcodeckrng600.bin 2012-10-10 01:22 . 2012-10-10 01:22 482304 ----a-w- c:\windows\system32\igfx11cmrt64.dll 2012-10-10 01:22 . 2012-10-10 01:22 386048 ----a-w- c:\windows\system32\igfxpph.dll 2012-10-10 01:22 . 2012-10-10 01:22 524800 ----a-w- c:\windows\system32\iglhsip64.dll 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrsky.lrc 2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrara.lrc 2012-10-10 01:22 . 2012-10-10 01:22 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc 2012-10-10 01:22 . 2012-10-10 01:22 28672 ----a-w- c:\windows\system32\igfxexps.dll 2012-10-10 01:22 . 2012-10-10 01:22 252448 ----a-w- c:\windows\system32\igfxext.exe 2012-10-10 01:22 . 2011-07-12 03:29 11040256 ----a-w- c:\windows\SysWow64\igdumd32.dll 2012-10-10 01:22 . 2012-10-10 01:22 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll 2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxrfra.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrptb.lrc 2012-10-09 18:17 . 2012-11-15 05:11 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-10-09 18:17 . 2012-11-15 05:11 226816 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-10-09 17:40 . 2012-11-15 05:11 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll 2012-10-09 17:40 . 2012-11-15 05:11 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll 2012-10-09 16:09 . 2012-09-03 08:37 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-09 16:09 . 2012-09-03 08:37 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-09 15:35 . 2012-09-03 04:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2012-10-09 15:35 . 2012-09-03 04:14 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll 2012-10-08 10:42 . 2012-10-08 10:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2012-10-08 10:42 . 2012-10-08 10:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-10-08 10:42 . 2012-10-08 10:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll 2012-10-08 10:42 . 2012-10-08 10:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll 2012-10-08 10:42 . 2012-10-08 10:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-10-08 10:42 . 2012-10-08 10:42 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-10-08 10:42 . 2012-10-08 10:42 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-10-08 10:42 . 2012-09-03 03:52 973672 ----a-w- c:\windows\system32\nvumdshimx.dll 2012-10-08 10:42 . 2012-10-08 10:42 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-10-08 10:42 . 2012-10-08 10:42 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-10-08 10:42 . 2012-10-08 10:42 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "midi2"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x] R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-05 1255736] R3 X6va010;X6va010;c:\windows\SysWOW64\Drivers\X6va010 [x] R4 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520] R4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400] R4 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912] R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000] R4 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488] R4 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056] S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-11-05 30568] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] S2 fshoster;F-Secure Dll Hoster;c:\program files (x86)\F-Secure\fshoster32.exe [2012-10-19 183864] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280] S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-05 711112] S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832] S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376] S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456] S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272] S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024] S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-02-25 302592] S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-02-25 81920] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136] . . Inhoud van de 'Gedeelde Taken' map . 2012-12-19 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-03 16:09] . 2012-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2353280605-2388377470-476608550-1001Core.job - c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 12:04] . 2012-12-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2353280605-2388377470-476608550-1001UA.job - c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 12:04] . 2012-12-19 c:\windows\Tasks\SDMsgUpdate (TE).job - c:\progra~2\SMARTD~1\Messages\SDNotify.exe [2012-09-18 18:22] . 2012-12-19 c:\windows\Tasks\SpeedUpMyPC.job - c:\program files (x86)\Uniblue\SpeedUpMyPC\sump.exe [2012-09-16 18:44] . 2012-12-19 c:\windows\Tasks\spmonitor.job - c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2012-09-16 18:44] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B] @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}" [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O] @="{64174815-8D98-4CE6-8646-4C039977D808}" [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384] "ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848] "AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120] "AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552] "snp2uvc"="c:\windows\vsnp2uvc.exe" [2010-01-21 909824] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SYSTEM32\blank.htm TCP: DhcpNameServer = 10.0.104.10 10.0.104.12 10.0.104.13 FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://google.nl/ FF - ExtSQL: 2012-11-05 20:09; avg@toolbar; c:\programdata\AVG Secure Search\FireFoxExt\13.2.0.5 FF - ExtSQL: 2012-11-28 18:47; torntv@torntv.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\torntv@torntv.com.xpi FF - ExtSQL: 2012-12-03 17:26; 50bcd2c768e4c@50bcd2c768e85.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\50bcd2c768e4c@50bcd2c768e85.com FF - ExtSQL: 2012-12-04 20:58; plugin@yontoo.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\plugin@yontoo.com . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) AddRemove-1ClickDownload - c:\program files (x86)\TornTV.com\uninst.exe AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fshoster] "ImagePath"="\"c:\program files (x86)\F-Secure\fshoster32.exe\" -hosterid:0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va010] "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va010" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\F-Secure\My Services Agent\Protected] @Denied: ) (Everyone) "AgentIdentifier"="" "AuthorizationCode"="" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe c:\users\Mike\AppData\Local\Pokki\v0.260.8.396\pokki.exe c:\users\Mike\AppData\Local\Pokki\v0.260.8.396\pokki.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe c:\users\Mike\AppData\Local\Pokki\v0.260.8.396\pokki.exe c:\users\Mike\AppData\Local\Pokki\v0.260.8.396\pokki.exe . ************************************************************************** . Voltooingstijd: 2012-12-19 15:11:16 - machine werd herstart ComboFix-quarantined-files.txt 2012-12-19 14:11 ComboFix2.txt 2012-12-19 12:23 ComboFix3.txt 2012-12-19 12:06 . Pre-Run: 370.554.982.400 bytes beschikbaar Post-Run: 370.468.159.488 bytes beschikbaar . - - End Of File - - FEEAB525FA6E8237E985589FFB09CA08 # AdwCleaner v2.101 - Verslag gemaakt op 19/12/2012 om 14:55:24 # Geactualiseerd op 16/12/2012 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : Mike - MIKE-PC # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Mike\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** Gestopt & Verwijdert : Browser Manager Gestopt & Verwijdert : Web Assistant Updater ***** [Files / Mappen] ***** File Verwijdert : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml File Verwijdert : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml File Verwijdert : C:\user.js File Verwijdert : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\bprotector_extensions.sqlite File Verwijdert : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\bprotector_prefs.js File Verwijdert : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\searchplugins\mngr.xml Map Verwijdert : C:\Program Files (x86)\AVG Secure Search Map Verwijdert : C:\Program Files (x86)\Conduit Map Verwijdert : C:\Program Files (x86)\FilesFrog Update Checker Map Verwijdert : C:\Program Files (x86)\MocaFlix Map Verwijdert : C:\Program Files (x86)\Perion Map Verwijdert : C:\Program Files\Web Assistant Map Verwijdert : C:\ProgramData\Anti-phishing Domain Advisor Map Verwijdert : C:\ProgramData\AVG Secure Search Map Verwijdert : C:\ProgramData\blekko toolbars Map Verwijdert : C:\ProgramData\Browser Manager Map Verwijdert : C:\ProgramData\InstallMate Map Verwijdert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs Map Verwijdert : C:\ProgramData\Partner Map Verwijdert : C:\ProgramData\Premium Map Verwijdert : C:\ProgramData\SaveAs Map Verwijdert : C:\ProgramData\Tarma Installer Map Verwijdert : C:\Users\Mike\AppData\Local\AVG Secure Search Map Verwijdert : C:\Users\Mike\AppData\Local\Conduit Map Verwijdert : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Map Verwijdert : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn Map Verwijdert : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc Map Verwijdert : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohd****efph Map Verwijdert : C:\Users\Mike\AppData\LocalLow\AVG Secure Search Map Verwijdert : C:\Users\Mike\AppData\LocalLow\BabylonToolbar Map Verwijdert : C:\Users\Mike\AppData\LocalLow\Conduit Map Verwijdert : C:\Users\Mike\AppData\LocalLow\SaveAs Map Verwijdert : C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker Map Verwijdert : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\CT2849859 Map Verwijdert : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591} Map Verwijdert : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\plugin@yontoo.com Map Verwijdert : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\Smartbar Verwijdert bij het opstarten : C:\Program Files (x86)\Common Files\AVG Secure Search ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\AVG Secure Search Sleutel Verwijdert : HKCU\Software\DataMngr_Toolbar Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKCU\Software\Somoto Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Sleutel Verwijdert : HKLM\Software\AVG Secure Search Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\b Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2849859 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Api Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Layers Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1 Sleutel Verwijdert : HKLM\Software\DataMngr Sleutel Verwijdert : HKLM\Software\Iminent Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Sleutel Verwijdert : HKLM\Software\Web Assistant Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohd****efph Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SP_8e4eb48d Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Sleutel Verwijdert : HKLM\SOFTWARE\Web Assistant Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] Waarde Verwijdert : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}] Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v17.0.1 (en-US) Profielnaam : default File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\prefs.js C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\user.js ... Verwijdert ! Verwijdert : user_pref("CT2849859.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2849859.FirstTime", "true"); Verwijdert : user_pref("CT2849859.FirstTimeFF3", "true"); Verwijdert : user_pref("CT2849859.RevertSettingsEnabled", true); Verwijdert : user_pref("CT2849859.UserID", "UN85796985077481378"); Verwijdert : user_pref("CT2849859.fixUrls", true); Verwijdert : user_pref("CT2849859.isCheckedStartAsHidden", true); Verwijdert : user_pref("CT2849859.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2849859.isFirstTimeToolbarLoading", "false"); Verwijdert : user_pref("CT2849859.isPerformedSmartBarTransition", "true"); Verwijdert : user_pref("CT2849859.migrateAppsAndComponents", true); Verwijdert : user_pref("CT2849859.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...] Verwijdert : user_pref("CT2849859.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2849859.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2849859.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Verwijdert : user_pref("CT2849859.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Verwijdert : user_pref("CT2849859.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Verwijdert : user_pref("CT2849859.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT2849859.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT2849859.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Verwijdert : user_pref("CT2849859.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1353325013717"); Verwijdert : user_pref("CT2849859.serviceLayer_services_appsMetadata_lastUpdate", "1353324800329"); Verwijdert : user_pref("CT2849859.serviceLayer_services_clientErrorLog_lastUpdate", "1353333986162"); Verwijdert : user_pref("CT2849859.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1353324893521"); Verwijdert : user_pref("CT2849859.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1353324893626"); Verwijdert : user_pref("CT2849859.serviceLayer_services_searchAPI_lastUpdate", "1353324893714"); Verwijdert : user_pref("CT2849859.serviceLayer_services_serviceMap_lastUpdate", "1355904373395"); Verwijdert : user_pref("CT2849859.serviceLayer_services_toolbarContextMenu_lastUpdate", "1353324893495"); Verwijdert : user_pref("CT2849859.serviceLayer_services_toolbarSettings_lastUpdate", "1355920050081"); Verwijdert : user_pref("CT2849859.serviceLayer_services_translation_lastUpdate", "1355904376671"); Verwijdert : user_pref("CT2849859.settingsINI", true); Verwijdert : user_pref("CT2849859.smartbar.CTID", "CT2849859"); Verwijdert : user_pref("CT2849859.smartbar.Uninstall", "0"); Verwijdert : user_pref("CT2849859.smartbar.isHidden", true); Verwijdert : user_pref("CT2849859.smartbar.toolbarName", "BittorrentBar_NL "); Verwijdert : user_pref("CT2849859.startPage", "userChanged"); Verwijdert : user_pref("CT2849859.toolbarBornServerTime", "19-11-2012"); Verwijdert : user_pref("CT2849859.toolbarCurrentServerTime", "19-11-2012"); Verwijdert : user_pref("CT2849859_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Verwijdert : user_pref("aol_toolbar.default.homepage.check", false); Verwijdert : user_pref("aol_toolbar.default.search.check", false); Verwijdert : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\13.2.0.5"); Verwijdert : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=109220&tt=4912_8&babsrc=NT_ss&mntr[...] Verwijdert : user_pref("browser.search.defaultenginename", "WebSearch"); Verwijdert : user_pref("browser.search.defaultenginename,S", "WebSearch"); Verwijdert : user_pref("browser.search.defaultthis.engineName", "WebSearch"); Verwijdert : user_pref("browser.search.defaulturl", "hxxp://websearch.mocaflix.com/?l=1&q="); Verwijdert : user_pref("browser.search.order.1", "WebSearch"); Verwijdert : user_pref("browser.search.order.1,S", "WebSearch"); Verwijdert : user_pref("browser.search.selectedEngine,S", "WebSearch"); Verwijdert : user_pref("extensions.50bcd2c768ef8.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...] Verwijdert : user_pref("extensions.BabylonToolbar.admin", false); Verwijdert : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Verwijdert : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); Verwijdert : user_pref("extensions.BabylonToolbar.autoRvrt", "false"); Verwijdert : user_pref("extensions.BabylonToolbar.bbDpng", "10"); Verwijdert : user_pref("extensions.BabylonToolbar.cntry", "NL"); Verwijdert : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Verwijdert : user_pref("extensions.BabylonToolbar.dpkLst", ""); Verwijdert : user_pref("extensions.BabylonToolbar.excTlbr", false); Verwijdert : user_pref("extensions.BabylonToolbar.hdrMd5", "54DB6BA63E7B7D635D6C967693C89A8E"); Verwijdert : user_pref("extensions.BabylonToolbar.id", "98be2cd90000000000005404a61f5d88"); Verwijdert : user_pref("extensions.BabylonToolbar.instlDay", "15678"); Verwijdert : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Verwijdert : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"59\",\"lastVrsn\":\"59\",\"vrsnLoad\[...] Verwijdert : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 0); Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 0); Verwijdert : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Verwijdert : user_pref("extensions.BabylonToolbar.rvrt", "false"); Verwijdert : user_pref("extensions.BabylonToolbar.sg", "azb"); Verwijdert : user_pref("extensions.BabylonToolbar.smplGrp", "azb"); Verwijdert : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Verwijdert : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Verwijdert : user_pref("extensions.BabylonToolbar.vrsn", "1.8.4.9"); Verwijdert : user_pref("extensions.BabylonToolbar.vrsni", "1.8.4.9"); Verwijdert : user_pref("extensions.BabylonToolbar_i.babExt", ""); Verwijdert : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109220&tt=4912_8"); Verwijdert : user_pref("extensions.BabylonToolbar_i.excTlbr", false); Verwijdert : user_pref("extensions.BabylonToolbar_i.newTab", false); Verwijdert : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=109220&tt=4812_[...] Verwijdert : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Verwijdert : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Verwijdert : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.4.920:58:18"); Verwijdert : user_pref("extensions.incredibar.actvtyRptTime", "1354184343347"); Verwijdert : user_pref("extensions.incredibar.admin", false); Verwijdert : user_pref("extensions.incredibar.aflt", "orgnl"); Verwijdert : user_pref("extensions.incredibar.afterInstallRpt", "sent"); Verwijdert : user_pref("extensions.incredibar.cntry", "NL"); Verwijdert : user_pref("extensions.incredibar.dfltlng", "EN"); Verwijdert : user_pref("extensions.incredibar.dfltsrch", "false"); Verwijdert : user_pref("extensions.incredibar.did", "10671"); Verwijdert : user_pref("extensions.incredibar.envrmnt", "production"); Verwijdert : user_pref("extensions.incredibar.excTlbr", false); Verwijdert : user_pref("extensions.incredibar.hdrMd5", "51E3A2FAA72593ADA129E9358487B9F7"); Verwijdert : user_pref("extensions.incredibar.hmpg", false); Verwijdert : user_pref("extensions.incredibar.hrdid", "98be2cd90000000000005404a61f5d88"); Verwijdert : user_pref("extensions.incredibar.id", "98be2cd90000000000005404a61f5d88"); Verwijdert : user_pref("extensions.incredibar.installerproductid", "26"); Verwijdert : user_pref("extensions.incredibar.instlday", "15599"); Verwijdert : user_pref("extensions.incredibar.instlref", ""); Verwijdert : user_pref("extensions.incredibar.isdcmntcmplt", "false"); Verwijdert : user_pref("extensions.incredibar.keywordurl", ""); Verwijdert : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1415:29:52"); Verwijdert : user_pref("extensions.incredibar.mntrvrsn", "1.2.0"); Verwijdert : user_pref("extensions.incredibar.newtab", "false"); Verwijdert : user_pref("extensions.incredibar.newtaburl", ""); Verwijdert : user_pref("extensions.incredibar.noFFXTlbr", false); Verwijdert : user_pref("extensions.incredibar.ppd", "7777743"); Verwijdert : user_pref("extensions.incredibar.prdct", "incredibar"); Verwijdert : user_pref("extensions.incredibar.productid", "26"); Verwijdert : user_pref("extensions.incredibar.prtnrid", "Incredibar"); Verwijdert : user_pref("extensions.incredibar.sg", "none"); Verwijdert : user_pref("extensions.incredibar.smplgrp", "none"); Verwijdert : user_pref("extensions.incredibar.srch", ""); Verwijdert : user_pref("extensions.incredibar.srchprvdr", ""); Verwijdert : user_pref("extensions.incredibar.tlbrid", "base"); Verwijdert : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6OyOixHaUC&loc=IB_T[...] Verwijdert : user_pref("extensions.incredibar.upn2", "6OyOixHaUC"); Verwijdert : user_pref("extensions.incredibar.upn2n", "92262116453516502"); Verwijdert : user_pref("extensions.incredibar.vrsn", "1.5.11.14"); Verwijdert : user_pref("extensions.incredibar.vrsni", "1.5.11.14"); Verwijdert : user_pref("extensions.incredibar.vrsnts", "1.5.11.1415:29:52"); Verwijdert : user_pref("extensions.incredibar_i.aflt", "orgnl"); Verwijdert : user_pref("extensions.incredibar_i.dfltLng", ""); Verwijdert : user_pref("extensions.incredibar_i.did", "10671"); Verwijdert : user_pref("extensions.incredibar_i.excTlbr", false); Verwijdert : user_pref("extensions.incredibar_i.id", "98be2cd90000000000005404a61f5d88"); Verwijdert : user_pref("extensions.incredibar_i.installerproductid", "26"); Verwijdert : user_pref("extensions.incredibar_i.instlDay", "15599"); Verwijdert : user_pref("extensions.incredibar_i.instlRef", ""); Verwijdert : user_pref("extensions.incredibar_i.ms_url_id", ""); Verwijdert : user_pref("extensions.incredibar_i.newTab", false); Verwijdert : user_pref("extensions.incredibar_i.ppd", "7777743"); Verwijdert : user_pref("extensions.incredibar_i.prdct", "incredibar"); Verwijdert : user_pref("extensions.incredibar_i.productid", "26"); Verwijdert : user_pref("extensions.incredibar_i.prtnrId", "Incredibar"); Verwijdert : user_pref("extensions.incredibar_i.smplGrp", "none"); Verwijdert : user_pref("extensions.incredibar_i.tlbrId", "base"); Verwijdert : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyOixHaUC&loc=IB[...] Verwijdert : user_pref("extensions.incredibar_i.upn2", "6OyOixHaUC"); Verwijdert : user_pref("extensions.incredibar_i.upn2n", "92262116453516502"); Verwijdert : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14"); Verwijdert : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1415:29:52"); Verwijdert : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14"); Verwijdert : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7B9f8edb98-7e0f-4016-b856-92139e8692c6%[...] Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "WebSearch"); Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "WebSearch"); Verwijdert : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://websearch.mocaflix.com/"); Verwijdert : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://websearch.mocaflix.com/?l=1&q="); Verwijdert : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*"); Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1"); Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1"); Verwijdert : user_pref("sweetim.toolbar.searchguard.enable", "false"); Verwijdert : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://isearch.avg.com/[...] Verwijdert : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://isearch.avg.[...] Verwijdert : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...] -\\ Google Chrome v [Onmogelijk de versie te verkrijgen] File : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [26622 octets] - [19/12/2012 14:55:24] ########## EOF - C:\AdwCleaner[s1].txt - [26683 octets] ##########
  5. MikeSchellaars
    Ok heb het verwijdert hier zijn de combofix files ComboFix 12-12-19.01 - Mike 19-12-2012 13:15:11.2.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6049.4452 [GMT 1:00] Gestart vanuit: c:\users\Mike\Downloads\ComboFix.exe AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-19 to 2012-12-19 )))))))))))))))))))))))))))))) . . 2012-12-19 12:21 . 2012-12-19 12:21 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-12-19 12:21 . 2012-12-19 12:21 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-18 19:43 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76252772-5675-4F19-A8D8-08DDBE610245}\mpengine.dll 2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\users\Mike\AppData\Roaming\Malwarebytes 2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\programdata\Malwarebytes 2012-12-17 19:45 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-12 19:32 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll 2012-12-12 19:32 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-12-12 19:30 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll 2012-12-12 19:30 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll 2012-12-12 16:33 . 2012-12-12 16:33 -------- d-----w- c:\users\Mike\AppData\Local\Adobe 2012-12-12 16:32 . 2012-12-12 17:56 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2012-12-04 19:58 . 2012-12-07 02:46 -------- d-----w- c:\programdata\Browser Manager 2012-12-04 12:20 . 2012-12-17 19:19 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2012-12-04 12:20 . 2012-12-12 17:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-12-04 12:15 . 2012-12-12 17:55 -------- d-----w- c:\program files (x86)\F-Secure 2012-12-04 12:11 . 2012-12-04 12:15 -------- d-----w- c:\programdata\F-Secure 2012-12-03 16:12 . 2012-12-03 16:12 -------- d-----w- c:\program files (x86)\MocaFlix 2012-12-03 16:12 . 2012-12-03 16:12 -------- d-----w- c:\programdata\Premium 2012-12-03 16:12 . 2012-12-18 10:46 -------- d-----w- c:\programdata\SaveAs 2012-12-03 16:11 . 2012-12-03 16:13 -------- d-----w- c:\programdata\InstallMate 2012-11-29 20:57 . 2012-12-04 09:21 -------- d-----w- c:\program files (x86)\GoforFiles 2012-11-29 20:57 . 2012-11-29 20:57 -------- d-----w- c:\users\Mike\AppData\Roaming\GoforFiles 2012-11-28 17:47 . 2012-12-10 10:55 -------- d-----w- c:\programdata\Tarma Installer 2012-11-28 17:47 . 2012-12-04 20:00 -------- d-----w- c:\program files (x86)\TornTV.com 2012-11-28 17:41 . 2012-11-28 17:42 -------- d-----w- c:\users\Mike\AppData\Local\DownTango 2012-11-28 17:41 . 2012-11-28 17:41 -------- d-----w- c:\program files (x86)\Red Sky 2012-11-21 11:58 . 2012-11-21 11:58 -------- d-----w- c:\program files (x86)\SystemRequirementsLab 2012-11-21 11:58 . 2012-11-21 11:58 -------- d-----w- c:\users\Mike\AppData\Roaming\SystemRequirementsLab 2012-11-19 18:42 . 2012-12-03 14:53 -------- d-----r- c:\users\Mike\Dropbox 2012-11-19 17:48 . 2012-12-17 18:46 -------- d-----w- c:\users\Mike\AppData\Roaming\Dropbox 2012-11-19 14:01 . 2012-11-19 14:01 -------- d-----w- C:\found.000 . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-19 12:11 . 2012-09-03 04:16 45056 ----a-w- c:\windows\system32\acovcnt.exe 2012-12-13 15:58 . 2012-09-07 04:21 67413224 ----a-w- c:\windows\system32\MRT.exe 2012-11-09 08:39 . 2012-11-09 08:39 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-11-09 08:39 . 2012-11-08 09:09 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-11-09 08:39 . 2012-11-08 09:09 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-11-05 19:09 . 2012-11-05 19:09 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2012-10-16 08:38 . 2012-11-27 23:22 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-11-27 23:22 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-11-27 23:22 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-10 01:22 . 2012-10-10 01:22 80384 ----a-w- c:\windows\system32\igdde64.dll 2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc 2012-10-10 01:22 . 2012-10-10 01:22 216064 ----a-w- c:\windows\system32\iglhcp64.dll 2012-10-10 01:22 . 2012-10-10 01:22 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll 2012-10-10 01:22 . 2012-10-10 01:22 5903392 ----a-w- c:\windows\system32\GfxUI.exe 2012-10-10 01:22 . 2012-10-10 01:22 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrhun.lrc 2012-10-10 01:22 . 2012-10-10 01:22 3776512 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll 2012-10-10 01:22 . 2012-10-10 01:22 10673664 ----a-w- c:\windows\SysWow64\ig4icd32.dll 2012-10-10 01:22 . 2012-10-10 01:22 64512 ----a-w- c:\windows\SysWow64\igdde32.dll 2012-10-10 01:22 . 2012-10-10 01:22 501760 ----a-w- c:\windows\system32\igfxcmrt64.dll 2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrus.lrc 2012-10-10 01:22 . 2012-10-10 01:22 431104 ----a-w- c:\windows\system32\igfxrkor.lrc 2012-10-10 01:22 . 2012-10-10 01:22 410624 ----a-w- c:\windows\system32\igfxTMM.dll 2012-10-10 01:22 . 2011-07-12 03:29 12836864 ----a-w- c:\windows\system32\igd10umd64.dll 2012-10-10 01:22 . 2011-07-12 03:29 110592 ----a-w- c:\windows\system32\hccutils.dll 2012-10-10 01:22 . 2012-10-10 01:22 330240 ----a-w- c:\windows\SysWow64\igfxdv32.dll 2012-10-10 01:22 . 2011-07-12 03:29 12604416 ----a-w- c:\windows\system32\igdumd64.dll 2012-10-10 01:22 . 2012-10-10 01:22 441888 ----a-w- c:\windows\system32\igfxpers.exe 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc 2012-10-10 01:22 . 2012-10-10 01:22 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll 2012-10-10 01:22 . 2012-10-10 01:22 5343584 ----a-w- c:\windows\system32\drivers\igdkmd64.sys 2012-10-10 01:22 . 2012-10-10 01:22 448512 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll 2012-10-10 01:22 . 2012-10-10 01:22 441856 ----a-w- c:\windows\system32\igfxdev.dll 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrnld.lrc 2012-10-10 01:22 . 2012-10-10 01:22 399392 ----a-w- c:\windows\system32\hkcmd.exe 2012-10-10 01:22 . 2012-10-10 01:22 272928 ----a-w- c:\windows\system32\igvpkrng600.bin 2012-10-10 01:22 . 2012-10-10 01:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl 2012-10-10 01:22 . 2012-10-10 01:22 116224 ----a-w- c:\windows\system32\igfxCoIn_v2867.dll 2012-10-10 01:22 . 2011-07-12 03:29 63488 ----a-w- c:\windows\system32\igfxsrvc.dll 2012-10-10 01:22 . 2011-07-12 03:29 9007616 ----a-w- c:\windows\system32\igfxress.dll 2012-10-10 01:22 . 2012-10-10 01:22 604160 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll 2012-10-10 01:22 . 2012-10-10 01:22 4571136 ----a-w- c:\windows\system32\igfxcmjit64.dll 2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxresn.lrc 2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrom.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrsve.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrslv.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrnor.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrdan.lrc 2012-10-10 01:22 . 2012-10-10 01:22 277024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe 2012-10-10 01:22 . 2012-10-10 01:22 185376 ----a-w- c:\windows\system32\difx64.exe 2012-10-10 01:22 . 2012-10-10 01:22 173568 ----a-w- c:\windows\system32\gfxSrvc.dll 2012-10-10 01:22 . 2012-10-10 01:22 12887040 ----a-w- c:\windows\system32\ig4icd64.dll 2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrheb.lrc 2012-10-10 01:22 . 2012-10-10 01:22 429056 ----a-w- c:\windows\system32\igfxrcht.lrc 2012-10-10 01:22 . 2012-10-10 01:22 171040 ----a-w- c:\windows\system32\igfxtray.exe 2012-10-10 01:22 . 2011-07-12 03:29 11158528 ----a-w- c:\windows\SysWow64\igd10umd32.dll 2012-10-10 01:22 . 2012-10-10 01:22 509984 ----a-w- c:\windows\system32\igfxsrvc.exe 2012-10-10 01:22 . 2012-10-10 01:22 440320 ----a-w- c:\windows\system32\igfxrell.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrptg.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrplk.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrita.lrc 2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrfin.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrtha.lrc 2012-10-10 01:22 . 2012-10-10 01:22 428544 ----a-w- c:\windows\system32\igfxrchs.lrc 2012-10-10 01:22 . 2012-10-10 01:22 286208 ----a-w- c:\windows\system32\igfxrenu.lrc 2012-10-10 01:22 . 2012-10-10 01:22 142336 ----a-w- c:\windows\system32\igfxdo.dll 2012-10-10 01:22 . 2012-10-10 01:22 963452 ----a-w- c:\windows\system32\igcodeckrng600.bin 2012-10-10 01:22 . 2012-10-10 01:22 482304 ----a-w- c:\windows\system32\igfx11cmrt64.dll 2012-10-10 01:22 . 2012-10-10 01:22 386048 ----a-w- c:\windows\system32\igfxpph.dll 2012-10-10 01:22 . 2012-10-10 01:22 524800 ----a-w- c:\windows\system32\iglhsip64.dll 2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrsky.lrc 2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrara.lrc 2012-10-10 01:22 . 2012-10-10 01:22 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc 2012-10-10 01:22 . 2012-10-10 01:22 28672 ----a-w- c:\windows\system32\igfxexps.dll 2012-10-10 01:22 . 2012-10-10 01:22 252448 ----a-w- c:\windows\system32\igfxext.exe 2012-10-10 01:22 . 2011-07-12 03:29 11040256 ----a-w- c:\windows\SysWow64\igdumd32.dll 2012-10-10 01:22 . 2012-10-10 01:22 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll 2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxrfra.lrc 2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrptb.lrc 2012-10-09 18:17 . 2012-11-15 05:11 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-10-09 18:17 . 2012-11-15 05:11 226816 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-10-09 17:40 . 2012-11-15 05:11 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll 2012-10-09 17:40 . 2012-11-15 05:11 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll 2012-10-09 16:09 . 2012-09-03 08:37 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-09 16:09 . 2012-09-03 08:37 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-09 15:35 . 2012-09-03 04:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2012-10-09 15:35 . 2012-09-03 04:14 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll 2012-10-08 10:42 . 2012-10-08 10:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2012-10-08 10:42 . 2012-10-08 10:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-10-08 10:42 . 2012-10-08 10:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll 2012-10-08 10:42 . 2012-10-08 10:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll 2012-10-08 10:42 . 2012-10-08 10:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-10-08 10:42 . 2012-10-08 10:42 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-10-08 10:42 . 2012-10-08 10:42 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-10-08 10:42 . 2012-09-03 03:52 973672 ----a-w- c:\windows\system32\nvumdshimx.dll 2012-10-08 10:42 . 2012-10-08 10:42 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-10-08 10:42 . 2012-10-08 10:42 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-10-08 10:42 . 2012-10-08 10:42 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "midi2"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x] R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-05 1255736] R3 X6va010;X6va010;c:\windows\SysWOW64\Drivers\X6va010 [x] R4 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520] R4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400] R4 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912] R4 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe [2012-12-05 2403352] R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000] R4 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488] R4 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312] R4 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [2012-08-28 188760] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056] S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-11-05 30568] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] S2 fshoster;F-Secure Dll Hoster;c:\program files (x86)\F-Secure\fshoster32.exe [2012-10-19 183864] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280] S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-05 711112] S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832] S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376] S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456] S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272] S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024] S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-02-25 302592] S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-02-25 81920] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136] . . Inhoud van de 'Gedeelde Taken' map . 2012-12-19 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-03 16:09] . 2012-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2353280605-2388377470-476608550-1001Core.job - c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 12:04] . 2012-12-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2353280605-2388377470-476608550-1001UA.job - c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 12:04] . 2012-12-19 c:\windows\Tasks\SDMsgUpdate (TE).job - c:\progra~2\SMARTD~1\Messages\SDNotify.exe [2012-09-18 18:22] . 2012-12-19 c:\windows\Tasks\SpeedUpMyPC.job - c:\program files (x86)\Uniblue\SpeedUpMyPC\sump.exe [2012-09-16 18:44] . 2012-12-19 c:\windows\Tasks\spmonitor.job - c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2012-09-16 18:44] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B] @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}" [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O] @="{64174815-8D98-4CE6-8646-4C039977D808}" [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520] "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384] "ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848] "AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120] "AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552] "snp2uvc"="c:\windows\vsnp2uvc.exe" [2010-01-21 909824] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SYSTEM32\blank.htm TCP: DhcpNameServer = 10.0.104.10 10.0.104.12 10.0.104.13 FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\ FF - prefs.js: browser.search.defaulturl - hxxp://websearch.mocaflix.com/?l=1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://google.nl/ FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B9f8edb98-7e0f-4016-b856-92139e8692c6%7D&mid=&ds=&v=13.2.0.5〈=&pr=&d=2012-11-19%2012%3A32%3A51&sap=ku&q= FF - ExtSQL: 2012-11-05 20:09; avg@toolbar; c:\programdata\AVG Secure Search\FireFoxExt\13.2.0.5 FF - ExtSQL: 2012-11-28 18:47; torntv@torntv.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\torntv@torntv.com.xpi FF - ExtSQL: 2012-12-03 17:26; 50bcd2c768e4c@50bcd2c768e85.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\50bcd2c768e4c@50bcd2c768e85.com FF - ExtSQL: 2012-12-04 20:58; plugin@yontoo.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\plugin@yontoo.com FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyOixHaUC&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - 98be2cd90000000000005404a61f5d88 FF - user.js: extensions.incredibar_i.instlDay - 15599 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1415:29 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6OyOixHaUC FF - user.js: extensions.incredibar_i.upn2n - 92262116453516502 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10671 FF - user.js: extensions.incredibar_i.ppd - 7777743 FF - user.js: extentions.y2layers.installId - f85293e5-0d7b-403f-9963-8849c7766698 FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,buzzdock,YontooNewOffers FF - user.js: extensions.autoDisableScopes - 14 FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=98be2cd90000000000005404a61f5d88&q= FF - user.js: extensions.BabylonToolbar.id - 98be2cd90000000000005404a61f5d88 FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB} FF - user.js: extensions.BabylonToolbar.instlDay - 15678 FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.4.9 FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.4.9 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.4.920:58 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - base FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar_i.excTlbr - false FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109220&tt=4912_8 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar.autoRvrt - false FF - user.js: extensions.BabylonToolbar.rvrt - false FF - user.js: extensions.BabylonToolbar_i.newTab - false . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) AddRemove-1ClickDownload - c:\program files (x86)\TornTV.com\uninst.exe AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fshoster] "ImagePath"="\"c:\program files (x86)\F-Secure\fshoster32.exe\" -hosterid:0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va010] "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va010" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\F-Secure\My Services Agent\Protected] @Denied: ) (Everyone) "AgentIdentifier"="" "AuthorizationCode"="" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-12-19 13:23:37 ComboFix-quarantined-files.txt 2012-12-19 12:23 ComboFix2.txt 2012-12-19 12:06 . Pre-Run: 370.777.161.728 bytes beschikbaar Post-Run: 370.476.658.688 bytes beschikbaar . - - End Of File - - F58A2417639174E43F791CC3CC85DC97
  6. MikeSchellaars
    Ik heb al paar dagen laast van Windows Verkenner fout , heb alles al geprobeert van mogelijkheiden die der zijn en kom er niet meer uit. Wat heb ik al gebrijkt : malware , Hijack , herstel enz. Mischien kunnen jullie wel iets vinden denk dat Baylon het probleem is maar die krijg ik er niet uit hij komt steeds terug . Hier onder heb ik me HiJackThis Files mischien hebben jullie meer zicht der op wat der fout is. Mvg Mike Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:55:58, on 18-12-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Users\Mike\AppData\Local\Pokki\v0.260.8.396\pokki.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\vsnp2uvc.exe C:\Users\Mike\AppData\Local\Pokki\v0.260.8.396\pokki.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Users\Mike\AppData\Local\Pokki\v0.260.8.396\pokki.exe C:\Users\Mike\Downloads\HijackThis.exe C:\Windows\SysWOW64\DllHost.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O4 - HKUS\S-1-5-21-2353280605-2388377470-476608550-1000\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (User 'UpdatusUser') O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\fshoster32.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7455 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.