Ghania53
-
Items
26 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Ghania53
-
-
Secunia PSI versie 2.0.
-
Alles is uitgeschakeld en het opstarten gaat inderdaad een stuk sneller. Facebook start nog steeds langzaam op, komt dit misschien omdat veilig brouwsen is ingeschakeld?
-
: Vraagteken::
-
Ja HKCU:Run MyTomTomSA.exe TomTom "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"
Nee HKCU:Run Sidebar Microsoft Corporation C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
Nee HKCU:Run Skype Skype Technologies S.A. "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
Ja HKCU:Run swg Google Inc. "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
Nee HKLM:Run (default)
Ja HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Ja HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Ja HKLM:Run AVP Kaspersky Lab "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
Ja HKLM:Run CanonMyPrinter CANON INC. C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
Nee HKLM:Run CanonSolutionMenuEx CANON INC. C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
Nee HKLM:Run CLMLServer "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
Nee HKLM:Run GrooveMonitor Microsoft Corporation "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
Nee HKLM:Run HotKeysCmds Intel Corporation C:\windows\system32\hkcmd.exe
Nee HKLM:Run HP Software Update Hewlett-Packard C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Nee HKLM:Run IgfxTray Intel Corporation C:\windows\system32\igfxtray.exe
Nee HKLM:Run IJNetworkScannerSelectorEX CANON INC. C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
Ja HKLM:Run iTunesHelper Apple Inc. "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
Nee HKLM:Run KPN "C:\Program Files (x86)\KPN\bin\sprtcmd.exe" /P KPN
Nee HKLM:Run PDVD8LanguageShortcut CyberLink Corp. "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
Nee HKLM:Run Persistence Intel Corporation C:\windows\system32\igfxpers.exe
Nee HKLM:Run QuickTime Task Apple Inc. "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
Nee HKLM:Run RemoteControl8 CyberLink Corp. "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
Nee HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
Ja HKLM:Run SunJavaUpdateSched Sun Microsystems, Inc. "C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe" -u auto-update
Nee HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
Nee HKLM:Run UCam_Menu CyberLink Corp. "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
Nee HKLM:Run UpdateLBPShortCut "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
Nee HKLM:Run UpdateP2GoShortCut "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
Nee HKLM:Run UpdatePDRShortCut "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
Nee HKLM:Run UpdatePPShortCut "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
Nee Startup Common HP Digital Imaging Monitor.lnk C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe
Ja Startup Common Secunia PSI Tray.lnk Secunia C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
Nee Startup User Dropbox.lnk Dropbox, Inc. C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe
-
Het starten van mijn pc duurt niet lang als ik opstart in veilige modus.
-
Met I.E. gaat het laden van Facebook veel sneller, hoe moet ik mijn pc opstarten in de veilige modus?
-
Ik gebruik alleen maar Google Chrome.
-
Heb ik bovenstaande opdracht goed uitgevoerd?
-
-
De PC start ook traag op.
-
Helaas nog steeds hetzelfde, het duurt nog steeds ruim een minuut voordat Facebook opstart.
-
Zoek.exe Version 4.0.0.2 Updated 11-March-2013
Tool run by pc on di 12-03-2013 at 19:13:06,90.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Deleting Files \ Folders ======================
"C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\GEARDIFx.exe" deleted
"C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DIFxAPI.dll" deleted
"C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DifXInst64.exe" deleted
"C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DIFxInstallLog.txt" deleted
"C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\GEARAspi.dll" deleted
"C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\GEARAspi64.dll" deleted
"C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\GEARAspiWDM.inf" deleted
"C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\gearaspiwdmx64.cat" deleted
"C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\x64\GEARAspiWDM.sys" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\COPYRIGHT.html" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\README.html" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\THIRDPARTYLICENSEREADME.txt" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\axbridge.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\decora-d3d.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\decora-sse.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\deploy.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\eula.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\fxplugins.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\fxreg.exe" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\glass.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\glib-lite.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\gstreamer-lite.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\javacpl.cpl" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\javacpl.exe" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\javafx-font.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\javafx-iio.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\javaws.exe" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jfxmedia.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2launcher.exe" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2native.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jpicom.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jpiexp.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jpinscp.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jpioji.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jpishare.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\libxml2.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\libxslt.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\msvcr100.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\npjpi170_04.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\npoji610.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\prism-d3d.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\prism-es2.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssvagent.exe" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\WebPaneJava.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\wsdetect.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy.jar" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\javaws.jar" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\jfxrt.jar" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\plugin.jar" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\deployJava1.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npdeployJava1.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\msvcr100.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\ffjcext.zip" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\messages.properties" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\messages_de.properties" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\messages_es.properties" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\messages_fr.properties" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\messages_it.properties" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\messages_ja.properties" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\messages_ko.properties" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\messages_pt_BR.properties" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\messages_sv.properties" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\messages_zh_CN.properties" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\messages_zh_HK.properties" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\messages_zh_TW.properties" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\splash.gif" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\security\javaws.policy" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\jqs\jqs.conf" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\jqs\jqsmessages.properties" deleted
"C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69" deleted
"C:\Program Files (x86)\Oracle" deleted
"C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64" deleted
"C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\x64" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\security" deleted
"C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\lib\deploy\jqs" deleted
-
Zoek.exe Version 4.0.0.2 Updated 08-March-2013
Tool run by pc on ma 11-03-2013 at 19:22:29,55.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Running Processes ======================
C:\windows\system32\csrss.exe
C:\windows\system32\wininit.exe
C:\windows\system32\csrss.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\windows\system32\taskhost.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\windows\Explorer.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\igfxext.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\servicing\TrustedInstaller.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\windows\splwow64.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\pc\Downloads\zoek.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-877862175-3224100145-3519368881-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0005EBF0-4A6F-4FF7-9873-CC88C0B7B8C5} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958)
@C:\\Program Files (x86)\\Intel\\Intel® Graphics Media Accelerator Driver\\Uninstall\\Setup.exe,-1166
@C:\\Program Files (x86)\\Intel\\Intel® Rapid Storage Technology\\Uninstall\\Setup.exe,-2018
Aangifte inkomstenbelasting 2011
Aangifte inkomstenbelasting 2012
ABN AMRO e.dentifier2 software
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.6) - Nederlands
Apple Application Support
Apple Software Update
Atheros Client Installation Program
BatteryLifeExtender
Canon Easy-PhotoPrint EX
Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data
Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data
Canon Easy-PhotoPrint Pro
Canon Easy-WebPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MG6200 series On-screen Manual
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
CyberLink PowerDVD 8
CyberLink YouCam
D3DX10
Dropbox
Easy Display Manager
Easy Network Manager
Easy SpeedUp Manager
EasyBatteryManager
ECHO is off (uit).
Fotoservice van PostNL
Gebruikersregistratie voor Canon MG6200 series
Google Chrome
Google Drive
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Hewlett-Packard ACLM.NET v1.1.0.0
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HPDiagnosticAlert
Intel® Graphics Media Accelerator Driver
Intel® Rapid Storage Technology
Java 7 Update 17
Java Auto Updater
Java 6 Update 41
JavaFX 2.1.0
Junk Mail filter update
Kaspersky PURE
Marvell Miniport Driver
Mesh Runtime
Messenger Companion
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Access MUI (Dutch) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Dutch) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (Dutch) 2007
Microsoft Office InfoPath MUI (Dutch) 2007
Microsoft Office OneNote MUI (Dutch) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Dutch) 2007
Microsoft Office PowerPoint MUI (Dutch) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proofing (Dutch) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Dutch) 2007
Microsoft Office Shared MUI (Dutch) 2007
Microsoft Office Word MUI (Dutch) 2007
Microsoft Research AutoCollage 2008 version 1.1
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_CRT_x86
Mozilla Firefox 10.0.3 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MyFreeCodec
MyTomTom 3.2.0.802
Photo Notifier and Animation Creator
Picasa 3
QuickTime
Realtek High Definition Audio Driver
Samsung PC Studio 3 USB Driver Installer
Samsung Recovery Solution 4
Samsung Support Center
Samsung Update Plus
Secunia PSI (2.0.0.3003)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)
Skype Click to Call
SkypeT 5.10
swMSM
TNT Post Fotoservice
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition
Update voor Microsoft Office Excel 2007 Help (KB963678)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
Update voor Microsoft Office Word 2007 Help (KB963665)
User Guide
Verzoek of wijziging voorlopige aanslag 2012
Visual Studio C++ 10.0 Runtime
VLC media player 2.0.5
waterMark V2
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
==== Files Recently Created / Modified ======================
====== C:\windows ====
====== C:\Users\pc\AppData\Local\Temp ====
====== C:\windows\SysWOW64 =====
2013-03-10 19:34:30 F003B6C8BFD5F675A4DD398D2A8AEB63 95648 ----a-w- C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-02-27 20:07:21 600A65F922CCDCBB2D11467914241556 2284544 ----a-w- C:\windows\SysWOW64\msmpeg2vdec.dll
2013-02-27 20:07:20 8B285BDAB7735FDFB18E6F7122923B77 187392 ----a-w- C:\windows\SysWOW64\UIAnimation.dll
2013-02-27 20:07:17 545F1BAAADD0BF1F4FE4586293FCA07D 417792 ----a-w- C:\windows\SysWOW64\WMPhoto.dll
2013-02-27 20:07:15 D4F264FE23F8953D840904418220C15E 293376 ----a-w- C:\windows\SysWOW64\dxgi.dll
2013-02-27 20:07:15 C7A730AFB80B11F93EFC81B1D6F920D7 364544 ----a-w- C:\windows\SysWOW64\XpsGdiConverter.dll
2013-02-27 20:07:15 B3170CCC779B682C3341873EA60CF084 1988096 ----a-w- C:\windows\SysWOW64\d3d10warp.dll
2013-02-27 20:07:15 6A13B4F3B3F575F1E24B877B9359AABA 10752 ---ha-w- C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 20:07:15 6951562DC4625EEFC6EACD52AD165866 9728 ---ha-w- C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 20:07:15 60F4AEFA103D421EA4A40E31409B4756 3072 ---ha-w- C:\windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 20:07:15 589CBC4989F750E1DA35625AB481CF43 4096 ---ha-w- C:\windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 20:07:15 4FF3EC04CD47DD62181894B71B004E40 604160 ----a-w- C:\windows\SysWOW64\d3d10level9.dll
2013-02-27 20:07:15 49ACA548B2423F1C67898E6AC719A9A6 3584 ---ha-w- C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 20:07:15 3C1936A12C62254F914A01BBC6A8DC69 161792 ----a-w- C:\windows\SysWOW64\d3d10_1.dll
2013-02-27 20:07:15 3BE0D923AA45A4DBE091C2D84F0B4FE7 3072 ---ha-w- C:\windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 20:07:15 2E33DFD10F28F86C3FC40EE123CC3904 2560 ---ha-w- C:\windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 20:07:15 1C60E09CA1C3A045BC4D367F67C915B7 5632 ---ha-w- C:\windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 20:07:15 007863E45F25AA47A4C30D0930BBFD85 5632 ---ha-w- C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 20:07:14 FB3F036EF6A467F7AF46C821FF5D198D 220160 ----a-w- C:\windows\SysWOW64\d3d10core.dll
2013-02-27 20:07:14 D4212AB475A3B25EC4DF574536C3EDC5 249856 ----a-w- C:\windows\SysWOW64\d3d10_1core.dll
2013-02-27 20:07:14 8504944851DF6175CC489A8F3328459E 1080832 ----a-w- C:\windows\SysWOW64\d3d10.dll
2013-02-27 20:07:14 7ACDFB4CC67F4993DF0E0731576309B2 1504768 ----a-w- C:\windows\SysWOW64\d3d11.dll
2013-02-27 20:07:14 6A7B5A3EFCCDB53DA41CF6838056990F 1158144 ----a-w- C:\windows\SysWOW64\XpsPrint.dll
2013-02-27 20:07:14 4277F5164DE9B7C665BB928B9145BEE0 1247744 ----a-w- C:\windows\SysWOW64\DWrite.dll
2013-02-27 20:07:13 9FF8F684BACF326082E5562F7C104A79 3419136 ----a-w- C:\windows\SysWOW64\d2d1.dll
2013-02-27 20:07:13 62A6EB5771580CAE445804389F3F7432 207872 ----a-w- C:\windows\SysWOW64\WindowsCodecsExt.dll
2013-02-27 20:07:13 3BCECD87AB4E6743BFB45B352AD1A529 1230336 ----a-w- C:\windows\SysWOW64\WindowsCodecs.dll
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
2013-02-27 20:07:20 E8EEA503870CB6A6DC4E09A2433DF33E 2776576 ----a-w- C:\windows\Sysnative\msmpeg2vdec.dll
2013-02-27 20:07:20 04CB7C8FDC6D9640DD82A527208F72C4 221184 ----a-w- C:\windows\Sysnative\UIAnimation.dll
2013-02-27 20:07:17 893E8C1E4A1263EDDB1A6922D0E32201 465920 ----a-w- C:\windows\Sysnative\WMPhoto.dll
2013-02-27 20:07:15 FB4045578F5180BDB1963AB352B78548 5632 ---ha-w- C:\windows\Sysnative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 20:07:15 F5CEF064C7E6D95DA86B9D064A56A969 3584 ---ha-w- C:\windows\Sysnative\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 20:07:15 F49E92B50CED5C9F1725D3C0329FD933 10752 ---ha-w- C:\windows\Sysnative\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 20:07:15 C498EF41B93986BCBD483597573EB96D 2565120 ----a-w- C:\windows\Sysnative\d3d10warp.dll
2013-02-27 20:07:15 AFC3DB5C6EB8CA8017DDB81D6C0AD02A 9728 ---ha-w- C:\windows\Sysnative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 20:07:15 9AE80F6A66B30E3ED8CDF858CF28B11B 194560 ----a-w- C:\windows\Sysnative\d3d10_1.dll
2013-02-27 20:07:15 9108540E866F75C7AF2B91DD921A8091 3072 ---ha-w- C:\windows\Sysnative\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 20:07:15 9094039A00485F71C4DE64BF51F64C46 3072 ---ha-w- C:\windows\Sysnative\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 20:07:15 8DFB5752FCE145A6B295093C0A8BE131 363008 ----a-w- C:\windows\Sysnative\dxgi.dll
2013-02-27 20:07:15 72723D3E4781BADC62C3180C137E7B23 4096 ---ha-w- C:\windows\Sysnative\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 20:07:15 6F623BD09CBB4C3F97374F12976E5EA5 522752 ----a-w- C:\windows\Sysnative\XpsGdiConverter.dll
2013-02-27 20:07:15 64A4AB126E24FD3F58EBE64852773DB5 2560 ---ha-w- C:\windows\Sysnative\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 20:07:15 3834316FE8A653227282196525E07DFE 648192 ----a-w- C:\windows\Sysnative\d3d10level9.dll
2013-02-27 20:07:15 0E6FBF19D9DFBB77316C23DF91F8A101 5632 ---ha-w- C:\windows\Sysnative\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 20:07:14 FA428BDBCFAB9DC3D58F0BD2CCD50EA2 1682432 ----a-w- C:\windows\Sysnative\XpsPrint.dll
2013-02-27 20:07:14 C4C183E6551084039EC862DA1C945E3D 1175552 ----a-w- C:\windows\Sysnative\FntCache.dll
2013-02-27 20:07:14 B2CA1AC17E78D986B22FD6C2261CD84F 1238528 ----a-w- C:\windows\Sysnative\d3d10.dll
2013-02-27 20:07:14 AFB73882AE41E1629A63E6713FE30FB9 296960 ----a-w- C:\windows\Sysnative\d3d10core.dll
2013-02-27 20:07:14 63F72417CA38D8FC8F53709649B589E3 333312 ----a-w- C:\windows\Sysnative\d3d10_1core.dll
2013-02-27 20:07:14 448B02AD260EC3E1E892FCE6DFDDEEBD 1887232 ----a-w- C:\windows\Sysnative\d3d11.dll
2013-02-27 20:07:13 F1C19F0AA151B90A7416FA1D50DDB582 245248 ----a-w- C:\windows\Sysnative\WindowsCodecsExt.dll
2013-02-27 20:07:13 BDDF242A49E7B7DC5CCEC291BCE53ACB 1424384 ----a-w- C:\windows\Sysnative\WindowsCodecs.dll
2013-02-27 20:07:13 7E8A672B7B06A6EB11960C22E0360C59 3928064 ----a-w- C:\windows\Sysnative\d2d1.dll
2013-02-27 20:07:13 63BB89DED1E9104E68D33E54DE4D340D 1643520 ----a-w- C:\windows\Sysnative\DWrite.dll
====== C:\windows\Sysnative\drivers =====
2013-02-13 18:59:50 B62A953F2BF3922C8764A29C34A22899 1913192 ----a-w- C:\windows\Sysnative\drivers\tcpip.sys
2013-02-13 18:59:50 41C67E4205C606A103DEC8651D0B6FE6 288088 ----a-w- C:\windows\Sysnative\drivers\FWPKCLNT.SYS
====== C:\windows\Tasks ======
====== C:\windows\Temp ======
======= C:\Program Files =====
2013-02-26 18:27:54 -------- d-----w- C:\Program Files\iTunes
2013-02-26 18:27:54 -------- d-----w- C:\Program Files\iPod
======= C:\Program Files (x86) =====
2013-02-28 19:48:31 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-02-26 18:27:54 -------- d-----w- C:\Program Files (x86)\iTunes
======= C: =====
2013-03-10 19:06:58 926267F4C55397317B018FA54E0C2182 3842 ----a-w- C:\AdwCleaner[s1].txt
====== C:\Users\pc\AppData\Roaming ======
2013-03-05 19:34:04 -------- d-----w- C:\users\Public\AppData\Local\temp
2013-03-05 19:34:04 -------- d-----w- C:\users\Default\AppData\Local\temp
2013-03-05 19:34:04 -------- d-----w- C:\users\Default User\AppData\Local\temp
====== C:\Users\pc ======
2013-03-04 19:35:57 -------- d-----w- C:\Users\Public\AppData
2013-02-26 18:27:54 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
====== C: exe-files ==
2013-03-10 19:04:24 BDA238D4079311DB2C4C96A5A098C956 597667 ----a-w- C:\Users\pc\Downloads\adwcleaner.exe
2013-03-06 19:07:39 526F48333DC36D7AA3BF9314AA195E38 829280 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\25.0.1364.152\25.0.1364.152_25.0.1364.97_chrome_updater.exe
2013-03-06 18:52:41 5945B121AC1E658F4049E0EEC68F2973 183208 ------r- C:\Program Files (x86)\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012u.exe
2013-03-06 18:52:15 680E65246E7BB601926F2A2532574C78 2825952 ----a-w- C:\Users\pc\Downloads\ib2012_win_setup.exe
=== C: other files ==
2013-03-10 20:48:27 73BC967117116854EE1EB45241B01DB7 3318787 ----a-w- C:\Users\pc\Documents\Marijke\2013_03_10\Overeenkomst.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-21-877862175-3224100145-3519368881-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
==== Startup Registry Disabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\(default)]
"command"=""
"hkey"="HKLM"
"item"="(default)"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""
"hkey"="HKLM"
"item"="APSDaemon"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonSolutionMenuEx]
"command"="C:\\Program Files (x86)\\Canon\\Solution Menu EX\\CNSEMAIN.EXE /logon"
"hkey"="HKLM"
"item"="CanonSolutionMenuEx"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CLMLServer"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GrooveMonitor"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office12\\GrooveMonitor.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HotKeysCmds"
"hkey"="HKLM"
"command"="C:\\windows\\system32\\hkcmd.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HP Software Update"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IgfxTray"
"hkey"="HKLM"
"command"="C:\\windows\\system32\\igfxtray.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IJNetworkScannerSelectorEX]
"command"="C:\\Program Files (x86)\\Canon\\IJ Network Scanner Selector EX\\CNMNSST.exe /FORCE"
"hkey"="HKLM"
"item"="IJNetworkScannerSelectorEX"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""
"hkey"="HKLM"
"item"="iTunesHelper"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KPN]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KPN"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\KPN\\bin\\sprtcmd.exe\" /P KPN"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDVD8LanguageShortcut]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDVD8LanguageShortcut"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD8\\Language\\Language.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Persistence"
"hkey"="HKLM"
"command"="C:\\windows\\system32\\igfxpers.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"
"hkey"="HKLM"
"item"="QuickTime Task"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl8]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RemoteControl8"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD8\\PDVD8Serv.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RtHDVCpl"
"hkey"="HKLM"
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Sidebar"
"hkey"="HKCU"
"command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPEnh"
"hkey"="HKLM"
"command"="%ProgramFiles%\\Synaptics\\SynTP\\SynTPEnh.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UCam_Menu]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UCam_Menu"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\CyberLink\\YouCam\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\YouCam\" UpdateWithCreateOnce \"Software\\CyberLink\\YouCam\\2.0\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateLBPShortCut]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UpdateLBPShortCut"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\CyberLink\\LabelPrint\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\LabelPrint\" UpdateWithCreateOnce \"Software\\CyberLink\\LabelPrint\\2.5\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateP2GoShortCut]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UpdateP2GoShortCut"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\Power2Go\" UpdateWithCreateOnce \"SOFTWARE\\CyberLink\\Power2Go\\6.0\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdatePDRShortCut]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UpdatePDRShortCut"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\CyberLink\\PowerDirector\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\PowerDirector\" UpdateWithCreateOnce \"Software\\CyberLink\\PowerDirector\\7.0\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdatePPShortCut]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UpdatePPShortCut"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\CyberLink\\PowerProducer\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\PowerProducer\" UpdateWithCreateOnce \"Software\\CyberLink\\PowerProducer\\5.0\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk"
"backup"="C:\\windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\HP\\DIGITA~1\\bin\\hpqtra08.exe "
"item"="HP Digital Imaging Monitor"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
"backup"="C:\\windows\\pss\\Secunia PSI Tray.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\Program Files (x86)\\Secunia\\PSI\\psi_tray.exe"
"item"="Secunia PSI Tray"
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Secunia PSI Tray.lnk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^pc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"path"="C:\\Users\\pc\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\pc\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe "
"item"="Dropbox"
==== Startup Folders ======================
2013-03-10 19:29:22 850 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
==== Task Scheduler Jobs ======================
C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [28-02-2013 21:36]
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-05-2011 12:30]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-05-2011 12:30]
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Kaspersky URL Advisor - %AppDir%\extensions\linkfilter@kaspersky.ru
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}
==== Firefox Plugins ======================
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02-10-2012 12:14]
Facebook - pc - Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm
Email this page (by Google) - pc - Default\Extensions\dbeoemfhkdniadbojeencpkgmobndpai
Weerplaza - pc - Default\Extensions\djakjaebiehcbcjclfgifnhipfcobpaa
Facebook Disconnect - pc - Default\Extensions\ejpepffjfmamnambagiibghpglaidiec
Skype Click to Call - pc - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Radio - pc - Default\Extensions\nhpdjhpnoggcnfihakphcdibkdohbmcm
Send from Gmail (by Google) - pc - Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\users\pc\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\users\pc\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully
C:\windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\pc\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
-
# AdwCleaner v2.114 - Verslag gemaakt op 10/03/2013 om 20:06:58
# Geactualiseerd op 05/03/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruiker : pc - PC-PC
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\pc\Downloads\adwcleaner.exe
# Optie [Verwijderen]
***** [Diensten] *****
***** [Files / Mappen] *****
File Verwijdert : C:\END
Map Verwijdert : C:\Program Files (x86)\Conduit
Map Verwijdert : C:\Program Files (x86)\Perion
Map Verwijdert : C:\Program Files\IB Updater
Map Verwijdert : C:\Users\pc\AppData\Local\Conduit
Map Verwijdert : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Map Verwijdert : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Map Verwijdert : C:\Users\pc\AppData\LocalLow\Conduit
***** [Register] *****
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar
Sleutel Verwijdert : HKCU\Software\IM
Sleutel Verwijdert : HKCU\Software\ImInstaller
Sleutel Verwijdert : HKCU\Software\InstallCore
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2727678
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Sleutel Verwijdert : HKLM\Software\Conduit
Sleutel Verwijdert : HKLM\Software\IB Updater
Sleutel Verwijdert : HKLM\Software\ImInstaller
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
***** [browsers] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Het register bevat geen enkele ongeoorloofde invoer.
-\\ Mozilla Firefox v10.0.3 (en-US)
File : C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\98z81bcx.default\prefs.js
[OK] De file bevat geen enkele ongeoorloofde invoer.
-\\ Google Chrome v25.0.1364.152
File : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] De file bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner[s1].txt - [3723 octets] - [10/03/2013 20:06:58]
########## EOF - C:\AdwCleaner[s1].txt - [3783 octets] ##########
-
Ik wil toch uw hulp weer inroepen, het duurt ruim 1 minuut voordat Facebook opstart.
-
Gisteravond het het opstarten van Facebook nog heel traag, maar nu ging het heel snel. Hopelijk is nu het opgelost.
-
ComboFix 13-03-05.01 - pc 05-03-2013 20:19:42.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3893.2618 [GMT 1:00]
Gestart vanuit: c:\users\pc\Downloads\ComboFix.exe
gebruikte Opdracht switches :: c:\users\pc\Desktop\CFScript.txt
AV: Kaspersky PURE *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky PURE *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky PURE *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Besmet exemplaar van c:\windows\SysWow64\userinit.exe werd aangetroffen en gedesinfecteerd
Hersteld exemplaar van - c:\windows\erdnt\cache86\userinit.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-02-05 to 2013-03-05 ))))))))))))))))))))))))))))))
.
.
2013-03-05 19:26 . 2013-03-05 19:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-05 18:53 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C333B7AD-50B7-4A7A-A69C-40F6F175636B}\mpengine.dll
2013-03-01 12:26 . 2013-03-01 12:26 -------- d-----w- c:\users\pc\AppData\Roaming\Malwarebytes
2013-03-01 12:26 . 2013-03-01 12:26 -------- d-----w- c:\programdata\Malwarebytes
2013-03-01 12:26 . 2013-03-01 12:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-01 12:26 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-28 19:48 . 2013-02-28 19:48 388096 ----a-r- c:\users\pc\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-28 19:48 . 2013-02-28 19:48 -------- d-----w- c:\program files (x86)\Trend Micro
2013-02-26 18:27 . 2013-02-26 18:28 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-02-26 18:27 . 2013-02-26 18:28 -------- d-----w- c:\program files\iTunes
2013-02-26 18:27 . 2013-02-26 18:28 -------- d-----w- c:\program files (x86)\iTunes
2013-02-26 18:27 . 2013-02-26 18:27 -------- d-----w- c:\program files\iPod
2013-02-24 19:53 . 2013-02-24 19:53 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-02-13 19:01 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 19:01 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 19:01 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 18:59 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 18:59 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 18:52 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-13 18:52 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-13 18:52 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-13 18:52 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-13 18:52 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-13 18:52 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-13 18:52 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 18:52 . 2012-12-26 05:47 1111040 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 18:52 . 2012-12-26 04:49 760320 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-04 19:06 . 2013-02-04 19:06 -------- d-----w- c:\programdata\Trusteer
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-28 20:36 . 2012-03-29 18:16 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-28 20:36 . 2011-11-16 19:32 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-13 20:44 . 2011-05-10 18:21 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-01-17 00:28 . 2011-05-10 13:01 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-04 04:43 . 2013-02-13 18:52 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-18 09:06 . 2013-01-04 19:05 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-12-18 09:06 . 2012-12-18 09:06 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
2012-12-18 09:06 . 2012-12-18 09:06 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
2012-12-18 09:06 . 2012-12-18 09:06 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
2012-12-18 09:06 . 2012-12-18 09:06 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
2012-12-18 09:06 . 2012-12-18 09:06 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
2012-12-18 09:06 . 2012-12-18 09:06 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
2012-12-18 09:06 . 2012-12-18 09:06 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
2012-12-18 09:06 . 2012-12-18 09:06 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
2012-12-18 09:06 . 2012-12-18 09:06 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
2012-12-18 09:06 . 2012-12-18 09:06 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-12-18 09:06 . 2012-12-18 09:06 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2012-12-18 09:06 . 2012-12-18 09:06 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
2012-12-18 09:06 . 2012-12-18 09:06 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
2012-12-18 09:06 . 2012-12-18 09:06 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
2012-12-18 09:06 . 2012-12-18 09:06 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
2012-12-18 09:06 . 2012-12-18 09:06 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
2012-12-18 09:06 . 2012-12-18 09:06 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2012-12-18 09:06 . 2012-12-18 09:06 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
2012-12-18 09:06 . 2012-12-18 09:06 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
2012-12-18 09:06 . 2012-12-18 09:06 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
2012-12-18 09:06 . 2012-12-18 09:06 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
2012-12-18 09:06 . 2012-12-18 09:06 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
2012-12-18 09:06 . 2012-12-18 09:06 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
2012-12-18 09:06 . 2012-12-18 09:06 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
2012-12-18 09:06 . 2012-12-18 09:06 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
2012-12-16 17:11 . 2012-12-21 21:03 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 21:03 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 21:03 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 21:03 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 19:16 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 19:16 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 19:16 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 19:16 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 19:16 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 19:16 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 19:16 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 19:16 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 19:16 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 19:16 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 19:16 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 19:16 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 19:16 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 19:16 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 19:16 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 19:16 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 19:16 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 19:16 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 19:16 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 19:16 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 19:16 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 19:16 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 19:16 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 19:16 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 19:16 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 19:16 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 19:16 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 19:16 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 19:16 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 19:16 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 19:16 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-12-07 10:46 . 2013-01-09 19:16 55296 ----a-w- c:\windows\SysWow64\cero.rs
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2010-10-01 19:05 129624 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\shellex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MyTomTomSA.exe"="c:\program files (x86)\MyTomTom 3\MyTomTomSA.exe" [2012-09-10 436728]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-29 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe" [2010-10-01 348760]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~2\KASPER~1\KASPER~1\sbhook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AF9035HB;AF9035 Hybrid Device;c:\windows\system32\Drivers\AF9035HB.sys [2012-02-26 897792]
R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [2008-03-20 28672]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-14 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\DRIVERS\CSCrySec.sys [2009-12-14 85048]
S0 KLBG;Kaspersky Lab Boot Guard Driver;c:\windows\system32\DRIVERS\klbg.sys [2009-10-14 40464]
S1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\DRIVERS\CSVirtualDiskDrv.sys [2009-12-14 66104]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-09-14 27152]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 13824]
S2 CSObjectsSrv;CryptoStorage control service;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-08-29 289280]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-02 21008]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-09-28 395264]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-26 19:07 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2013-03-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 20:36]
.
2013-03-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-29 11:30]
.
2013-03-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-29 11:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2010-10-01 19:06 170584 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ShellEx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\x64\sbhook64.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://samsung.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-TNT Post Fotoservice - c:\program files (x86)\TNT Post Fotoservice\TNT Post Fotoservice\uninstall.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
c:\program files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
c:\program files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Voltooingstijd: 2013-03-05 20:34:01 - machine werd herstart
ComboFix-quarantined-files.txt 2013-03-05 19:34
ComboFix2.txt 2013-03-04 19:35
.
Pre-Run: 136.476.561.408 bytes beschikbaar
Post-Run: 136.391.553.024 bytes beschikbaar
.
- - End Of File - - D61551CE64D782DCCF84F8FBC70C4F86
-
ComboFix 13-03-04.01 - pc 04-03-2013 20:19:30.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3893.2036 [GMT 1:00]
Gestart vanuit: c:\users\pc\Downloads\ComboFix.exe
AV: Kaspersky PURE *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky PURE *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky PURE *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Voorgaande Run -------
.
c:\windows\SysWow64\muzapp.exe
.
c:\windows\SysWow64\Drivers\atapi.sys . . . is geïnfecteerd!!
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-02-04 to 2013-03-04 ))))))))))))))))))))))))))))))
.
.
2013-03-03 12:46 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{61A597C2-50C3-43E7-AB94-8F4D2A693A32}\mpengine.dll
2013-03-01 12:26 . 2013-03-01 12:26 -------- d-----w- c:\users\pc\AppData\Roaming\Malwarebytes
2013-03-01 12:26 . 2013-03-01 12:26 -------- d-----w- c:\programdata\Malwarebytes
2013-03-01 12:26 . 2013-03-01 12:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-01 12:26 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-28 19:48 . 2013-02-28 19:48 388096 ----a-r- c:\users\pc\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-28 19:48 . 2013-02-28 19:48 -------- d-----w- c:\program files (x86)\Trend Micro
2013-02-26 18:27 . 2013-02-26 18:28 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-02-26 18:27 . 2013-02-26 18:28 -------- d-----w- c:\program files\iTunes
2013-02-26 18:27 . 2013-02-26 18:28 -------- d-----w- c:\program files (x86)\iTunes
2013-02-26 18:27 . 2013-02-26 18:27 -------- d-----w- c:\program files\iPod
2013-02-24 19:53 . 2013-02-24 19:53 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-02-13 19:01 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 19:01 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 19:01 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 18:59 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 18:59 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 18:52 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-13 18:52 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-13 18:52 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-13 18:52 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-13 18:52 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-13 18:52 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-13 18:52 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 18:52 . 2012-12-26 05:47 1111040 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 18:52 . 2012-12-26 04:49 760320 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-04 19:06 . 2013-02-04 19:06 -------- d-----w- c:\programdata\Trusteer
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-28 20:36 . 2012-03-29 18:16 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-28 20:36 . 2011-11-16 19:32 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-13 20:44 . 2011-05-10 18:21 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-01-17 00:28 . 2011-05-10 13:01 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-04 04:43 . 2013-02-13 18:52 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-18 09:06 . 2013-01-04 19:05 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-12-18 09:06 . 2012-12-18 09:06 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
2012-12-18 09:06 . 2012-12-18 09:06 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
2012-12-18 09:06 . 2012-12-18 09:06 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
2012-12-18 09:06 . 2012-12-18 09:06 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
2012-12-18 09:06 . 2012-12-18 09:06 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
2012-12-18 09:06 . 2012-12-18 09:06 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
2012-12-18 09:06 . 2012-12-18 09:06 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
2012-12-18 09:06 . 2012-12-18 09:06 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
2012-12-18 09:06 . 2012-12-18 09:06 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
2012-12-18 09:06 . 2012-12-18 09:06 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-12-18 09:06 . 2012-12-18 09:06 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2012-12-18 09:06 . 2012-12-18 09:06 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
2012-12-18 09:06 . 2012-12-18 09:06 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
2012-12-18 09:06 . 2012-12-18 09:06 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
2012-12-18 09:06 . 2012-12-18 09:06 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
2012-12-18 09:06 . 2012-12-18 09:06 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
2012-12-18 09:06 . 2012-12-18 09:06 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2012-12-18 09:06 . 2012-12-18 09:06 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
2012-12-18 09:06 . 2012-12-18 09:06 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
2012-12-18 09:06 . 2012-12-18 09:06 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
2012-12-18 09:06 . 2012-12-18 09:06 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
2012-12-18 09:06 . 2012-12-18 09:06 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
2012-12-18 09:06 . 2012-12-18 09:06 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
2012-12-18 09:06 . 2012-12-18 09:06 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
2012-12-18 09:06 . 2012-12-18 09:06 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
2012-12-16 17:11 . 2012-12-21 21:03 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 21:03 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 21:03 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 21:03 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 19:16 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 19:16 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 19:16 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 19:16 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 19:16 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 19:16 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 19:16 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 19:16 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 19:16 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 19:16 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 19:16 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 19:16 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 19:16 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 19:16 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 19:16 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 19:16 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 19:16 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 19:16 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 19:16 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 19:16 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 19:16 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 19:16 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 19:16 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 19:16 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 19:16 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 19:16 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 19:16 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 19:16 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 19:16 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 19:16 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 19:16 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-12-07 10:46 . 2013-01-09 19:16 55296 ----a-w- c:\windows\SysWow64\cero.rs
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2010-10-01 19:05 129624 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\shellex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MyTomTomSA.exe"="c:\program files (x86)\MyTomTom 3\MyTomTomSA.exe" [2012-09-10 436728]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-29 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe" [2010-10-01 348760]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~2\KASPER~1\KASPER~1\sbhook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AF9035HB;AF9035 Hybrid Device;c:\windows\system32\Drivers\AF9035HB.sys [2012-02-26 897792]
R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [2008-03-20 28672]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-14 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\DRIVERS\CSCrySec.sys [2009-12-14 85048]
S0 KLBG;Kaspersky Lab Boot Guard Driver;c:\windows\system32\DRIVERS\klbg.sys [2009-10-14 40464]
S1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\DRIVERS\CSVirtualDiskDrv.sys [2009-12-14 66104]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-09-14 27152]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 13824]
S2 CSObjectsSrv;CryptoStorage control service;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-08-29 289280]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-02 21008]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-09-28 395264]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-26 19:07 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2013-03-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 20:36]
.
2013-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-29 11:30]
.
2013-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-29 11:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
2012-11-20 14:09 215896 ----a-w- c:\program files\IB Updater\Extension64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2010-10-01 19:06 170584 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ShellEx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\x64\sbhook64.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://samsung.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Toevoegen aan Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm
TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-TNT Post Fotoservice - c:\program files (x86)\TNT Post Fotoservice\TNT Post Fotoservice\uninstall.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2013-03-04 20:35:53
ComboFix-quarantined-files.txt 2013-03-04 19:35
.
Pre-Run: 136.841.162.752 bytes beschikbaar
Post-Run: 136.700.067.840 bytes beschikbaar
.
- - End Of File - - 4B4EA890D2B90372D23C9C5851590863
-
Mijn laptop loopt nu niet meer vast, maar Facebook wordt nu vertraagd opgestart.
-
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:56:24, on 3-3-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Virtueel toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Internetadressen c&ontrole - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12445 bytes
-
Hierbij een nieuw logje van HijackTh en MBAM:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:40:01, on 1-3-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Virtueel toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Internetadressen c&ontrole - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IB Updater - Unknown owner - C:\Program Files\IB Updater\ExtensionUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12675 bytes
Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100
Malwarebytes : Free anti-malware download
Databaseversie: v2013.03.01.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
pc :: PC-PC [administrator]
Bescherming: Ingeschakeld
1-3-2013 13:27:15
mbam-log-2013-03-01 (13-27-15).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 212292
Verstreken tijd: 5 minuut/minuten, 49 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
-
Via de link heb ik hopelijk alle rapportmappen verwijderd! Bedankt voor uw hulp!
Mijn probleem is nog niet opgelost, Facebook wordt heel langzaam geopend. Wilt u svp controleren of mailware of virussen de oorzaak zijn van mijn probleem?
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:57:52, on 28-2-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MyStart by IncrediMail.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IB Updater Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- Kaspersky Lab UK :: Renew your antivirus software now! | Kaspersky Lab
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Virtueel toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Internetadressen c&ontrole - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IB Updater - Unknown owner - C:\Program Files\IB Updater\ExtensionUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12613 bytes
-
Hoe kan ik nu zien of Trusteer Rapport echt verwijderd is van mijn computer?
-
Ik had Trusteer Rapport geïnstalleerd op mijn computer en sindsdien ging het fout met Facebook. Nu heb ik Trusteer Rapport verwijderd en kan weer zonder problemen op Facebook komen. Kan het zijn dat Trusteer Rapport de boosdoener was?
Alvast bedankt voor uw hulp
Facebook loopt vast bij opstarten
in Archief Internet & Netwerk
Geplaatst: