Lipo

Hallo, Het probleem blijkt vanzelf na een heropstart opgelost te zijn. Hartelijk dank voor de hulp en mocht er nog een probleem zijn hoor je nog van mij. Mvg. Lipo

De snelheid is behoorlijk verbeterd maar ik krijg regelmatig een melding van een schadelijke website zowel van avast als van malwarebytes Anti-malware meestal in Microsoft Edge. Mvg. Lipo

Hallo, ik heb juist AdwCleaner laten lopen en in bijlage vind je de logfile. Mvg. Lipo AdwCleanerC1.txt

zoek-results.txtHallo, ik heb zojuist de nieuwste versie van Java geïnstalleerd en daarna zoek.exe met de code laten lopen. In bijlage zit de logfile zoals gevraagd. Mvg. Lipo

Hallo, Ik denk dat ik met een of ander virus op mijn PC zit, hij start enorm traag op en reageert soms vreemd.Hieronder mijn RSIT logje. Logfile of random's system information tool 1.10 (written by random/random) Run by veerle at 2015-09-29 17:22:17 Microsoft Windows 10 Home System drive C: has 474 GB (80%) free of 593 GB Total RAM: 5606 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:22:42, on 29-9-2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.10240.16412) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe C:\Users\veerle\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\veerle.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~2\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file) O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [ANT Agent] C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe O4 - HKCU\..\Run: [OneDrive] "C:\Users\veerle\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [spybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Startup: MyPC Backup.lnk.disabled O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~2\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~2\SDHelper.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.1.0.0/GarminAxControl_32.CAB O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13967 bytes ======Listing Processes====== C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS winlogon.exe "dwm.exe" C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\atiesrxx.exe C:\WINDOWS\system32\svchost.exe -k LocalService atieclxx C:\WINDOWS\System32\svchost.exe -k NetworkService "C:\Program Files\HitmanPro\hmpsched.exe" "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService "c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\WINDOWS\system32\svchost.exe -k apphost C:\WINDOWS\System32\svchost.exe -k utcsvc "C:\Program Files (x86)\Launch Manager\dsiwmis.exe" "C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe" dashost.exe {c2dc8640-d60d-4182-b83af1c11995c113} "C:\Program Files\Acer\Acer Updater\UpdaterService.exe" "C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" C:\WINDOWS\system32\mqsvc.exe "C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe" C:\WINDOWS\system32\svchost.exe -k iissvcs "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe" "C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe" C:\WINDOWS\system32\svchost.exe -k imgsvc "C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe" C:\WINDOWS\system32\svchost.exe -k appmodel C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe "C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator sihost.exe taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E} "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray "C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe" C:\WINDOWS\Explorer.EXE "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" taskeng.exe {228DFF00-8649-4AA1-8990-C2D813A905A6} "C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe" "C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe" "C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe" "C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca C:\WINDOWS\system32\SearchIndexer.exe /Embedding C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s C:\WINDOWS\system32\wbem\wmiprvse.exe "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4 "C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe" C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding "C:\Users\veerle\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe" C:\WINDOWS\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k "C:\Program Files (x86)\Launch Manager\LManager.exe" "C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe" "C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe" "C:\Program Files (x86)\Launch Manager\LMworker.exe" "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "fontdrvhost.exe" C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding C:\WINDOWS\system32\SettingSyncHost.exe -Embedding C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca "C:\Program Files\EgisTec IPS\PMMUpdate.exe" "C:\Program Files\EgisTec IPS\EgisUpdate.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5616.0.771811312\367734977" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --gpu-vendor-id=0x1002 --gpu-device-id=0x9647 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1062.1004 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="5616.2.1836089052\1983374911" --font-cache-shared-handle=2520 /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-experimental-extension-apis --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="5616.3.400927372\344778043" --font-cache-shared-handle=2820 /prefetch:673131151 C:\Windows\System32\SystemSettingsBroker.exe -Embedding C:\WINDOWS\system32\DllHost.exe /Processid:{478B41E6-3257-4519-BDA8-E971F9843849} "C:\WINDOWS\System32\NetworkUXBroker.exe" -ServerName:Windows.Networking.UX "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe" -ServerName:RemindersServer "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6208.42001.0_x64__8wekyb3d8bbwe\HxMail.exe" -ServerName:microsoft.windowslive.mail.AppX7fgs1v31b27fq9zen50wdw83aappcatm.mca "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6208.42001.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server "C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.922.11070.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca "C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.13251.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe" -ServerName:ActionUriServer "C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\WINDOWS\system32\SearchFilterHost.exe" 0 616 620 628 8192 624 "C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2552160748-1258426742-3539396727-10009_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2552160748-1258426742-3539396727-10009 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" "C:\Users\veerle\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-11 655480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~2\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-07 460384] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-11 559624] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-07 172640] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016] "CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2726728] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-08-07 3935912] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696] "RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ANT Agent"=C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe [2013-02-15 14731776] "OneDrive"=C:\Users\veerle\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-09-09 405584] "SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-02 1155928] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^veerle^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^tcbhn.lnk] C:\Users\veerle\AppData\Roaming\BROWSE~1\tcbhn.exe -interval=10 -IEhome=0 -IEsearch=0 -FFhome=0 -FFsearch=0 -CHhome=0 -CHsearch=0 -pubId= -affId= [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-15 1081424] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-26 6134544] C:\Users\veerle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup MyPC Backup.lnk.disabled - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DSCAutomationHostEnabled"=2 "SoftwareSASGeneration"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "vidc.i420"=iyuv_32.dll "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-09-29 17:22:18 ----D---- C:\Program Files\trend micro 2015-09-29 17:22:17 ----D---- C:\rsit 2015-09-29 16:19:29 ----HD---- C:\OneDriveTemp 2015-09-28 17:06:12 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 2015-09-28 17:05:39 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys 2015-09-28 17:05:38 ----D---- C:\ProgramData\Malwarebytes 2015-09-28 17:05:38 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-09-28 17:05:38 ----A---- C:\WINDOWS\system32\drivers\mwac.sys 2015-09-28 17:05:38 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2015-09-28 16:35:20 ----D---- C:\Program Files\HitmanPro 2015-09-28 16:33:49 ----D---- C:\ProgramData\HitmanPro 2015-09-28 16:17:29 ----D---- C:\Users\veerle\AppData\Roaming\QuickScan 2015-09-26 15:34:16 ----A---- C:\WINDOWS\system32\drivers\tmcomm.sys 2015-09-26 15:04:54 ----A---- C:\WINDOWS\system32\aswBoot.exe 2015-09-26 15:04:42 ----A---- C:\WINDOWS\avastSS.scr 2015-09-21 09:37:16 ----D---- C:\WINDOWS\system32\fei 2015-09-21 09:37:14 ----D---- C:\WINDOWS\TEMPfolder 2015-09-09 10:30:55 ----A---- C:\WINDOWS\system32\mshtml.dll 2015-09-09 10:30:53 ----A---- C:\WINDOWS\system32\edgehtml.dll 2015-09-09 10:30:51 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll 2015-09-09 10:30:48 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll 2015-09-09 10:30:45 ----A---- C:\WINDOWS\system32\ieframe.dll 2015-09-09 10:30:44 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll 2015-09-09 10:30:42 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll 2015-09-09 10:30:41 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-09-09 10:30:41 ----A---- C:\WINDOWS\system32\authui.dll 2015-09-09 10:30:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll 2015-09-09 10:30:40 ----A---- C:\WINDOWS\SYSWOW64\authui.dll 2015-09-09 10:30:39 ----A---- C:\WINDOWS\system32\win32kfull.sys 2015-09-09 10:30:36 ----A---- C:\WINDOWS\system32\SettingSync.dll 2015-09-09 10:30:36 ----A---- C:\WINDOWS\system32\jscript.dll 2015-09-09 10:30:35 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll 2015-09-09 10:30:35 ----A---- C:\WINDOWS\system32\iertutil.dll 2015-09-09 10:30:34 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll 2015-09-09 10:30:34 ----A---- C:\WINDOWS\system32\schedsvc.dll 2015-09-09 10:30:33 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll 2015-09-09 10:30:33 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe 2015-09-09 10:30:33 ----A---- C:\WINDOWS\system32\winlogon.exe 2015-09-09 10:30:33 ----A---- C:\WINDOWS\system32\vbscript.dll 2015-09-09 10:30:33 ----A---- C:\WINDOWS\system32\fontdrvhost.exe 2015-09-09 10:30:32 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll 2015-09-09 10:30:32 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll 2015-09-09 10:30:32 ----A---- C:\WINDOWS\system32\Windows.UI.PicturePassword.dll 2015-09-09 10:30:32 ----A---- C:\WINDOWS\system32\win32kbase.sys 2015-09-09 10:30:32 ----A---- C:\WINDOWS\system32\shacct.dll 2015-09-09 10:30:32 ----A---- C:\WINDOWS\system32\atmfd.dll 2015-09-09 10:30:31 ----A---- C:\WINDOWS\system32\acmigration.dll 2015-09-09 10:30:30 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll 2015-09-09 10:30:30 ----A---- C:\WINDOWS\system32\atmlib.dll 2015-09-02 15:09:31 ----A---- C:\WINDOWS\system32\shell32.dll 2015-09-02 15:09:13 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll 2015-09-02 15:09:10 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll 2015-09-02 15:09:09 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-09-02 15:09:09 ----A---- C:\WINDOWS\system32\LicenseManager.dll 2015-09-02 15:09:08 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll 2015-09-02 15:09:08 ----A---- C:\WINDOWS\system32\dwmcore.dll 2015-09-02 15:09:07 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll 2015-09-02 15:09:07 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll 2015-09-02 15:09:07 ----A---- C:\WINDOWS\system32\wuaueng.dll 2015-09-02 15:09:07 ----A---- C:\WINDOWS\system32\NetSetupShim.dll 2015-09-02 15:09:07 ----A---- C:\WINDOWS\system32\modernexecserver.dll 2015-09-02 15:09:06 ----A---- C:\WINDOWS\system32\ntoskrnl.exe 2015-09-02 15:09:05 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll 2015-09-02 15:09:05 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll 2015-09-02 15:09:05 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll 2015-09-02 15:09:05 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS 2015-09-02 15:09:05 ----A---- C:\WINDOWS\system32\ci.dll 2015-09-02 15:09:05 ----A---- C:\WINDOWS\system32\BthRadioMedia.dll 2015-09-02 15:09:04 ----A---- C:\WINDOWS\system32\wlansvc.dll 2015-09-02 15:09:04 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll 2015-09-02 15:09:04 ----A---- C:\WINDOWS\system32\wfdprov.dll 2015-09-02 15:09:04 ----A---- C:\WINDOWS\system32\wcnwiz.dll 2015-09-02 15:09:04 ----A---- C:\WINDOWS\system32\WcnNetsh.dll 2015-09-02 15:09:04 ----A---- C:\WINDOWS\system32\reseteng.dll 2015-09-02 15:09:04 ----A---- C:\WINDOWS\system32\InstallAgent.exe 2015-09-02 15:09:04 ----A---- C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2015-09-02 15:09:04 ----A---- C:\WINDOWS\system32\aitstatic.exe 2015-09-02 15:09:03 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll 2015-09-02 15:09:03 ----A---- C:\WINDOWS\SYSWOW64\wcnwiz.dll 2015-09-02 15:09:03 ----A---- C:\WINDOWS\SYSWOW64\WcnApi.dll 2015-09-02 15:09:03 ----A---- C:\WINDOWS\SYSWOW64\PackageStateRoaming.dll 2015-09-02 15:09:03 ----A---- C:\WINDOWS\SYSWOW64\fdWCN.dll 2015-09-02 15:09:03 ----A---- C:\WINDOWS\system32\WcnApi.dll 2015-09-02 15:09:03 ----A---- C:\WINDOWS\system32\vaultsvc.dll 2015-09-02 15:09:03 ----A---- C:\WINDOWS\system32\PackageStateRoaming.dll 2015-09-02 15:09:03 ----A---- C:\WINDOWS\system32\fdWCN.dll 2015-09-02 15:09:03 ----A---- C:\WINDOWS\system32\dafWCN.dll 2015-09-02 15:09:03 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-09-02 15:09:03 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-09-02 14:38:02 ----D---- C:\ProgramData\ATI 2015-08-30 16:39:37 ----D---- C:\Program Files\ATI Technologies 2015-08-30 16:34:49 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll 2015-08-30 16:34:49 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll 2015-08-30 16:34:49 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll 2015-08-30 16:34:49 ----A---- C:\WINDOWS\SYSWOW64\detoured.dll 2015-08-30 16:34:49 ----A---- C:\WINDOWS\system32\mantleaxl64.dll 2015-08-30 16:34:49 ----A---- C:\WINDOWS\system32\mantle64.dll 2015-08-30 16:34:49 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll 2015-08-30 16:34:49 ----A---- C:\WINDOWS\system32\detoured.dll 2015-08-30 16:34:49 ----A---- C:\WINDOWS\system32\clinfo.exe 2015-08-30 16:34:48 ----A---- C:\WINDOWS\SYSWOW64\atiuxpag.dll 2015-08-30 16:34:48 ----A---- C:\WINDOWS\SYSWOW64\atiumdva.dll 2015-08-30 16:34:48 ----A---- C:\WINDOWS\SYSWOW64\atiumdag.dll 2015-08-30 16:34:48 ----A---- C:\WINDOWS\system32\atiumd6a.dll 2015-08-30 16:34:47 ----A---- C:\WINDOWS\SYSWOW64\atiu9pag.dll 2015-08-30 16:34:47 ----A---- C:\WINDOWS\system32\atiumd64.dll 2015-08-30 16:34:47 ----A---- C:\WINDOWS\system32\atiu9p64.dll 2015-08-30 16:34:47 ----A---- C:\WINDOWS\system32\atitmm64.dll 2015-08-30 16:34:46 ----A---- C:\WINDOWS\SYSWOW64\atioglxx.dll 2015-08-30 16:34:46 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll 2015-08-30 16:34:46 ----A---- C:\WINDOWS\system32\ATIODE.exe 2015-08-30 16:34:46 ----A---- C:\WINDOWS\system32\ATIODCLI.exe 2015-08-30 16:34:46 ----A---- C:\WINDOWS\system32\atio6axx.dll 2015-08-30 16:34:46 ----A---- C:\WINDOWS\system32\atimuixx.dll 2015-08-30 16:34:46 ----A---- C:\WINDOWS\system32\atimpc64.dll 2015-08-30 16:34:41 ----A---- C:\WINDOWS\SYSWOW64\atiglpxx.dll 2015-08-30 16:34:41 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll 2015-08-30 16:34:41 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe 2015-08-30 16:34:41 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll 2015-08-30 16:34:41 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll 2015-08-30 16:34:41 ----A---- C:\WINDOWS\SYSWOW64\aticalrt.dll 2015-08-30 16:34:41 ----A---- C:\WINDOWS\system32\atiglpxx.dll 2015-08-30 16:34:41 ----A---- C:\WINDOWS\system32\atig6txx.dll 2015-08-30 16:34:41 ----A---- C:\WINDOWS\system32\atig6pxx.dll 2015-08-30 16:34:41 ----A---- C:\WINDOWS\system32\atieah64.exe 2015-08-30 16:34:41 ----A---- C:\WINDOWS\system32\atidemgy.dll 2015-08-30 16:34:41 ----A---- C:\WINDOWS\system32\aticalrt64.dll 2015-08-30 16:34:40 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll 2015-08-30 16:34:40 ----A---- C:\WINDOWS\SYSWOW64\aticaldd.dll 2015-08-30 16:34:40 ----A---- C:\WINDOWS\SYSWOW64\aticalcl.dll 2015-08-30 16:34:40 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll 2015-08-30 16:34:40 ----A---- C:\WINDOWS\SYSWOW64\atiadlxx.dll 2015-08-30 16:34:40 ----A---- C:\WINDOWS\SYSWOW64\amdxc32.dll 2015-08-30 16:34:40 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll 2015-08-30 16:34:40 ----A---- C:\WINDOWS\SYSWOW64\amdocl_ld32.exe 2015-08-30 16:34:40 ----A---- C:\WINDOWS\SYSWOW64\amdocl_as32.exe 2015-08-30 16:34:40 ----A---- C:\WINDOWS\system32\OpenCL.dll 2015-08-30 16:34:40 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll 2015-08-30 16:34:40 ----A---- C:\WINDOWS\system32\aticaldd64.dll 2015-08-30 16:34:40 ----A---- C:\WINDOWS\system32\aticalcl64.dll 2015-08-30 16:34:40 ----A---- C:\WINDOWS\system32\atiapfxx.exe 2015-08-30 16:34:40 ----A---- C:\WINDOWS\system32\atiadlxx.dll 2015-08-30 16:34:40 ----A---- C:\WINDOWS\system32\amdxc64.dll 2015-08-30 16:34:40 ----A---- C:\WINDOWS\system32\amdpcom64.dll 2015-08-30 16:34:40 ----A---- C:\WINDOWS\system32\amdocl_ld64.exe 2015-08-30 16:34:40 ----A---- C:\WINDOWS\system32\amdocl_as64.exe 2015-08-30 16:34:39 ----A---- C:\WINDOWS\system32\amdocl64.dll 2015-08-30 16:34:39 ----A---- C:\WINDOWS\system32\amdocl12cl64.dll 2015-08-30 16:34:38 ----A---- C:\WINDOWS\SYSWOW64\amdocl12cl.dll 2015-08-30 16:34:38 ----A---- C:\WINDOWS\SYSWOW64\amdocl.dll 2015-08-30 16:34:38 ----A---- C:\WINDOWS\SYSWOW64\amdmmcl.dll 2015-08-30 16:34:38 ----A---- C:\WINDOWS\SYSWOW64\amdmantle32.dll 2015-08-30 16:34:38 ----A---- C:\WINDOWS\SYSWOW64\amdhdl32.dll 2015-08-30 16:34:38 ----A---- C:\WINDOWS\system32\amdmmcl6.dll 2015-08-30 16:34:38 ----A---- C:\WINDOWS\system32\amdmiracast.dll 2015-08-30 16:34:38 ----A---- C:\WINDOWS\system32\amdmantle64.dll 2015-08-30 16:34:38 ----A---- C:\WINDOWS\system32\amdhdl64.dll 2015-08-30 16:34:37 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll 2015-08-30 16:34:37 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll ======List of files/folders modified in the last 1 month====== 2015-09-29 17:22:18 ----RD---- C:\Program Files 2015-09-29 17:22:09 ----D---- C:\WINDOWS\Temp 2015-09-29 17:18:31 ----D---- C:\WINDOWS\System32 2015-09-29 17:12:02 ----D---- C:\WINDOWS\system32\sru 2015-09-29 17:11:14 ----D---- C:\WINDOWS\Prefetch 2015-09-29 16:24:51 ----HD---- C:\Program Files\WindowsApps 2015-09-29 16:23:42 ----D---- C:\WINDOWS\system32\drivers 2015-09-29 16:15:37 ----D---- C:\WINDOWS\AppReadiness 2015-09-28 17:52:05 ----D---- C:\WINDOWS\SchCache 2015-09-28 17:51:58 ----RD---- C:\Program Files (x86) 2015-09-28 17:51:57 ----D---- C:\ProgramData\QuickSet 2015-09-28 17:51:54 ----D---- C:\WINDOWS\system32\Tasks 2015-09-28 17:51:54 ----D---- C:\Program Files (x86)\FrostWire 5 2015-09-28 17:12:30 ----HD---- C:\ProgramData 2015-09-28 16:51:21 ----D---- C:\Windows 2015-09-28 16:47:08 ----SHD---- C:\System Volume Information 2015-09-28 16:23:36 ----D---- C:\WINDOWS\system32\drivers\etc 2015-09-28 16:21:39 ----D---- C:\ProgramData\Spybot - Search & Destroy 2015-09-28 15:55:40 ----SD---- C:\Users\veerle\AppData\Roaming\Microsoft 2015-09-28 15:55:07 ----D---- C:\WINDOWS\system32\config 2015-09-27 11:35:57 ----D---- C:\WINDOWS\system32\DriverStore 2015-09-27 11:35:54 ----D---- C:\WINDOWS\INF 2015-09-27 11:35:08 ----D---- C:\WINDOWS\WinSxS 2015-09-27 11:16:08 ----DC---- C:\WINDOWS\Panther 2015-09-27 11:16:07 ----D---- C:\WINDOWS\Minidump 2015-09-27 11:16:07 ----D---- C:\WINDOWS\Logs 2015-09-27 11:16:07 ----D---- C:\WINDOWS\debug 2015-09-26 23:38:29 ----D---- C:\WINDOWS\rescache 2015-09-26 21:20:01 ----D---- C:\WINDOWS\Microsoft.NET 2015-09-26 21:10:25 ----D---- C:\WINDOWS\CbsTemp 2015-09-26 21:10:18 ----D---- C:\WINDOWS\SysWOW64 2015-09-25 10:55:48 ----D---- C:\WINDOWS\pss 2015-09-25 09:42:56 ----SHD---- C:\WINDOWS\Installer 2015-09-21 10:41:04 ----SHD---- C:\Config.Msi 2015-09-21 10:36:06 ----D---- C:\WINDOWS\Tasks 2015-09-21 09:37:17 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll 2015-09-21 09:37:17 ----A---- C:\WINDOWS\system32\dnsapi.dll 2015-09-17 16:26:34 ----RD---- C:\WINDOWS\assembly 2015-09-16 21:36:02 ----D---- C:\ProgramData\SoftwareDistribution 2015-09-16 18:57:28 ----D---- C:\WINDOWS\system32\WinBioPlugIns 2015-09-16 18:57:28 ----D---- C:\WINDOWS\system32\oobe 2015-09-16 18:57:28 ----D---- C:\WINDOWS\system32\drivers\UMDF 2015-09-16 18:57:28 ----D---- C:\WINDOWS\system32\appraiser 2015-09-16 18:57:24 ----RD---- C:\WINDOWS\DevicesFlow 2015-09-16 18:57:24 ----D---- C:\WINDOWS\AppPatch 2015-09-16 18:57:24 ----D---- C:\Program Files\Windows Journal 2015-09-15 18:12:10 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe 2015-09-14 07:50:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2015-09-13 16:13:07 ----D---- C:\ProgramData\Microsoft Help 2015-09-13 16:06:20 ----D---- C:\WINDOWS\system32\MRT 2015-09-09 10:24:38 ----D---- C:\WINDOWS\system32\catroot2 2015-09-02 14:43:39 ----D---- C:\ProgramData\CanonIJPLM 2015-08-30 16:38:23 ----D---- C:\Program Files (x86)\ATI Technologies 2015-08-30 16:38:02 ----D---- C:\ProgramData\Package Cache 2015-08-30 16:34:49 ----A---- C:\WINDOWS\system32\coinst_15.20.dll 2015-08-30 16:34:48 ----A---- C:\WINDOWS\system32\atiuxp64.dll 2015-08-30 16:34:41 ----A---- C:\WINDOWS\system32\atiesrxx.exe 2015-08-30 16:34:41 ----A---- C:\WINDOWS\system32\atieclxx.exe 2015-08-30 16:34:41 ----A---- C:\WINDOWS\system32\atidxx64.dll 2015-08-30 16:34:41 ----A---- C:\WINDOWS\system32\aticfx64.dll 2015-08-30 16:32:53 ----D---- C:\AMD ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-09-26 65224] R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-09-26 274808] R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-09-26 93528] R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-09-26 1049880] R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-09-26 448968] R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968] R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192] R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2011-12-18 22648] R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2011-12-18 20520] R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2011-12-18 62776] R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616] R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-09-26 28656] R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-09-26 90968] R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-09-26 153744] R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128] R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952] R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-08-30 21632992] R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-08-30 675296] R3 AtiHDAudioService;@oem39.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-05-28 102912] R3 b57xdbd;@oem17.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\WINDOWS\System32\drivers\b57xdbd.sys [2011-01-21 67624] R3 b57xdmp;@oem17.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\WINDOWS\System32\drivers\b57xdmp.sys [2011-01-21 19496] R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Stuurprogramma voor Broadcom 802.11 netwerkadapter; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2015-07-10 7593176] R3 bScsiMSa;bScsiMSa; C:\WINDOWS\System32\drivers\bScsiMSa.sys [2011-04-13 51240] R3 bScsiSDa;bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [2011-01-14 85544] R3 DSI_SiUSBXp_3_1;DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [2007-09-06 16384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320] R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\System32\drivers\k57nd60a.sys [2015-07-10 425984] R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-06-18 25816] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-09-29 113880] R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-06-18 64216] R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-08-07 175104] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432] R3 SynTP;@oem42.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-08-07 606376] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408] S0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2011-06-17 79488] S0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2011-06-17 40064] S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800] S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168] S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208] S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720] S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288] S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-07-10 32256] S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736] S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232] S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992] S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016] S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800] S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624] S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376] S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112] S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-08-07 934752] S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-07-10 61952] S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-08-07 46080] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128] R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-08-30 256992] R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-08-03 344064] R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-26 146600] R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-15 352336] R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552] R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2015-09-28 127752] R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880] R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-08-07 26112] R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848] R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832] R2 OneSyncSvc_Session1;Host synchroniseren_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168] R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928] R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-08-07 237736] R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] R3 PimIndexMaintenanceSvc_Session1;Contact Data_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200] S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848] S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-17 268976] S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-07-10 50352] S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136] S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424] S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-11-02 655624] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2015-07-21 209952] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-04-11 194032] S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104] S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344] S3 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-02 2804568] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] S3 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408] S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-08-07 1031680] S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616] S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [] -----------------EOF-----------------

Hallo, Update SP1 en beveiligingsupdate voor Microsoft Silverlight lukt niet om te installeren!

Weer niets gevonden. Emsisoft Emergency Kit - Versie 4.0 Laatste Update: 3/08/2013 20:54:42 Gebruikersaccount: dee-PC\dee Scaninstellingen: Scanmodus: Diepe scan Objecten: Rootkits, Geheugen, Sporen, C:\, D:\ Detecteer riskware: Uit Scan archieven: Aan ADS Scan: Aan Bestandsextensiefilter: Uit Geavanceerde cache: Aan Directe schijftoegang: Uit Scan gestart: 3/08/2013 20:57:06 Gescand 438566 Gevonden 0 Scan geëindigd: 3/08/2013 22:21:14 Scantijd: 1:24:08

Hallo, ik heb de online scan uitgevoerd maar er stond niets in het logbestand. Wel stond het volgende bij de scan results: C:\Users\dee\Downloads\Lipo\Spybot Search & Destroy.exe MSIL/Solimba.Z application cleaned by deleting - quarantined C:\Windows\reset.exe Win32/RiskWare.HackAV.EG application cleaned by deleting - quarantined

De PC is nog steeds traag en windows updates installeren lukt ook nog niet. Hij loopt wel niet meer vast!

Hier ben ik weer! Zoek.exe Version 4.0.0.4 Updated 31-07-2013 Tool run by dee on za 03/08/2013 at 11:55:38,63. Microsoft Windows 7 Starter 6.1.7600 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\dee\Desktop\zoek.exe [script inserted] ==== Deleting CLSID Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} deleted successfully HKEY_CLASSES_ROOT\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\dee\AppData\Roaming\Mozilla\Firefox\Profiles\y36xju8y.default user.js not found ---- Lines {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} removed from prefs.js ---- ---- Lines {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1315166727179},\"{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\",\"mtime\":1314718182236},\"{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\",\"mtime\":1348644282146}}},{\"name\":\"app-profile\",\"addons\":{\"{e001c731-5e37-4538-a5cb-8168736a2360}\":{\"descriptor\":\"C:\\\\Users\\\\dee\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\y36xju8y.default\\\\extensions\\\\{e001c731-5e37-4538-a5cb-8168736a2360}\",\"mtime\":1375366709567}}}]"); ---- FireFox user.js and prefs.js backups ---- prefs_20130308_1011_.backup prefs_20130308_1201_.backup ==== Deleting Files \ Folders ====================== "C:\Users\dee\Downloads\Lipo\Get_Free_Registration_Key_For_Speedypc_Pro_downloader_be_99089.exe" deleted "C:\Users\dee\Downloads\Lipo\SpeedyPC Pro Installer.exe" deleted "C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\dee\AppData\Roaming\Mozilla\Firefox\Profiles\y36xju8y.default - Bitdefender QuickScan - %ProfilePath%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} ==== Firefox Plugins ====================== Profilepath: C:\Users\dee\AppData\Roaming\Mozilla\Firefox\Profiles\y36xju8y.default 28D2C5CE5944E1B027CF5C8004CF89A1 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat E32284306F65565C54713D35428FD31C - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Multimedia Plug-in 0A1FF0B674E2F268799442A434A63BB3 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery E7CB7BDAED66218BD74FEEC7F5DF6D89 - c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll - Silverlight Plug-In 7B000D95ABFE622F17709D36AF44FBD3 - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll - Java Platform SE 6 U35 6CD3A99DCEDE9C2D7D3BFBF6D4902F5F - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 6.0.350.10 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash A7EA0D2D216EFC2D017FBCBAA75771E7 - c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrlui.dll - Microsoft ® Silverlight 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System ==== EOF on za 03/08/2013 at 12:01:49,60 ======================

Uiteindelijk toch gelukt! Zoek.exe Version 4.0.0.4 Updated 31-07-2013 Tool run by dee on za 03/08/2013 at 9:55:46,13. Microsoft Windows 7 Starter 6.1.7600 x86 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\dee\Desktop\zoek.exe [script inserted] [Checkboxes used] ==== System Restore Info ====================== 3/08/2013 9:59:09 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-654476947-4229177989-2169792694-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Acer Crystal Eye webcam Acer ePower Management Acer eRecovery Management Acer ScreenSaver Acer Updater Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.1 MUI AndroidInstaller AppCleaner Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver D3DX10 ENE USB Card Reader Driver ESET Smart Security ETDWare PS/2-x86 7.0.6.5_WHQL Facebook Video Calling 1.2.0.287 FrostWire 4.17.2 Identity Card Intel® Graphics Media Accelerator Driver Intel® Rapid Storage Technology Java Auto Updater Java 6 Update 23 Java 6 Update 35 Junk Mail filter update Launch Manager Mesh Runtime Messenger Companion Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 6.0.1 (x86 nl) MSVCRT Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870) Spybot - Search & Destroy Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Vinny27 - WinUtilities v10.3 VLC media player 1.1.10 Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR WinUtilities 10.3 Professional Edition ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\dee\AppData\Roaming\Mozilla\Firefox\Profiles\y36xju8y.default\prefs.js: Added to C:\Users\dee\AppData\Roaming\Mozilla\Firefox\Profiles\y36xju8y.default\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\dee\AppData\Roaming\Mozilla\Firefox\Profiles\y36xju8y.default user.js not found ---- Lines delta removed from prefs.js ---- user_pref("extensions.delta.bbDpng", "1"); user_pref("extensions.delta.cntry", "BE"); user_pref("extensions.delta.hdrMd5", "D489F0E9078328CE5C02529F11D4DE01"); user_pref("extensions.delta.lastVrsnTs", "1.8.22.015:49:38"); user_pref("extensions.delta.sg", "tzb"); ---- Lines delta modified from prefs.js ---- ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- Lines browser.startup.page modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20130308_1011_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "bProtectTabs"=- ==== Deleting Files \ Folders ====================== "C:\Windows\System32\Tasks\YourFile DownloaderUpdate" deleted "C:\Users\dee\AppData\Roaming\Mozilla\Firefox\Profiles\y36xju8y.default\searchplugins\babylon.xml" deleted "c:\program files\YourFileDownloader\htmlayout.dll" deleted "c:\program files\YourFileDownloader\YourFileUpdater.exe" deleted "C:\Program Files\YourFileDownloader\htmlayout.dll" deleted "C:\Program Files\YourFileDownloader\YourFileUpdater.exe" deleted "c:\windows\system32\searchplugins" deleted "c:\windows\system32\Extensions" deleted "c:\users\dee\AppData\Roaming\QuickScan" deleted "c:\programdata\Babylon" deleted "c:\users\dee\AppData\Roaming\Babylon" deleted "c:\program files\YourFileDownloader" deleted "c:\users\dee\AppData\Roaming\YourFileDownloader" deleted "C:\Windows\system32\appdata" deleted "C:\Program Files\SpeedyPC Software" deleted "C:\Program Files\YourFileDownloader" deleted "C:\found.000" deleted "C:\found.001" deleted "C:\found.002" deleted "C:\found.003" deleted "C:\found.004" deleted "C:\Users\dee\AppData\Roaming\SpeedyPC Software" deleted "C:\Users\dee\AppData\Roaming\DriverCure" deleted "C:\Users\dee\AppData\Roaming\Babylon" deleted "C:\Users\dee\AppData\Roaming\Systweak" deleted "C:\Users\dee\AppData\Roaming\YourFileDownloader" deleted "C:\ProgramData\SpeedyPC Software" deleted "C:\ProgramData\boost_interprocess" deleted "C:\ProgramData\Babylon" deleted "C:\Users\dee\AppData\LocalLow\Delta" deleted "C:\Windows\System32\searchplugins" deleted "C:\Windows\System32\Extensions" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-08-02 15:20:50 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2013-08-02 15:20:50 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2013-08-02 15:20:50 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2013-08-02 15:20:50 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2013-08-02 15:20:50 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe ====== C:\Users\dee\AppData\Local\Temp ==== ====== C:\Windows\system32 ===== 2013-07-31 19:02:56 9229CC932F2F1C5BC384006C969B00A5 692104 ----a-w- C:\Windows\System32\FlashPlayerApp.exe 2013-07-31 17:00:13 61B689EF11BC48F230C69A4BC49C57DA 2077184 ----a-w- C:\Windows\System32\iertutil.dll 2013-07-31 17:00:12 A5A2C690C2B9417D79998EBB1C782564 11019776 ----a-w- C:\Windows\System32\ieframe.dll 2013-07-31 17:00:09 5ABB67F8CA088F32F8BF1A81F1C82EA9 6032384 ----a-w- C:\Windows\System32\mshtml.dll 2013-07-31 17:00:05 6257FAEB361E9069AEBCBB87CB8811AA 627200 ----a-w- C:\Windows\System32\msfeeds.dll 2013-07-31 17:00:05 4B11E69A3AD8CA55193565F824FC3747 1230848 ----a-w- C:\Windows\System32\urlmon.dll 2013-07-31 17:00:03 99103984D22678A16D8A53B7CCA0958E 381440 ----a-w- C:\Windows\System32\iedkcs32.dll 2013-07-31 17:00:03 6A02CB2EDC24630845D11B507952141A 981504 ----a-w- C:\Windows\System32\wininet.dll 2013-07-31 17:00:02 B90716F11E4AE892E19C2A68CB764404 44544 ----a-w- C:\Windows\System32\licmgr10.dll 2013-07-31 17:00:00 616F3B69DE4E2F70A45437A85E9D7DD2 64512 ----a-w- C:\Windows\System32\msfeedsbs.dll 2013-07-31 16:59:58 D314EACECB5C89C834DC071AD5C0CC6D 132096 ----a-w- C:\Windows\System32\url.dll 2013-07-31 16:59:58 9215A667742ADACAA656EBEF06F7EDA3 386048 ----a-w- C:\Windows\System32\html.iec 2013-07-31 16:59:57 0F6DDF69657EAA26A8A533B5227BF8F7 48128 ----a-w- C:\Windows\System32\jsproxy.dll 2013-07-31 16:59:56 3BB1D5DFC245245F4C60A9574F66C303 12800 ----a-w- C:\Windows\System32\msfeedssync.exe 2013-07-31 16:59:55 FD2069827C3DBB1F16A313A2F0EBC2C2 606208 ----a-w- C:\Windows\System32\mstime.dll 2013-07-31 16:59:55 BFB6DB1B3E161C83258DB02A86B709DC 185856 ----a-w- C:\Windows\System32\iepeers.dll 2013-07-31 16:59:55 8A2C077BEF0D7EDF8B47A81C209C439F 67584 ----a-w- C:\Windows\System32\mshtmled.dll 2013-07-31 16:59:55 611AFD393D035580C015065D990C8740 176640 ----a-w- C:\Windows\System32\ieui.dll 2013-07-31 16:59:53 4E201C980E43A49224123D42BACFC595 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2013-07-31 16:59:34 D1751CB2E03D7F57AC04C702D02974AC 3902312 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-07-31 16:59:34 B02D4E4A4EBEF9E33488969DF6E9BC22 3958120 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2013-07-31 16:59:30 21FE04ADAF90BBEE67B5C32ACDB525E5 38912 ----a-w- C:\Windows\System32\csrsrv.dll 2013-07-31 16:59:28 B24BF638652522BB5E14AB7993FD4A5D 69632 ----a-w- C:\Windows\System32\smss.exe 2013-07-31 16:59:24 07D392455923063F463DB218AC5A2B0B 2345984 ----a-w- C:\Windows\System32\win32k.sys 2013-07-31 16:59:12 DE8EF41911A07E14EB8C89599743FB81 2691072 ----a-w- C:\Windows\System32\mstscax.dll 2013-07-31 16:59:10 BE6866F36C4BF3296FC117F56376F031 131072 ----a-w- C:\Windows\System32\aaclient.dll 2013-07-31 16:59:06 E6CBA5A625E1AC65261D97809CE03B51 36864 ----a-w- C:\Windows\System32\tsgqec.dll 2013-07-31 16:34:45 A28F0D880F3A9D3A25E0DB14EF197063 293376 ----a-w- C:\Windows\System32\KernelBase.dll 2013-07-31 16:34:44 A2CB61B68566F6DB067607273119D27B 868352 ----a-w- C:\Windows\System32\kernel32.dll 2013-07-31 16:34:41 8531AAF69394EFB93BC653916C46D245 169984 ----a-w- C:\Windows\System32\winsrv.dll 2013-07-31 16:34:41 06325E5412596F7B4A8170519EF64392 271360 ----a-w- C:\Windows\System32\conhost.exe ====== C:\Windows\system32\drivers ===== 2013-07-31 17:00:23 A8F59428E9F361C7AC42A94AC1560BC9 1210728 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-07-31 16:59:41 4732E596BB1C50D9F9188C5074EE7782 195816 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2013-07-31 16:35:53 BBCEAEFF1FD72A026F827CBB2F4AA8AD 1287528 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-07-31 16:35:52 4EAF381B295658DEA460AFC9F95DD299 187240 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2013-07-31 16:34:05 A9645D3F7B14F6C8F4BFAC4FF81B4CBB 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys ====== C:\Windows\Tasks ====== 2013-07-31 19:03:01 D98B1087DF888A6738EBE99AAE20B1BB 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-07-31 19:03:01 4D9705B30FAD240FB41059F50A1C1BE1 3878 ----a-w- C:\Windows\system32\Tasks\Adobe Flash Player Updater ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-08-01 07:45:52 -------- d-----w- C:\Program Files\AppCleaner 2013-07-31 16:18:57 -------- d-----w- C:\Program Files\Spybot - Search & Destroy ======= C: ===== ====== C:\Users\dee\AppData\Roaming ====== 2013-08-02 19:30:38 -------- d-----w- C:\users\Public\AppData\Local\temp 2013-08-02 19:30:38 -------- d-----w- C:\users\Gast\AppData\Local\temp 2013-08-02 19:30:38 -------- d-----w- C:\users\Default\AppData\Local\temp 2013-08-02 19:30:38 -------- d-----w- C:\users\Default User\AppData\Local\temp 2013-08-02 19:30:38 -------- d-----w- C:\users\Administrator\AppData\Local\temp 2013-08-01 07:45:53 -------- d-----w- C:\users\dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppCleaner ====== C:\Users\dee ====== 2013-08-02 15:50:31 -------- d-----w- C:\Users\Public\AppData 2013-07-31 16:19:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2013-07-31 16:18:57 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy ====== C: exe-files == 2013-08-02 15:20:50 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2013-08-02 15:20:50 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2013-08-02 15:20:50 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2013-08-02 15:20:50 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2013-08-02 15:20:50 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe 2013-08-01 13:45:42 BA792B1939730C978D3D78D4058276D0 4639408 ----a-w- C:\Users\dee\Downloads\Lipo\Get_Free_Registration_Key_For_Speedypc_Pro_downloader_be_99089.exe 2013-08-01 13:19:48 099598D1EB6587B7B29871C869A6B35B 5663624 ----a-w- C:\Users\dee\Downloads\Lipo\SpeedyPC Pro Installer.exe 2013-08-01 13:08:03 971894515DD26A26175883031521D8B3 6953096 ----a-w- C:\Users\dee\Downloads\Lipo\Silverlight.exe 2013-08-01 07:45:52 98845F0783333E63A30CEE05024710B1 452265 ----a-w- C:\Program Files\AppCleaner\Uninstall.exe 2013-08-01 07:43:14 9EF1FC3921E287A338853FB5B0F1F967 473144 ----a-w- C:\Users\dee\Downloads\Lipo\setup_installer.exe 2013-07-31 19:02:56 9229CC932F2F1C5BC384006C969B00A5 692104 ----a-w- C:\Windows\System32\FlashPlayerApp.exe 2013-07-31 17:00:02 58D926F3B2113BF849162C9C26FE21DC 672912 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-07-31 16:59:56 3BB1D5DFC245245F4C60A9574F66C303 12800 ----a-w- C:\Windows\System32\msfeedssync.exe 2013-07-31 16:59:34 D1751CB2E03D7F57AC04C702D02974AC 3902312 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-07-31 16:59:34 B02D4E4A4EBEF9E33488969DF6E9BC22 3958120 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2013-07-31 16:59:28 B24BF638652522BB5E14AB7993FD4A5D 69632 ----a-w- C:\Windows\System32\smss.exe 2013-07-31 16:34:41 06325E5412596F7B4A8170519EF64392 271360 ----a-w- C:\Windows\System32\conhost.exe 2013-07-31 16:34:36 390679F7A217A5E73D756276C40AE887 2260480 --sha-r- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe 2013-07-31 16:34:22 03DFB01979908D80BAEC49A9740D3646 1065888 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\teatimer166.exe 2013-07-31 16:33:49 ECDBAF92029E281D5395E529EBFA4E0C 698320 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\advcheck165.exe 2013-07-31 16:19:01 794D4B48DFB6E999537C7C3947863463 1153368 ----a-w- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 2013-07-31 16:19:01 4CD08EEAC08BA53A38E48AF4813E1968 2005504 ----a-w- C:\Program Files\Spybot - Search & Destroy\SDShred.exe 2013-07-31 16:19:00 7C616AD7AE8F75278A069641ECFCDC06 1740632 --sha-r- C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe 2013-07-31 16:19:00 0477C2F9171599CA5BC3307FDFBA8D89 5365592 --sha-r- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe 2013-07-31 16:18:59 8F70F2CCE1DEF20016B53A8D217FA3B5 1757696 ----a-w- C:\Program Files\Spybot - Search & Destroy\SDFiles.exe 2013-07-31 16:18:59 6B44700917F45B19B96B46B345B6F0E7 414552 ----a-w- C:\Program Files\Spybot - Search & Destroy\SDMain.exe 2013-07-31 16:18:59 00071AF6D95C1002E5F9B63EA00A37A3 464728 ----a-w- C:\Program Files\Spybot - Search & Destroy\Update.exe 2013-07-31 16:18:58 8C9740A3B7603B0A746213DAE8C89526 428888 ----a-w- C:\Program Files\Spybot - Search & Destroy\blindman.exe 2013-07-31 16:18:57 0BA1ACFEE0532249412F53EE6374EE93 696200 ----a-w- C:\Program Files\Spybot - Search & Destroy\unins000.exe 2013-07-31 16:16:16 54ACBA9CFD7154C02CEACF6310CF3CFA 16409960 ----a-w- C:\Users\dee\Downloads\Lipo\spybotsd162.exe 2013-07-31 16:13:24 F01B67E0C426D9B20DC1E9B35371A141 288664 ----a-w- C:\Users\dee\Downloads\Lipo\Spybot Search & Destroy.exe === C: other files == 2013-07-31 18:47:19 A1B8719B8A214A3A73DD8808837A4A22 613 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdapppad4.zip 2013-07-31 18:47:18 F0DBB7528E009B752E19A693A9E78AE0 570 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Ontbrekendhelpbestand4.zip 2013-07-31 18:47:18 E5C3D4D9884802B2B16F5DBFF96AC71A 963 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie45.zip 2013-07-31 18:47:18 D095D44C2BC8140E202C84EA75263077 610 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdapppad2.zip 2013-07-31 18:47:18 A51613477F9D9F4EBC79308094C4A156 570 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Ontbrekendhelpbestand5.zip 2013-07-31 18:47:18 94BCB52503A3BE409DE3C22F238E3FE2 567 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Ontbrekendhelpbestand3.zip 2013-07-31 18:47:18 37D462E5CA178CE9D7B83F2220301FF2 627 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdapppad3.zip 2013-07-31 18:47:18 10BD74E2BE8E22E6E21CCE1173F3855C 567 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Ontbrekendhelpbestand2.zip 2013-07-31 18:47:17 DDC5A71DD57F93B0D8E35B9581098CEC 962 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie44.zip 2013-07-31 18:47:17 DB1F755731A7B73E6CA2E5A1FA4A5AEA 961 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie42.zip 2013-07-31 18:47:17 C79DA4DBFEA5D3E0AA5E1BB91944F9AC 961 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie43.zip 2013-07-31 18:47:17 57B3466648F035C47B023206750B3B7A 967 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie41.zip 2013-07-31 18:47:16 7A82968FA0B8EFDBB7A3BAA7E2D79858 975 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie38.zip 2013-07-31 18:47:16 45321E87FDF2BD1FE53E38057F10516E 973 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie39.zip 2013-07-31 18:47:16 1DA48544FBE2ECE84D00BAB71238B9FF 974 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie40.zip 2013-07-31 18:47:15 6FE9BBECFDED949577EAB8B2E11372E7 972 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie37.zip 2013-07-31 18:47:15 635011F42435A505DEED358BDE87612E 974 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie36.zip 2013-07-31 18:47:15 3B0B26C8BF959E66E2ABA0A5D8C62FD5 956 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie35.zip 2013-07-31 18:47:15 1C5627E07046BEA369A0B3C0467693DB 976 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie34.zip 2013-07-31 18:47:14 85EE4CCD27137741274A07C7BA27230D 977 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie33.zip 2013-07-31 18:47:13 72E2664697F77D38423092BF28F1DD5D 975 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie32.zip 2013-07-31 18:47:12 F3E67126722C0BA783527E454AB2C2E0 976 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie29.zip 2013-07-31 18:47:12 8845D4710BFACC05AF05B7E848C993ED 973 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie30.zip 2013-07-31 18:47:12 121BD815CEF4426A71E68A7D508E4404 964 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie31.zip 2013-07-31 18:47:11 2C48BFE83D147BE0FB49F27CFCC3FB17 968 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie28.zip 2013-07-31 18:47:10 2A49418369CC3D14388DEB0782C64DE9 968 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie26.zip 2013-07-31 18:47:10 295C969A252B3E03B0097EE19E1670AF 969 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie27.zip 2013-07-31 18:47:09 D88E2F8DB0DB8F0A4F41127011EBD81C 946 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie25.zip 2013-07-31 18:47:08 A2C438E2AAB15032985C9C0BB97991F9 967 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie24.zip 2013-07-31 18:47:03 9168242D05E405628B431DCD974E3804 982 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie22.zip 2013-07-31 18:47:03 6D4425EE742391E2957247C04536E671 966 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie23.zip 2013-07-31 18:47:02 B7F40D30A9A6C11F29C6AA5F285A0F2C 975 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie21.zip 2013-07-31 18:47:01 8B4FC5EF660CA54458E049277E407C24 974 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie19.zip 2013-07-31 18:47:01 33AF92825C434142B4D9FD7A2FB8E87C 973 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie20.zip 2013-07-31 18:46:59 AB838CAD40DD499E69CC2797402F31F6 975 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie18.zip 2013-07-31 18:46:58 E75173CD1B7FD3C332AEFEEEEFFCBB0A 973 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie17.zip 2013-07-31 18:46:56 319B60ECE569808239C3FB4CA143D2CB 977 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie16.zip 2013-07-31 18:46:56 1D3BBDA1FDDB11288D43B5BC845201A2 949 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie15.zip 2013-07-31 18:46:55 78CE7EE0FA0C710C5C81580B46BF9477 976 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie14.zip 2013-07-31 18:46:54 DEE04446418EB15322DC9BA094A42337 973 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie13.zip 2013-07-31 18:46:54 0E755C03153C787886DC4E8D089A3794 974 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie12.zip 2013-07-31 18:46:53 EA587E848B42F8EB169893D71281D4C4 973 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie11.zip 2013-07-31 18:46:52 5D463296A618C186F1D30F2476F11127 976 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie10.zip 2013-07-31 18:46:51 618A6812138D6435A88E25614271C33C 963 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie9.zip 2013-07-31 18:46:50 202008F3E1854FBE3C22695397318FFD 964 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie8.zip 2013-07-31 18:46:49 5BF8978F670D66CE3E1696C57EC365CF 974 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie7.zip 2013-07-31 18:46:48 5303CC1222CD85C9D39DC87C9663D337 962 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie5.zip 2013-07-31 18:46:48 2F753BBE890A743B7642432500B42307 962 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie6.zip 2013-07-31 18:46:47 40A638784EC72B9AE5B55F76F2D80911 963 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie4.zip 2013-07-31 18:46:46 4DBAA9EB4284556F78089BD0ED4C1075 966 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie3.zip 2013-07-31 18:46:45 02CE1FA1BAD7C6FAF343575ACA9E03BD 964 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie2.zip 2013-07-31 18:46:40 E17078CCB40D05B775F29D02738E798D 963 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie1.zip 2013-07-31 18:46:39 78F7044781E1CF3044DE37BB1DCACF15 963 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdeverwijderingsinformatie.zip 2013-07-31 18:46:37 6D8D09C16602793C6A8D4B9FA93E114A 627 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdapppad1.zip 2013-07-31 18:46:33 274ED5C7413C7A70263A298B9C3B7E0C 650 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Ontbrekendhelpbestand1.zip 2013-07-31 18:46:27 91304AB41A41AB25A700DD7AAE9D634B 650 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Ontbrekendhelpbestand.zip 2013-07-31 18:46:05 064E66C3EAF2048D08E6EFDE2199084C 655 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\Verkeerdapppad.zip 2013-07-31 18:45:15 CEE1EFA7F73E4A7D411E2D406A9F7180 5904923 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\FacebookMessenger13.zip 2013-07-31 18:45:14 F422109B73AD0985A23EEB9C361119AC 579 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\FacebookMessenger9.zip 2013-07-31 18:45:14 88B5A6987CA2E1DA2B513F90BC6A3296 580 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\FacebookMessenger12.zip 2013-07-31 18:45:14 583062883C8430EB231C449C30813F98 585 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\FacebookMessenger11.zip 2013-07-31 18:45:14 130F07A0D7D73145E93D8DC658AC3557 583 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\FacebookMessenger10.zip 2013-07-31 18:45:13 EE54FEAC653AF7CA9EC2B4F70F87D105 576 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\FacebookMessenger7.zip 2013-07-31 18:45:13 B429420357D754463A32A0B74AB024AD 552 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\FacebookMessenger5.zip 2013-07-31 18:45:13 9F8409B0DEF4F7B23D20B9DC51B2CB0D 551 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\FacebookMessenger6.zip 2013-07-31 18:45:13 797DD3FAD80013288BB448C58BC214C4 568 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\FacebookMessenger4.zip 2013-07-31 18:45:13 69AEA283CB10FAE2BC4D4A73E9122BDE 584 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\FacebookMessenger8.zip 2013-07-31 18:45:12 D259830AB33FE85245ABEECFAB482134 631 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\FacebookMessenger2.zip 2013-07-31 18:45:12 CFC44AC74F30771400B6686F720B6490 639 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\FacebookMessenger3.zip 2013-07-31 18:45:12 559683937F53DF24D6485637E891F300 677 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\FacebookMessenger.zip 2013-07-31 18:45:12 50D0F569BA25BC0248C747B8AE3A9A0C 661 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\FacebookMessenger1.zip 2013-07-31 18:45:11 08B37AA987D7C173297010155CB7E1BA 895 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\AskMyGlobalSearch.zip 2013-07-31 17:00:23 A8F59428E9F361C7AC42A94AC1560BC9 1210728 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-07-31 16:59:41 4732E596BB1C50D9F9188C5074EE7782 195816 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2013-07-31 16:59:24 07D392455923063F463DB218AC5A2B0B 2345984 ----a-w- C:\Windows\System32\win32k.sys 2013-07-31 16:35:53 BBCEAEFF1FD72A026F827CBB2F4AA8AD 1287528 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-07-31 16:35:52 4EAF381B295658DEA460AFC9F95DD299 187240 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2013-07-31 16:34:21 B25DDC8AC4641F37F31066A2D7ACCEBB 1036085 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\teatimer166.zip 2013-07-31 16:34:05 A9645D3F7B14F6C8F4BFAC4FF81B4CBB 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2013-07-31 16:34:04 9173A694BFD9B3892BD5CB509404873E 15872 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_x86_neutral_ab944db698982c13\usb80236.sys 2013-07-31 16:34:04 53CD7AEC95054E585457D27D1D255D73 15872 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_x86_neutral_ab944db698982c13\usb8023x.sys 2013-07-31 16:34:02 762084B2AE9CD878ED74E37C330C6974 31852 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\lang.nederlands.zip 2013-07-31 16:34:00 D804878E27E7A9F43EEA8D8BFB08CB1F 541903 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\clsid.zip 2013-07-31 16:33:49 991A8696DDAF1AD5C68924BE2CA6BD7B 667628 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\advcheck165.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-654476947-4229177989-2169792694-1000\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LManager"="C:\Program Files\Launch Manager\LManager.exe" "IAStorIcon"="C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "iSyncData"="C:\Program Files\Acer\Android Manager\iSync.exe" "AndroidManager"="C:\Program Files\Acer\Android Manager\AML.exe" "iPatchData"="C:\Program Files\Acer\Updater\iUpdate.exe" "Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice" "ETDWare"="%ProgramFiles%\Elantech\ETDCtrl.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray] "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxtray.exe" "item"="IgfxTray" "key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "msnmsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background" "Facebook Update"="\"C:\\Users\\dee\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Persistence"="C:\\Windows\\system32\\igfxpers.exe" "SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [01/08/2013 10:33] C:\Windows\tasks\WinUtilities_DiskDefrag_D81CDF27E9284404.job --a------ C:\Program Files\WinUtilities\ToolDiskDefrag.exe [12/07/2011 13:08] C:\Windows\tasks\WinUtilities_Disk_Cleaner_D81CDF27E9284401.job --a------ C:\Program Files\WinUtilities\ToolDiskCleaner.exe [12/07/2011 13:08] C:\Windows\tasks\WinUtilities_History_Cleaner_D81CDF27E9284403.job --a------ C:\Program Files\WinUtilities\ToolHistoryCleaner.exe [12/07/2011 13:08] C:\Windows\tasks\WinUtilities_Registry_Cleaner_D81CDF27E9284402.job --a------ C:\Program Files\WinUtilities\ToolRegistryCleaner.exe [12/07/2011 13:08] ==== Firefox Extensions ====================== ProfilePath: C:\Users\dee\AppData\Roaming\Mozilla\Firefox\Profiles\y36xju8y.default - Bitdefender QuickScan - %ProfilePath%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} ==== Firefox Plugins ====================== Profilepath: C:\Users\dee\AppData\Roaming\Mozilla\Firefox\Profiles\y36xju8y.default 28D2C5CE5944E1B027CF5C8004CF89A1 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat E32284306F65565C54713D35428FD31C - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Multimedia Plug-in 0A1FF0B674E2F268799442A434A63BB3 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery E7CB7BDAED66218BD74FEEC7F5DF6D89 - c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll - Silverlight Plug-In 7B000D95ABFE622F17709D36AF44FBD3 - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll - Java Platform SE 6 U35 6CD3A99DCEDE9C2D7D3BFBF6D4902F5F - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 6.0.350.10 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash A7EA0D2D216EFC2D017FBCBAA75771E7 - c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrlui.dll - Microsoft ® Silverlight 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Reset Google Chrome ====================== Nothing found to reset ==== HijackThis Entries ====================== C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe O4 - HKLM\..\Run: [iSyncData] C:\Program Files\Acer\Android Manager\iSync.exe O4 - HKLM\..\Run: [AndroidManager] C:\Program Files\Acer\Android Manager\AML.exe O4 - HKLM\..\Run: [iPatchData] C:\Program Files\Acer\Updater\iUpdate.exe O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - MSN Games - Free Online Games O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - MSN Games - Free Online Games O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Eset Trial Reset (.EsetTrialReset) - Unknown owner - C:\Windows\reset.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe ==== Empty IE Cache ====================== C:\Users\dee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\dee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\dee\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\dee\AppData\Local\Mozilla\Firefox\Profiles\y36xju8y.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\dee\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\dee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\dee\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on za 03/08/2013 at 10:25:38,79 ======================

Hier ben ik terug met mijn logfile. ComboFix 13-08-01.01 - dee 02/08/2013 21:07:30.3.2 - x86 Microsoft Windows 7 Starter 6.1.7600.0.1252.32.1043.18.1013.272 [GMT 2:00] Gestart vanuit: c:\users\dee\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\dee\Desktop\CFScript.txt AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} FW: ESET Personal firewall *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE} SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2013-07-02 to 2013-08-02 )))))))))))))))))))))))))))))) . . 2013-08-02 19:25 . 2013-08-02 19:25 -------- d-----w- c:\users\Gast\AppData\Local\temp 2013-08-02 19:25 . 2013-08-02 19:25 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-08-02 19:25 . 2013-08-02 19:25 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2013-08-02 13:20 . 2013-08-02 16:00 -------- d-----w- c:\users\dee\AppData\Roaming\Systweak 2013-08-02 12:25 . 2013-08-02 15:23 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BD3C3316-A746-4734-9209-BB2451B69AEA}\offreg.dll 2013-08-02 11:59 . 2013-07-15 01:34 7143960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BD3C3316-A746-4734-9209-BB2451B69AEA}\mpengine.dll 2013-08-01 14:28 . 2013-08-01 14:28 -------- d-----w- c:\windows\system32\searchplugins 2013-08-01 14:28 . 2013-08-01 14:28 -------- d-----w- c:\windows\system32\Extensions 2013-08-01 14:18 . 2013-08-01 14:18 -------- d-----w- c:\users\dee\AppData\Roaming\QuickScan 2013-08-01 13:48 . 2013-08-01 13:48 -------- d-----w- c:\programdata\Babylon 2013-08-01 13:47 . 2013-08-01 13:47 -------- d-----w- c:\users\dee\AppData\Roaming\Babylon 2013-08-01 13:47 . 2013-08-01 13:48 -------- d-----w- c:\program files\YourFileDownloader 2013-08-01 13:47 . 2013-08-01 13:47 -------- d-----w- c:\users\dee\AppData\Roaming\YourFileDownloader 2013-08-01 13:24 . 2013-08-01 13:24 -------- d-----w- c:\users\dee\AppData\Roaming\DriverCure 2013-08-01 13:24 . 2013-08-01 13:24 -------- d-----w- c:\users\dee\AppData\Roaming\SpeedyPC Software 2013-08-01 13:22 . 2013-08-01 14:25 -------- d-----w- c:\programdata\SpeedyPC Software 2013-08-01 13:22 . 2013-08-01 13:22 -------- d-----w- c:\program files\SpeedyPC Software 2013-08-01 09:08 . 2013-08-01 09:08 -------- d-----w- c:\users\dee\AppData\Local\Macromedia 2013-08-01 08:22 . 2013-08-01 08:28 -------- d-----w- c:\windows\system32\MRT 2013-08-01 07:45 . 2013-08-01 08:10 -------- d-----w- c:\program files\AppCleaner 2013-07-31 19:02 . 2013-08-01 08:32 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-07-31 16:35 . 2013-01-04 04:55 1287528 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-07-31 16:35 . 2013-01-04 04:55 187240 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2013-07-31 16:18 . 2013-07-31 18:54 -------- d-----w- c:\program files\Spybot - Search & Destroy 2013-07-31 16:18 . 2013-07-31 16:30 -------- d-----w- c:\programdata\Spybot - Search & Destroy . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-08-01 08:32 . 2011-08-29 10:36 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-07-31 12:00 . 2011-08-30 16:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-09-04 20:05 . 2011-08-30 14:55 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LManager"="c:\program files\Launch Manager\LManager.exe" [2010-08-10 975952] "IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-08-03 9398888] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-16 173592] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2010-04-13 548744] "iSyncData"="c:\program files\Acer\Android Manager\iSync.exe" [2010-01-08 407416] "AndroidManager"="c:\program files\Acer\Android Manager\AML.exe" [2010-01-08 508280] "iPatchData"="c:\program files\Acer\Updater\iUpdate.exe" [2010-07-21 492096] "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 715296] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-03-19 2029640] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2010-06-16 14:33 141848 ----a-w- c:\windows\System32\igfxtray.exe . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background "Facebook Update"="c:\users\dee\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Persistence"=c:\windows\system32\igfxpers.exe "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" . R2 .EsetTrialReset;Eset Trial Reset;c:\windows\reset.exe [2009-03-20 357182] R3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.SYS [2010-06-17 82768] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2010-08-10 321104] S2 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-03-19 107256] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-03-19 731840] S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-03-19 38240] S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 735776] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 109960] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-08-24 68208] S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-05-31 6766080] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc . Inhoud van de 'Gedeelde Taken' map . 2013-08-02 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-31 08:33] . 2011-08-31 c:\windows\Tasks\WinUtilities_DiskDefrag_D81CDF27E9284404.job - c:\program files\WinUtilities\ToolDiskDefrag.exe [2011-07-12 11:08] . 2013-08-02 c:\windows\Tasks\WinUtilities_Disk_Cleaner_D81CDF27E9284401.job - c:\program files\WinUtilities\ToolDiskCleaner.exe [2011-07-12 11:08] . 2011-08-31 c:\windows\Tasks\WinUtilities_History_Cleaner_D81CDF27E9284403.job - c:\program files\WinUtilities\ToolHistoryCleaner.exe [2011-07-12 11:08] . 2011-08-31 c:\windows\Tasks\WinUtilities_Registry_Cleaner_D81CDF27E9284402.job - c:\program files\WinUtilities\ToolRegistryCleaner.exe [2011-07-12 11:08] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mStart Page = hxxp://acer.msn.com IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.133 195.130.130.5 FF - ProfilePath - c:\users\dee\AppData\Roaming\Mozilla\Firefox\Profiles\y36xju8y.default\ FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2013-08-01 16:18; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\users\dee\AppData\Roaming\Mozilla\Firefox\Profiles\y36xju8y.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-654476947-4229177989-2169792694-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-654476947-4229177989-2169792694-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(1076) c:\program files\Acer\Acer ePower Management\SysHook.dll . Voltooingstijd: 2013-08-02 21:30:34 ComboFix-quarantined-files.txt 2013-08-02 19:30 ComboFix2.txt 2013-08-02 17:22 ComboFix3.txt 2013-08-02 15:50 . Pre-Run: 193.934.020.608 bytes beschikbaar Post-Run: 193.580.650.496 bytes beschikbaar . - - End Of File - - 338B74EDD6D1485E6ECA2284E988CC71 A36C5E4F47E84449FF07ED3517B43A31

Hallo, hier is mijn nieuw logje: ComboFix 13-08-01.01 - dee 02/08/2013 18:57:59.2.2 - x86 Microsoft Windows 7 Starter 6.1.7600.0.1252.32.1043.18.1013.368 [GMT 2:00] Gestart vanuit: c:\users\dee\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\dee\Desktop\CFScript.txt AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} FW: ESET Personal firewall *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE} SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2013-07-02 to 2013-08-02 )))))))))))))))))))))))))))))) . . 2013-08-02 17:17 . 2013-08-02 17:17 -------- d-----w- c:\users\Gast\AppData\Local\temp 2013-08-02 17:17 . 2013-08-02 17:17 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-08-02 17:17 . 2013-08-02 17:17 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2013-08-02 13:20 . 2013-08-02 16:00 -------- d-----w- c:\users\dee\AppData\Roaming\Systweak 2013-08-02 12:25 . 2013-08-02 15:23 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BD3C3316-A746-4734-9209-BB2451B69AEA}\offreg.dll 2013-08-02 11:59 . 2013-07-15 01:34 7143960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BD3C3316-A746-4734-9209-BB2451B69AEA}\mpengine.dll 2013-08-01 14:28 . 2013-08-01 14:28 -------- d-----w- c:\windows\system32\searchplugins 2013-08-01 14:28 . 2013-08-01 14:28 -------- d-----w- c:\windows\system32\Extensions 2013-08-01 14:18 . 2013-08-01 14:18 -------- d-----w- c:\users\dee\AppData\Roaming\QuickScan 2013-08-01 13:48 . 2013-08-01 13:48 -------- d-----w- c:\programdata\Babylon 2013-08-01 13:47 . 2013-08-01 13:47 -------- d-----w- c:\users\dee\AppData\Roaming\Babylon 2013-08-01 13:47 . 2013-08-01 13:48 -------- d-----w- c:\program files\YourFileDownloader 2013-08-01 13:47 . 2013-08-01 13:47 -------- d-----w- c:\users\dee\AppData\Roaming\YourFileDownloader 2013-08-01 13:24 . 2013-08-01 13:24 -------- d-----w- c:\users\dee\AppData\Roaming\DriverCure 2013-08-01 13:24 . 2013-08-01 13:24 -------- d-----w- c:\users\dee\AppData\Roaming\SpeedyPC Software 2013-08-01 13:22 . 2013-08-01 14:25 -------- d-----w- c:\programdata\SpeedyPC Software 2013-08-01 13:22 . 2013-08-01 13:22 -------- d-----w- c:\program files\SpeedyPC Software 2013-08-01 09:08 . 2013-08-01 09:08 -------- d-----w- c:\users\dee\AppData\Local\Macromedia 2013-08-01 08:22 . 2013-08-01 08:28 -------- d-----w- c:\windows\system32\MRT 2013-08-01 07:45 . 2013-08-01 08:10 -------- d-----w- c:\program files\AppCleaner 2013-07-31 19:02 . 2013-08-01 08:32 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-07-31 16:35 . 2013-01-04 04:55 1287528 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-07-31 16:35 . 2013-01-04 04:55 187240 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2013-07-31 16:18 . 2013-07-31 18:54 -------- d-----w- c:\program files\Spybot - Search & Destroy 2013-07-31 16:18 . 2013-07-31 16:30 -------- d-----w- c:\programdata\Spybot - Search & Destroy . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-08-01 08:32 . 2011-08-29 10:36 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-07-31 12:00 . 2011-08-30 16:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-09-04 20:05 . 2011-08-30 14:55 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LManager"="c:\program files\Launch Manager\LManager.exe" [2010-08-10 975952] "IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-08-03 9398888] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-16 173592] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2010-04-13 548744] "iSyncData"="c:\program files\Acer\Android Manager\iSync.exe" [2010-01-08 407416] "AndroidManager"="c:\program files\Acer\Android Manager\AML.exe" [2010-01-08 508280] "iPatchData"="c:\program files\Acer\Updater\iUpdate.exe" [2010-07-21 492096] "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 715296] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-03-19 2029640] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2010-06-16 14:33 141848 ----a-w- c:\windows\System32\igfxtray.exe . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background "Facebook Update"="c:\users\dee\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Persistence"=c:\windows\system32\igfxpers.exe "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" . R2 .EsetTrialReset;Eset Trial Reset;c:\windows\reset.exe [2009-03-20 357182] R3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.SYS [2010-06-17 82768] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2010-08-10 321104] S2 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-03-19 107256] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-03-19 731840] S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-03-19 38240] S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 735776] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 109960] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-08-24 68208] S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-05-31 6766080] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc . Inhoud van de 'Gedeelde Taken' map . 2013-08-02 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-31 08:33] . 2011-08-31 c:\windows\Tasks\WinUtilities_DiskDefrag_D81CDF27E9284404.job - c:\program files\WinUtilities\ToolDiskDefrag.exe [2011-07-12 11:08] . 2013-08-02 c:\windows\Tasks\WinUtilities_Disk_Cleaner_D81CDF27E9284401.job - c:\program files\WinUtilities\ToolDiskCleaner.exe [2011-07-12 11:08] . 2011-08-31 c:\windows\Tasks\WinUtilities_History_Cleaner_D81CDF27E9284403.job - c:\program files\WinUtilities\ToolHistoryCleaner.exe [2011-07-12 11:08] . 2011-08-31 c:\windows\Tasks\WinUtilities_Registry_Cleaner_D81CDF27E9284402.job - c:\program files\WinUtilities\ToolRegistryCleaner.exe [2011-07-12 11:08] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mStart Page = hxxp://acer.msn.com IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.133 195.130.130.5 FF - ProfilePath - c:\users\dee\AppData\Roaming\Mozilla\Firefox\Profiles\y36xju8y.default\ FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2013-08-01 16:18; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\users\dee\AppData\Roaming\Mozilla\Firefox\Profiles\y36xju8y.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-654476947-4229177989-2169792694-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-654476947-4229177989-2169792694-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(3292) c:\program files\Acer\Acer ePower Management\SysHook.dll . Voltooingstijd: 2013-08-02 19:22:56 ComboFix-quarantined-files.txt 2013-08-02 17:22 ComboFix2.txt 2013-08-02 15:50 . Pre-Run: 194.189.361.152 bytes beschikbaar Post-Run: 194.140.733.440 bytes beschikbaar . - - End Of File - - 3094094241802B82D6F79F184578B3DF A36C5E4F47E84449FF07ED3517B43A31

Hallo, Zoals gevraagd ComboFix even laten lopen en het logje gepost: ComboFix 13-08-01.01 - dee 02/08/2013 17:26:13.1.2 - x86 Microsoft Windows 7 Starter 6.1.7600.0.1252.32.1043.18.1013.297 [GMT 2:00] Gestart vanuit: c:\users\dee\Desktop\ComboFix.exe AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} FW: ESET Personal firewall *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE} SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\FullRemove.exe c:\windows\system32\kgen.dll c:\windows\system32\roboot.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2013-07-02 to 2013-08-02 )))))))))))))))))))))))))))))) . . 2013-08-02 15:44 . 2013-08-02 15:44 -------- d-----w- c:\users\Gast\AppData\Local\temp 2013-08-02 15:44 . 2013-08-02 15:44 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-08-02 13:20 . 2013-08-02 13:20 -------- d-----w- c:\users\dee\AppData\Roaming\Systweak 2013-08-02 13:19 . 2013-08-02 13:19 -------- d-----w- c:\program files\RegClean Pro 2013-08-02 12:25 . 2013-08-02 15:23 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BD3C3316-A746-4734-9209-BB2451B69AEA}\offreg.dll 2013-08-02 11:59 . 2013-07-15 01:34 7143960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BD3C3316-A746-4734-9209-BB2451B69AEA}\mpengine.dll 2013-08-01 14:28 . 2013-08-01 14:28 -------- d-----w- c:\windows\system32\searchplugins 2013-08-01 14:28 . 2013-08-01 14:28 -------- d-----w- c:\windows\system32\Extensions 2013-08-01 14:18 . 2013-08-01 14:18 -------- d-----w- c:\users\dee\AppData\Roaming\QuickScan 2013-08-01 13:48 . 2013-08-01 13:48 -------- d-----w- c:\programdata\Babylon 2013-08-01 13:47 . 2013-08-01 13:47 -------- d-----w- c:\users\dee\AppData\Roaming\Babylon 2013-08-01 13:47 . 2013-08-01 13:48 -------- d-----w- c:\program files\YourFileDownloader 2013-08-01 13:47 . 2013-08-01 13:47 -------- d-----w- c:\users\dee\AppData\Roaming\YourFileDownloader 2013-08-01 13:24 . 2013-08-01 13:24 -------- d-----w- c:\users\dee\AppData\Roaming\DriverCure 2013-08-01 13:24 . 2013-08-01 13:24 -------- d-----w- c:\users\dee\AppData\Roaming\SpeedyPC Software 2013-08-01 13:22 . 2013-08-01 14:25 -------- d-----w- c:\programdata\SpeedyPC Software 2013-08-01 13:22 . 2013-08-01 13:22 -------- d-----w- c:\program files\SpeedyPC Software 2013-08-01 09:08 . 2013-08-01 09:08 -------- d-----w- c:\users\dee\AppData\Local\Macromedia 2013-08-01 08:22 . 2013-08-01 08:28 -------- d-----w- c:\windows\system32\MRT 2013-08-01 07:45 . 2013-08-01 08:10 -------- d-----w- c:\program files\AppCleaner 2013-07-31 19:02 . 2013-08-01 08:32 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-07-31 16:35 . 2013-01-04 04:55 1287528 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-07-31 16:35 . 2013-01-04 04:55 187240 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2013-07-31 16:18 . 2013-07-31 18:54 -------- d-----w- c:\program files\Spybot - Search & Destroy 2013-07-31 16:18 . 2013-07-31 16:30 -------- d-----w- c:\programdata\Spybot - Search & Destroy . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-08-01 08:32 . 2011-08-29 10:36 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-07-31 12:00 . 2011-08-30 16:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-09-04 20:05 . 2011-08-30 14:55 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LManager"="c:\program files\Launch Manager\LManager.exe" [2010-08-10 975952] "IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-08-03 9398888] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-16 173592] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2010-04-13 548744] "iSyncData"="c:\program files\Acer\Android Manager\iSync.exe" [2010-01-08 407416] "AndroidManager"="c:\program files\Acer\Android Manager\AML.exe" [2010-01-08 508280] "iPatchData"="c:\program files\Acer\Updater\iUpdate.exe" [2010-07-21 492096] "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 715296] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-03-19 2029640] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] 2010-06-16 14:33 141848 ----a-w- c:\windows\System32\igfxtray.exe . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background "Facebook Update"="c:\users\dee\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Persistence"=c:\windows\system32\igfxpers.exe "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" . R2 .EsetTrialReset;Eset Trial Reset;c:\windows\reset.exe [2009-03-20 357182] R3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.SYS [2010-06-17 82768] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2010-08-10 321104] S2 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-03-19 107256] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-03-19 731840] S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-03-19 38240] S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 735776] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 109960] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-08-24 68208] S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-05-31 6766080] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc . Inhoud van de 'Gedeelde Taken' map . 2013-08-02 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-31 08:33] . 2013-08-02 c:\windows\Tasks\RegClean Pro_DEFAULT.job - c:\program files\RegClean Pro\RegCleanPro.exe [2013-08-02 11:49] . 2013-08-02 c:\windows\Tasks\RegClean Pro_UPDATES.job - c:\program files\RegClean Pro\RegCleanPro.exe [2013-08-02 11:49] . 2011-08-31 c:\windows\Tasks\WinUtilities_DiskDefrag_D81CDF27E9284404.job - c:\program files\WinUtilities\ToolDiskDefrag.exe [2011-07-12 11:08] . 2013-08-02 c:\windows\Tasks\WinUtilities_Disk_Cleaner_D81CDF27E9284401.job - c:\program files\WinUtilities\ToolDiskCleaner.exe [2011-07-12 11:08] . 2011-08-31 c:\windows\Tasks\WinUtilities_History_Cleaner_D81CDF27E9284403.job - c:\program files\WinUtilities\ToolHistoryCleaner.exe [2011-07-12 11:08] . 2011-08-31 c:\windows\Tasks\WinUtilities_Registry_Cleaner_D81CDF27E9284402.job - c:\program files\WinUtilities\ToolRegistryCleaner.exe [2011-07-12 11:08] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mStart Page = hxxp://acer.msn.com IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.133 195.130.130.5 FF - ProfilePath - c:\users\dee\AppData\Roaming\Mozilla\Firefox\Profiles\y36xju8y.default\ FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2013-08-01 16:18; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\users\dee\AppData\Roaming\Mozilla\Firefox\Profiles\y36xju8y.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - f48227d00000000000000026c7a8ed5d FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15918 FF - user.js: extensions.delta.vrsn - 1.8.22.0 FF - user.js: extensions.delta.vrsni - 1.8.22.0 FF - user.js: extensions.delta.vrsnTs - 1.8.22.015:49 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - nl FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=120007&tsp=4961 FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - ss FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-654476947-4229177989-2169792694-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-654476947-4229177989-2169792694-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-08-02 17:50:27 ComboFix-quarantined-files.txt 2013-08-02 15:50 . Pre-Run: 194.715.144.192 bytes beschikbaar Post-Run: 194.434.674.688 bytes beschikbaar . - - End Of File - - 3D7D2F9449E401077222E051566FA199 A36C5E4F47E84449FF07ED3517B43A31

Hallo, Pc van mijn nichte loopt voor geen meter en windows update lukt ook niet, graag een beetje advies. dbv. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 14:29:32, on 2/08/2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.17267) FIREFOX: 6.0.1 (nl) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\YourFileDownloader\YourFileUpdater.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\Acer\Android Manager\iSync.exe C:\Program Files\Acer\Updater\iUpdate.exe C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Launch Manager\LMworker.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\wuauclt.exe C:\Windows\helppane.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe C:\Users\dee\Desktop\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe O4 - HKLM\..\Run: [iSyncData] C:\Program Files\Acer\Android Manager\iSync.exe O4 - HKLM\..\Run: [AndroidManager] C:\Program Files\Acer\Android Manager\AML.exe O4 - HKLM\..\Run: [iPatchData] C:\Program Files\Acer\Updater\iUpdate.exe O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - MSN Games - Free Online Games O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - MSN Games - Free Online Games O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Eset Trial Reset (.EsetTrialReset) - Unknown owner - C:\Windows\reset.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- End of file - 7446 bytes