Mkkl

Ik merk wel dat mijn iTunes 11 nogal stottert en kraakt (soort lag) maar dit kan ook aan iTunes zelf liggen natuurlijk. Ik merk dat 11 wel wat trager gaat dan 10, ik heb ooit zoiets eerder gehad met een andere audio programma en toen moest ik een beetje met cache geheugen *****n ofzo. Maar ik weetniet of het handig is om daarmee verder te gaan in dit topic...

Het gaat tot nu toe prima. Maar heb hem ook nog niet echt zwaar onder druk gezet. Kan je mij vertellen waar het aan lag, hoe het is opgelost en hoe ik dit kan voorkomen in de toekomst?

De eerste keer toen ik CFScript.tct in de snelkoppeling sleepte stond er Toegang geweigerd, dat kwam waarschijnlijk omdat ik AVG nog aan had staan. Die heb ik toen uitgezet en toen deed hij het wel, alleen gebeurde er iets raars nadat mijn laptop opnieuw opstartte. Ik kon geen programa's meer openen. Geen iTunes, geen Chrome, geen Firefox geen IE en geen Kladblok. Ik kreeg een soort foutmelding dat een registersleutel was verplaatst of verwijderd of iets dergelijks. Toen heb ik de laptop opnieuw opgestart en deed hij het wel. Hier is de log: ComboFix 13-01-11.02 - Michiel 12-01-2013 11:49:08.2.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3070.2033 [GMT 1:00] Gestart vanuit: c:\users\Michiel.MichielsPC\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Michiel.MichielsPC\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\GEARDIFx.exe c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DIFxAPI.dll c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DifXInst32.exe c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DIFxInstallLog.txt c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\GEARAspi.dll c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\GEARAspiWDM.inf c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\gearaspiwdmx86.cat c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\x86\GEARAspiWDM.sys c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\_ctypes.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\_elementtree.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\_hashlib.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\_socket.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\_ssl.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\pyexpat.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\pysqlite2._sqlite.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\python26.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\pythoncom26.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\PyWinTypes26.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\select.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\unicodedata.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\win32api.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\win32com.shell.shell.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\win32crypt.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\win32event.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\win32file.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\win32inet.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\win32pdh.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\win32process.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\win32profile.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\win32security.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\win32ts.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\windows._cacheinvalidation.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\wx._controls_.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\wx._core_.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\wx._gdi_.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\wx._html2.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\wx._misc_.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\wx._windows_.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\wx._wizard.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\wxbase293u_net_vc.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\wxbase293u_vc.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\wxmsw293u_adv_vc.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\wxmsw293u_core_vc.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\wxmsw293u_html_vc.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI37162\wxmsw293u_webview_vc.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\_ctypes.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\_elementtree.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\_hashlib.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\_socket.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\_ssl.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\pyexpat.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\pysqlite2._sqlite.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\python26.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\pythoncom26.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\PyWinTypes26.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\select.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\unicodedata.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\win32api.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\win32com.shell.shell.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\win32crypt.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\win32event.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\win32file.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\win32inet.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\win32pdh.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\win32process.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\win32profile.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\win32security.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\win32ts.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\windows._cacheinvalidation.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\wx._controls_.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\wx._core_.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\wx._gdi_.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\wx._html2.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\wx._misc_.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\wx._windows_.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\wx._wizard.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\wxbase293u_net_vc.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\wxbase293u_vc.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\wxmsw293u_adv_vc.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\wxmsw293u_core_vc.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\wxmsw293u_html_vc.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI37162\wxmsw293u_webview_vc.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2012-12-12 to 2013-01-12 )))))))))))))))))))))))))))))) . . 2013-01-12 11:03 . 2013-01-12 11:03 -------- d-----w- c:\users\Michiel\AppData\Local\temp 2013-01-12 11:03 . 2013-01-12 11:03 -------- d-----w- c:\users\Gast\AppData\Local\temp 2013-01-12 11:03 . 2013-01-12 11:03 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-01-12 08:53 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2ECFD586-341A-4528-A3C8-941AE8A30AB4}\mpengine.dll 2013-01-11 15:54 . 2013-01-11 15:54 388096 ----a-r- c:\users\Michiel.MichielsPC\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-01-11 15:54 . 2013-01-11 15:54 -------- d-----w- c:\program files\Trend Micro 2013-01-11 14:58 . 2013-01-11 14:58 -------- d-----w- c:\program files\What's my computer doing 2013-01-11 08:21 . 2013-01-11 08:21 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software 2013-01-11 07:44 . 2013-01-11 07:44 -------- d-----w- c:\users\Gast\AppData\Roaming\AVG2013 2013-01-11 07:44 . 2013-01-11 07:44 -------- d-----w- c:\users\Gast\AppData\Local\Avg2013 2013-01-11 02:44 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-01-09 23:54 . 2013-01-12 08:35 -------- d-----w- c:\program files\EndItAll 2013-01-09 21:23 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs 2013-01-05 15:32 . 2013-01-05 15:32 -------- d-----w- c:\program files\CleanMem 2013-01-05 15:32 . 2013-01-05 15:32 -------- d-----w- c:\windows\CleanMem 2012-12-27 16:04 . 2012-12-27 16:04 -------- d-----w- c:\users\Michiel.MichielsPC\AppData\Roaming\AVG2013 2012-12-27 16:02 . 2012-12-27 16:02 -------- d-----w- c:\users\Michiel.MichielsPC\AppData\Roaming\TuneUp Software 2012-12-27 16:01 . 2012-12-27 16:02 -------- d-----w- c:\programdata\AVG2013 2012-12-27 16:01 . 2012-12-27 16:01 -------- d-----w- C:\$AVG 2012-12-27 16:00 . 2012-12-27 16:00 -------- d-----w- c:\program files\AVG 2012-12-27 15:57 . 2013-01-12 07:16 -------- d-----w- c:\programdata\MFAData 2012-12-27 15:57 . 2012-12-27 17:35 -------- d-----w- c:\users\Michiel.MichielsPC\AppData\Local\Avg2013 2012-12-27 15:57 . 2012-12-27 15:57 -------- d-----w- c:\users\Michiel.MichielsPC\AppData\Local\MFAData 2012-12-24 10:54 . 2012-12-24 10:54 -------- d-----w- c:\users\Michiel.MichielsPC\AppData\Roaming\MathematicaPlayer 2012-12-24 10:54 . 2012-12-24 10:54 -------- d-----w- c:\users\Michiel.MichielsPC\AppData\Local\MathematicaPlayer 2012-12-24 10:51 . 2012-12-24 10:51 -------- d-----w- c:\program files\Common Files\Wolfram Research 2012-12-24 10:51 . 2012-12-24 10:51 -------- d-----w- c:\programdata\Mathematica 2012-12-24 10:51 . 2012-12-24 10:51 -------- d-----w- c:\program files\Common Files\ResearchSoft 2012-12-24 10:50 . 2011-10-03 17:45 334352 ----a-w- c:\windows\system32\mltcpip32.mlp 2012-12-24 10:50 . 2011-10-03 17:45 93712 ----a-w- c:\windows\system32\mltcp32.mlp 2012-12-24 10:50 . 2011-10-03 17:45 88080 ----a-w- c:\windows\system32\mlshm32.mlp 2012-12-24 10:50 . 2011-10-03 17:45 163344 ----a-w- c:\windows\system32\mlmodule32.dll 2012-12-24 10:50 . 2011-10-03 17:45 79376 ----a-w- c:\windows\system32\mlmap32.mlp 2012-12-24 10:50 . 2011-10-03 17:45 370704 ----a-w- c:\windows\system32\ml32i3.dll 2012-12-24 10:50 . 2011-10-03 17:45 260112 ----a-w- c:\windows\system32\ml32i2.dll 2012-12-24 10:50 . 2011-10-03 17:45 253968 ----a-w- c:\windows\system32\ml32i1.dll 2012-12-24 10:49 . 2012-12-24 10:49 -------- d-----w- c:\program files\Wolfram Research 2012-12-23 09:15 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll 2012-12-23 09:15 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-18 23:42 . 2012-12-18 23:42 -------- d-----w- c:\program files\iPod 2012-12-18 14:28 . 2012-12-18 14:28 186584 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll 2012-12-18 14:28 . 2012-12-18 14:28 186584 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-01-09 22:38 . 2012-07-03 15:35 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-01-09 22:38 . 2011-05-20 09:34 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-12-14 15:49 . 2011-01-18 10:17 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-07 12:26 . 2013-01-09 21:23 308736 ----a-w- c:\windows\system32\Wpc.dll 2012-11-29 07:58 . 2012-11-29 07:59 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{74AA75D1-135B-45CE-AC42-31729C4205FD}\gapaengine.dll 2012-11-15 22:33 . 2012-11-15 22:33 94048 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2012-11-13 20:29 . 2012-11-13 20:29 354216 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl 2012-11-09 04:42 . 2012-12-13 02:31 2048 ----a-w- c:\windows\system32\tzres.dll 2012-11-02 05:11 . 2012-12-13 02:31 376832 ----a-w- c:\windows\system32\dpnet.dll 2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts 2012-10-22 12:02 . 2012-10-22 12:02 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys 2012-10-16 07:39 . 2012-11-28 19:07 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-15 02:48 . 2012-10-15 02:48 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2012-10-20 21:48 . 2011-04-16 18:07 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2010-07-28 13:44 . 2010-07-28 13:44 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Michiel.MichielsPC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Michiel.MichielsPC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Michiel.MichielsPC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Michiel.MichielsPC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-11-08 15:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-11-08 15:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-11-08 15:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-11-08 15:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}] @="{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}" [HKEY_CLASSES_ROOT\CLSID\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}] 2010-07-07 17:57 153064 ----a-w- c:\windows\System32\pfmshx_463.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032] "GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2012-11-08 16070136] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824] "Acer ePower Management"="c:\program files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe" [2009-08-26 494112] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-28 30192] "LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-18 1157640] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-02 9808488] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280] "B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568] "AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544] "AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-12-11 3147384] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-4-13 791840] Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-2-11 813584] What's my computer doing.lnk - c:\program files\What's my computer doing\WhatsMyComputerDoing.exe [2013-1-11 274168] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fsproflt] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2012-11-30 02:06 1263512 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper] 2012-12-25 14:32 1199576 ----a-w- c:\users\Michiel.MichielsPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe . R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [x] R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [x] R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [x] R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [x] R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [x] R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [x] R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys [x] R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [x] R3 L6GX;Service - Line 6 GX;c:\windows\system32\Drivers\L6GX.sys [x] R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtport.sys [x] R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [x] R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmodem.sys [x] R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys [x] R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [x] R3 netw5v32;Stuurprogramma voor Intel® Wireless WiFi Link 5000 Series-adapter 32-bits Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x] S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [x] S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x] S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x] S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x] S1 pfmfs_463;pfmfs_463;c:\windows\system32\Drivers\pfmfs_463.sys [x] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [x] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [x] S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [x] S3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2013-01-12 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-03 22:38] . 2013-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-07-10 07:53] . 2013-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-07-10 07:53] . 2013-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3015975709-2517105018-1172841398-1000Core.job - c:\users\Michiel.MichielsPC\AppData\Local\Google\Update\GoogleUpdate.exe [2009-09-07 15:55] . 2013-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3015975709-2517105018-1172841398-1000UA.job - c:\users\Michiel.MichielsPC\AppData\Local\Google\Update\GoogleUpdate.exe [2009-09-07 15:55] . . ------- Bijkomende Scan ------- . mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&s=2&o=vp32&d=0909&m=easynote_lj65 uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: &D&ownload &met BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload alles met BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 Trusted Zone: line6.net TCP: DhcpNameServer = 129.125.4.13 129.125.50.250 FF - ProfilePath - c:\users\Michiel.MichielsPC\AppData\Roaming\Mozilla\Firefox\Profiles\k7eofzrr.default\ . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3015975709-2517105018-1172841398-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-3015975709-2517105018-1172841398-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(6076) c:\program files\Logitech\SetPoint\lgscroll.dll c:\users\Michiel.MichielsPC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\progra~1\AVG\AVG2013\avgrsx.exe c:\program files\AVG\AVG2013\avgcsrvx.exe c:\windows\system32\nvvsvc.exe c:\program files\Microsoft Security Client\MsMpEng.exe c:\windows\system32\nvvsvc.exe c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe c:\program files\AVG\AVG2013\avgnsx.exe c:\program files\AVG\AVG2013\avgemcx.exe c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe c:\windows\system32\taskhost.exe c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler.exe c:\windows\system32\conhost.exe c:\program files\Synaptics\SynTP\SynTPHelper.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE c:\windows\system32\sppsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\system32\taskhost.exe . ************************************************************************** . Voltooingstijd: 2013-01-12 12:14:04 - machine werd herstart ComboFix-quarantined-files.txt 2013-01-12 11:14 ComboFix2.txt 2013-01-11 23:14 . Pre-Run: 133.187.338.240 bytes beschikbaar Post-Run: 133.091.475.456 bytes beschikbaar . - - End Of File - - 6816DBB9327991982B8E2FFDE81FBC0E

ComboFix 13-01-11.02 - Michiel 11-01-2013 23:49:59.1.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3070.1960 [GMT 1:00] Gestart vanuit: c:\users\Michiel.MichielsPC\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Common Files\mic-50.ico c:\program files\Common Files\Uninstall.ico c:\program files\Extension Changer\extmain.exe c:\program files\SecureW2 c:\program files\SecureW2\Uninstall.exe c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2 c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\TTLS Manager.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\Uninstall.lnk c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\_ctypes.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\_elementtree.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\_hashlib.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\_socket.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\_ssl.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\pyexpat.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\pysqlite2._sqlite.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\python26.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\pythoncom26.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\PyWinTypes26.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\select.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\unicodedata.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\win32api.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\win32com.shell.shell.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\win32crypt.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\win32event.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\win32file.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\win32inet.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\win32pdh.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\win32process.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\win32profile.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\win32security.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\win32ts.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\windows._cacheinvalidation.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\wx._controls_.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\wx._core_.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\wx._gdi_.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\wx._html2.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\wx._misc_.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\wx._windows_.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\wx._wizard.pyd c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\wxbase293u_net_vc.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\wxbase293u_vc.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\wxmsw293u_adv_vc.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\wxmsw293u_core_vc.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\wxmsw293u_html_vc.dll c:\users\MICHIE~1.MIC\AppData\Local\Temp\_MEI31322\wxmsw293u_webview_vc.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\_ctypes.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\_elementtree.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\_hashlib.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\_socket.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\_ssl.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\pyexpat.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\pysqlite2._sqlite.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\python26.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\pythoncom26.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\PyWinTypes26.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\select.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\unicodedata.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\win32api.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\win32com.shell.shell.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\win32crypt.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\win32event.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\win32file.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\win32inet.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\win32pdh.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\win32process.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\win32profile.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\win32security.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\win32ts.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\windows._cacheinvalidation.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\wx._controls_.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\wx._core_.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\wx._gdi_.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\wx._html2.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\wx._misc_.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\wx._windows_.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\wx._wizard.pyd c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\wxbase293u_net_vc.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\wxbase293u_vc.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\wxmsw293u_adv_vc.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\wxmsw293u_core_vc.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\wxmsw293u_html_vc.dll c:\users\Michiel.MichielsPC\AppData\Local\Temp\_MEI31322\wxmsw293u_webview_vc.dll c:\users\Michiel.MichielsPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2 c:\users\Michiel.MichielsPC\Documents\~WRL2420.tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2012-12-11 to 2013-01-11 )))))))))))))))))))))))))))))) . . 2013-01-11 22:45 . 2013-01-11 22:45 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D09F0EE1-3BB8-4C5B-B98D-D3AC70880AC6}\MpKsl9b107f5a.sys 2013-01-11 15:54 . 2013-01-11 15:54 388096 ----a-r- c:\users\Michiel.MichielsPC\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-01-11 15:54 . 2013-01-11 15:54 -------- d-----w- c:\program files\Trend Micro 2013-01-11 14:58 . 2013-01-11 14:58 -------- d-----w- c:\program files\What's my computer doing 2013-01-11 08:21 . 2013-01-11 08:21 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software 2013-01-11 07:44 . 2013-01-11 07:44 -------- d-----w- c:\users\Gast\AppData\Roaming\AVG2013 2013-01-11 07:44 . 2013-01-11 07:44 -------- d-----w- c:\users\Gast\AppData\Local\Avg2013 2013-01-11 02:44 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D09F0EE1-3BB8-4C5B-B98D-D3AC70880AC6}\mpengine.dll 2013-01-09 23:54 . 2013-01-09 23:56 -------- d-----w- c:\program files\EndItAll 2013-01-09 22:46 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-01-09 21:23 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs 2013-01-09 21:23 . 2012-12-07 10:46 46592 ----a-w- c:\windows\system32\fpb.rs 2013-01-09 21:23 . 2012-12-07 10:46 40960 ----a-w- c:\windows\system32\cob-au.rs 2013-01-09 21:23 . 2012-12-07 12:20 2576384 ----a-w- c:\windows\system32\gameux.dll 2013-01-09 21:23 . 2012-12-07 10:46 21504 ----a-w- c:\windows\system32\grb.rs 2013-01-09 21:23 . 2012-12-07 10:46 15360 ----a-w- c:\windows\system32\djctq.rs 2013-01-09 21:23 . 2012-12-07 10:46 55296 ----a-w- c:\windows\system32\cero.rs 2013-01-09 21:23 . 2012-12-07 10:46 51712 ----a-w- c:\windows\system32\esrb.rs 2013-01-09 21:23 . 2012-11-20 04:51 220160 ----a-w- c:\windows\system32\ncrypt.dll 2013-01-05 15:32 . 2013-01-05 15:32 -------- d-----w- c:\program files\CleanMem 2013-01-05 15:32 . 2013-01-05 15:32 -------- d-----w- c:\windows\CleanMem 2012-12-27 16:04 . 2012-12-27 16:04 -------- d-----w- c:\users\Michiel.MichielsPC\AppData\Roaming\AVG2013 2012-12-27 16:02 . 2012-12-27 16:02 -------- d-----w- c:\users\Michiel.MichielsPC\AppData\Roaming\TuneUp Software 2012-12-27 16:01 . 2012-12-27 16:02 -------- d-----w- c:\programdata\AVG2013 2012-12-27 16:01 . 2012-12-27 16:01 -------- d-----w- C:\$AVG 2012-12-27 16:00 . 2012-12-27 16:00 -------- d-----w- c:\program files\AVG 2012-12-27 15:57 . 2013-01-11 16:58 -------- d-----w- c:\programdata\MFAData 2012-12-27 15:57 . 2012-12-27 17:35 -------- d-----w- c:\users\Michiel.MichielsPC\AppData\Local\Avg2013 2012-12-27 15:57 . 2012-12-27 15:57 -------- d-----w- c:\users\Michiel.MichielsPC\AppData\Local\MFAData 2012-12-24 10:54 . 2012-12-24 10:54 -------- d-----w- c:\users\Michiel.MichielsPC\AppData\Roaming\MathematicaPlayer 2012-12-24 10:54 . 2012-12-24 10:54 -------- d-----w- c:\users\Michiel.MichielsPC\AppData\Local\MathematicaPlayer 2012-12-24 10:51 . 2012-12-24 10:51 -------- d-----w- c:\program files\Common Files\Wolfram Research 2012-12-24 10:51 . 2012-12-24 10:51 -------- d-----w- c:\programdata\Mathematica 2012-12-24 10:51 . 2012-12-24 10:51 -------- d-----w- c:\program files\Common Files\ResearchSoft 2012-12-24 10:50 . 2011-10-03 17:45 334352 ----a-w- c:\windows\system32\mltcpip32.mlp 2012-12-24 10:50 . 2011-10-03 17:45 93712 ----a-w- c:\windows\system32\mltcp32.mlp 2012-12-24 10:50 . 2011-10-03 17:45 88080 ----a-w- c:\windows\system32\mlshm32.mlp 2012-12-24 10:50 . 2011-10-03 17:45 163344 ----a-w- c:\windows\system32\mlmodule32.dll 2012-12-24 10:50 . 2011-10-03 17:45 79376 ----a-w- c:\windows\system32\mlmap32.mlp 2012-12-24 10:50 . 2011-10-03 17:45 370704 ----a-w- c:\windows\system32\ml32i3.dll 2012-12-24 10:50 . 2011-10-03 17:45 260112 ----a-w- c:\windows\system32\ml32i2.dll 2012-12-24 10:50 . 2011-10-03 17:45 253968 ----a-w- c:\windows\system32\ml32i1.dll 2012-12-24 10:49 . 2012-12-24 10:49 -------- d-----w- c:\program files\Wolfram Research 2012-12-23 09:15 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll 2012-12-23 09:15 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-18 23:42 . 2012-12-18 23:42 -------- d-----w- c:\program files\iPod 2012-12-18 23:42 . 2012-12-18 23:42 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 2012-12-18 14:28 . 2012-12-18 14:28 186584 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll 2012-12-18 14:28 . 2012-12-18 14:28 186584 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll 2012-12-13 02:31 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-01-09 22:38 . 2012-07-03 15:35 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-01-09 22:38 . 2011-05-20 09:34 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-12-14 15:49 . 2011-01-18 10:17 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-07 12:26 . 2013-01-09 21:23 308736 ----a-w- c:\windows\system32\Wpc.dll 2012-12-07 10:46 . 2013-01-09 21:23 30720 ----a-w- c:\windows\system32\usk.rs 2012-12-07 10:46 . 2013-01-09 21:23 45568 ----a-w- c:\windows\system32\oflc-nz.rs 2012-12-07 10:46 . 2013-01-09 21:23 44544 ----a-w- c:\windows\system32\pegibbfc.rs 2012-12-07 10:46 . 2013-01-09 21:23 20480 ----a-w- c:\windows\system32\pegi-pt.rs 2012-12-07 10:46 . 2013-01-09 21:23 23552 ----a-w- c:\windows\system32\oflc.rs 2012-12-07 10:46 . 2013-01-09 21:23 20480 ----a-w- c:\windows\system32\pegi-fi.rs 2012-12-07 10:46 . 2013-01-09 21:23 20480 ----a-w- c:\windows\system32\pegi.rs 2012-11-30 04:53 . 2013-01-09 21:24 169984 ----a-w- c:\windows\system32\winsrv.dll 2012-11-29 07:58 . 2012-11-29 07:59 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{74AA75D1-135B-45CE-AC42-31729C4205FD}\gapaengine.dll 2012-11-23 02:56 . 2013-01-09 21:24 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-11-23 02:48 . 2013-01-09 21:23 49152 ----a-w- c:\windows\system32\taskhost.exe 2012-11-22 04:45 . 2013-01-09 21:24 626688 ----a-w- c:\windows\system32\usp10.dll 2012-11-15 22:33 . 2012-11-15 22:33 94048 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2012-11-14 01:57 . 2012-12-16 02:06 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-11-14 01:48 . 2012-12-16 02:06 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-11-13 20:29 . 2012-11-13 20:29 354216 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl 2012-11-09 04:43 . 2013-01-09 21:24 492032 ----a-w- c:\windows\system32\win32spl.dll 2012-11-09 04:42 . 2012-12-13 02:31 2048 ----a-w- c:\windows\system32\tzres.dll 2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts 2012-10-22 12:02 . 2012-10-22 12:02 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys 2012-10-16 07:39 . 2012-11-28 19:07 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-15 02:48 . 2012-10-15 02:48 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2012-10-20 21:48 . 2011-04-16 18:07 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2010-07-28 13:44 . 2010-07-28 13:44 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Michiel.MichielsPC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Michiel.MichielsPC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Michiel.MichielsPC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Michiel.MichielsPC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-11-08 15:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-11-08 15:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-11-08 15:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-11-08 15:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}] @="{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}" [HKEY_CLASSES_ROOT\CLSID\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}] 2010-07-07 17:57 153064 ----a-w- c:\windows\System32\pfmshx_463.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032] "GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2012-11-08 16070136] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824] "Acer ePower Management"="c:\program files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe" [2009-08-26 494112] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-28 30192] "LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-18 1157640] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-02 9808488] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280] "B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568] "AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544] "AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-12-11 3147384] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-4-13 791840] Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-2-11 813584] What's my computer doing.lnk - c:\program files\What's my computer doing\WhatsMyComputerDoing.exe [2013-1-11 274168] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fsproflt] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2012-11-30 02:06 1263512 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper] 2012-12-25 14:32 1199576 ----a-w- c:\users\Michiel.MichielsPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe . R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [x] R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [x] R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [x] R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [x] R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [x] R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [x] R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys [x] R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [x] R3 L6GX;Service - Line 6 GX;c:\windows\system32\Drivers\L6GX.sys [x] R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtport.sys [x] R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [x] R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmodem.sys [x] R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys [x] R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [x] R3 netw5v32;Stuurprogramma voor Intel® Wireless WiFi Link 5000 Series-adapter 32-bits Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x] S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [x] S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x] S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x] S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x] S1 MpKsl9b107f5a;MpKsl9b107f5a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D09F0EE1-3BB8-4C5B-B98D-D3AC70880AC6}\MpKsl9b107f5a.sys [x] S1 pfmfs_463;pfmfs_463;c:\windows\system32\Drivers\pfmfs_463.sys [x] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [x] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [x] S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [x] S3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2013-01-11 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-03 22:38] . 2013-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-07-10 07:53] . 2013-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-07-10 07:53] . 2013-01-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3015975709-2517105018-1172841398-1000Core.job - c:\users\Michiel.MichielsPC\AppData\Local\Google\Update\GoogleUpdate.exe [2009-09-07 15:55] . 2013-01-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3015975709-2517105018-1172841398-1000UA.job - c:\users\Michiel.MichielsPC\AppData\Local\Google\Update\GoogleUpdate.exe [2009-09-07 15:55] . . ------- Bijkomende Scan ------- . mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&s=2&o=vp32&d=0909&m=easynote_lj65 uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: &D&ownload &met BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload alles met BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 Trusted Zone: line6.net TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Michiel.MichielsPC\AppData\Roaming\Mozilla\Firefox\Profiles\k7eofzrr.default\ FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=112670&tt=3412_3&babsrc=HP_sst&mntrId=4a1b087d000000000000001e65782e71 FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=112670&tt=3412_3&babsrc=KW_sst&mntrId=4a1b087d000000000000001e65782e71&q= FF - user.js: extensions.BabylonToolbar_i.id - 4a1b087d000000000000001e65782e71 FF - user.js: extensions.BabylonToolbar_i.hardId - 4a1b087d000000000000001e65782e71 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15542 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1719:41 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112844&tt=2912_5 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{65CA59EE-9920-4D7F-8C41-BFA12403261A} - (no file) MSConfigStartUp-VideoWebCamera - c:\program files\VideoWebCamera\VideoWebCamera.exe AddRemove-SecureW2 EAP Suite - c:\program files\SecureW2\Uninstall.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3015975709-2517105018-1172841398-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-3015975709-2517105018-1172841398-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(5524) c:\program files\Logitech\SetPoint\lgscroll.dll c:\users\Michiel.MichielsPC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\progra~1\AVG\AVG2013\avgrsx.exe c:\program files\AVG\AVG2013\avgcsrvx.exe c:\windows\system32\nvvsvc.exe c:\program files\Microsoft Security Client\MsMpEng.exe c:\windows\system32\nvvsvc.exe c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe c:\program files\AVG\AVG2013\avgnsx.exe c:\program files\AVG\AVG2013\avgemcx.exe c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler.exe c:\program files\Synaptics\SynTP\SynTPHelper.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Voltooingstijd: 2013-01-12 00:14:48 - machine werd herstart ComboFix-quarantined-files.txt 2013-01-11 23:14 . Pre-Run: 132.151.402.496 bytes beschikbaar Post-Run: 132.055.646.208 bytes beschikbaar . - - End Of File - - AC775FA94443DF24AC5DA5D6918EF4E7

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:01:05, on 11-1-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Google\Drive\googledrivesync.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Google\Drive\googledrivesync.exe C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Last.fm\LastFM.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Windows\system32\conhost.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtITunesPlugIn.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [b2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [Google Update] "C:\Users\Michiel.MichielsPC\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: What's my computer doing.lnk = C:\Program Files\What's my computer doing\WhatsMyComputerDoing.exe O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.line6.net O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - BitComet - A free C++ BitTorrent/HTTP/FTP Download Client - C:\Program Files\BitComet\tools\BitCometService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- End of file - 12961 bytes

Hallo, Af en toe loopt mijn laptop heel erg te hallen, vooral lastig als je muziek aan het luisteren bent of een film kijkt. Ik heb gekeken in taakbeheer bij het tabblad processen, daar zag ik weinig opvallends. Het processorgebruik in het tabblad prestaties is dan vaak veel hoger dan de som van het processorgebruik van de processen. Ik voeg hierbij een logje toe: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:59:55, on 11-1-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Google\Drive\googledrivesync.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Google\Drive\googledrivesync.exe C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Michiel.MichielsPC\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Last.fm\LastFM.exe C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Windows\system32\taskmgr.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {65ca59ee-9920-4d7f-8c41-bfa12403261a} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - (no file) O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [b2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [Google Update] "C:\Users\Michiel.MichielsPC\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: What's my computer doing.lnk = C:\Program Files\What's my computer doing\WhatsMyComputerDoing.exe O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.line6.net O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - BitComet - A free C++ BitTorrent/HTTP/FTP Download Client - C:\Program Files\BitComet\tools\BitCometService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- End of file - 12730 bytes