jonati

Wat doe ik met de Registervermeldingen (is verschenen op mijn bureaublad)? Qoobox vind ik niet AdwCleaner was al verwijderd peins ik.

ComboFix 12-10-26.05 - Danny 27/10/2012 19:16:40.19.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1033.18.1791.637 [GMT 2:00] Gestart vanuit: c:\users\Danny\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_nvsvc . . (((((((((((((((((((( Bestanden Gemaakt van 2012-09-27 to 2012-10-27 )))))))))))))))))))))))))))))) . . 2012-10-27 17:30 . 2012-10-27 17:30 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-10-27 17:30 . 2012-10-27 17:30 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-10-27 17:30 . 2012-10-27 17:30 -------- d-----w- c:\users\AppData\AppData\Local\temp 2012-10-23 17:59 . 2012-10-23 17:59 -------- d-----w- c:\program files (x86)\Perion 2012-10-23 17:59 . 2011-06-10 23:15 829264 ----a-w- c:\windows\system32\msvcr100.dll 2012-10-23 17:59 . 2011-06-10 23:15 608080 ----a-w- c:\windows\system32\msvcp100.dll 2012-10-23 17:51 . 2012-10-23 17:51 -------- d-----w- c:\program files (x86)\Gophoto.it 2012-10-18 15:27 . 2012-10-18 15:27 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services 2012-10-18 15:26 . 2012-10-18 15:26 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework 2012-10-18 15:26 . 2012-10-18 15:26 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition 2012-10-18 15:21 . 2012-10-18 15:21 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8 2012-10-18 15:20 . 2012-10-18 15:20 -------- d-----w- c:\program files\Microsoft Office 2012-10-18 15:19 . 2012-10-18 15:19 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2012-10-18 15:18 . 2012-10-18 15:18 -------- d-----r- C:\MSOCache 2012-09-29 10:01 . 2012-10-04 19:47 -------- d-----w- c:\windows\AutoKMS 2012-09-28 19:54 . 2012-09-28 19:54 -------- d-----w- c:\programdata\NVIDIA Corporation 2012-09-28 19:39 . 2011-06-17 19:18 105824 ----a-w- c:\windows\system32\SQSRVRES.DLL 2012-09-28 19:34 . 2012-09-28 19:34 -------- d-----w- c:\program files\Microsoft.NET 2012-09-28 13:32 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-09-28 13:32 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys 2012-09-28 13:32 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-09-27 19:22 . 2012-09-27 19:22 -------- d-----w- c:\windows\system32\SPReview 2012-09-27 19:17 . 2012-09-27 19:17 -------- d-----w- c:\windows\system32\EventProviders . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-08 19:32 . 2012-04-08 06:29 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-08 19:32 . 2011-05-30 06:34 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-09-29 17:54 . 2010-02-20 19:21 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-27 20:09 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2012-09-27 20:09 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2012-09-20 17:36 . 2011-06-22 12:27 547296 ----a-w- c:\programdata\Microsoft\VWDExpress\10.0\1033\ResourceCache.dll 2012-08-30 22:43 . 2010-02-15 10:29 64462936 ----a-w- c:\windows\system32\MRT.exe 2012-08-24 13:43 . 2012-08-24 13:43 384352 ----a-w- c:\windows\system32\drivers\avgtdia.sys 2012-08-24 11:15 . 2012-09-22 01:55 17810944 ----a-w- c:\windows\system32\mshtml.dll 2012-08-24 10:39 . 2012-09-22 01:55 10925568 ----a-w- c:\windows\system32\ieframe.dll 2012-08-24 10:31 . 2012-09-22 01:55 2312704 ----a-w- c:\windows\system32\jscript9.dll 2012-08-24 10:22 . 2012-09-22 01:55 1346048 ----a-w- c:\windows\system32\urlmon.dll 2012-08-24 10:21 . 2012-09-22 01:55 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-08-24 10:20 . 2012-09-22 01:55 1494528 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-24 10:18 . 2012-09-22 01:55 237056 ----a-w- c:\windows\system32\url.dll 2012-08-24 10:17 . 2012-09-22 01:55 85504 ----a-w- c:\windows\system32\jsproxy.dll 2012-08-24 10:14 . 2012-09-22 01:55 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-08-24 10:14 . 2012-09-22 01:55 816640 ----a-w- c:\windows\system32\jscript.dll 2012-08-24 10:13 . 2012-09-22 01:55 599040 ----a-w- c:\windows\system32\vbscript.dll 2012-08-24 10:12 . 2012-09-22 01:55 2144768 ----a-w- c:\windows\system32\iertutil.dll 2012-08-24 10:11 . 2012-09-22 01:55 729088 ----a-w- c:\windows\system32\msfeeds.dll 2012-08-24 10:10 . 2012-09-22 01:55 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-08-24 10:09 . 2012-09-22 01:55 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-08-24 10:04 . 2012-09-22 01:55 248320 ----a-w- c:\windows\system32\ieui.dll 2012-08-24 06:59 . 2012-09-22 01:55 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-08-24 06:51 . 2012-09-22 01:55 1129472 ----a-w- c:\windows\SysWow64\wininet.dll 2012-08-24 06:51 . 2012-09-22 01:55 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-08-24 06:47 . 2012-09-22 01:55 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-08-24 06:47 . 2012-09-22 01:55 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2012-08-24 06:43 . 2012-09-22 01:55 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-08-22 20:22 . 2012-08-22 20:22 209269 ----a-w- C:\torrent.exe 2012-08-02 17:58 . 2012-09-21 22:18 574464 ----a-w- c:\windows\system32\d3d10level9.dll 2012-08-02 16:57 . 2012-09-21 22:18 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [bU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-08-13 5167736] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 250808] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-03-24 16776] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-03-24 9096] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168] R3 nuviocir;Nuvoton W836x7HG CIR Device Driver;c:\windows\system32\DRIVERS\nuviocir_win7_x64.sys [2009-06-26 32768] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-05-06 19936] R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-05-06 13280] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 tsusbhub;tsusbhub;tsusbhub [x] R4 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01 136176] R4 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01 136176] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744] R4 RsFx0151;RsFx0151 Driver;c:\windows\system32\DRIVERS\RsFx0151.sys [2011-06-17 313696] R4 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [x] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-06-17 431456] R4 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [x] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-07-26 291680] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-08-24 384352] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\SysWOW64\nvSCPAPISvr.exe [2009-07-08 239648] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-06-26 83488] . . Inhoud van de 'Gedeelde Taken' map . 2012-10-27 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 19:32] . 2012-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01 08:01] . 2012-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01 08:01] . 2012-03-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1434075484-1833317394-3949034151-1001Core.job - c:\users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-13 20:13] . 2012-03-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1434075484-1833317394-3949034151-1001UA.job - c:\users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-13 20:13] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-06 8158240] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = localhost uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Verzenden naar OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.4 195.130.130.132 FF - ProfilePath - c:\users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.gva.be/ontspanning/wedstrijden/ FF - ExtSQL: 2012-10-23 19:51; onlinehdtv@onlinehd.tv; c:\users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\extensions\onlinehdtv@onlinehd.tv.xpi . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{656461EF-40F6-4115-9FF1-BCED9812CCBB} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.9" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}] @Denied: (A 2) (Everyone) @="IFlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\]Error "Key"="http://schemas.microsoft.com/office/smartdocuments/2003" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0\{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\Alias] "0"="Microsoft Actions Pane 3" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-10-27 19:37:20 ComboFix-quarantined-files.txt 2012-10-27 17:37 ComboFix2.txt 2012-07-29 20:10 ComboFix3.txt 2012-07-29 13:07 ComboFix4.txt 2012-03-17 11:32 ComboFix5.txt 2012-10-27 16:24 . Pre-Run: 94.270.791.680 bytes beschikbaar Post-Run: 93.969.313.792 bytes beschikbaar . - - End Of File - - D769586091E94E684D79EC54D251A07E

Firefox gaat een heel deel sneller; laatste log van adwcleaner; # AdwCleaner v2.005 - Logfile created 10/27/2012 at 17:45:38 # Updated 14/10/2012 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (64 bits) # User : Danny - DANNY-PC # Boot Mode : Normal # Running from : C:\Users\Danny\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (nl) Profile name : default File : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\prefs.js [OK] File is clean. -\\ Google Chrome v17.0.963.79 File : C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Preferences Found [l.32] : icon_url = "hxxp://mystart.incredibar.com/mb128/favicon.ico", Found [l.35] : keyword = "mystart.incredibar.com/mb128", Found [l.38] : search_url = "hxxp://mystart.incredibar.com/mb128/?loc=IB_DS&search={searchTerms}&a=6R8J3cnmXv&i=26", Found [l.1564] : homepage = "hxxp://mystart.incredibar.com/mb139?a=6R8pjRdy0d&i=26", ************************* AdwCleaner[s1].txt - [9784 octets] - [29/07/2012 22:20:51] AdwCleaner[R1].txt - [12617 octets] - [27/10/2012 17:10:03] AdwCleaner[R2].txt - [12678 octets] - [27/10/2012 17:37:02] AdwCleaner[R3].txt - [12669 octets] - [27/10/2012 17:40:26] AdwCleaner[s2].txt - [12582 octets] - [27/10/2012 17:41:39] AdwCleaner[R4].txt - [1450 octets] - [27/10/2012 17:45:38] ########## EOF - C:\AdwCleaner[R4].txt - [1510 octets] ##########

Ik heb net ontdekt dat het via IE veel sneller gaat! Het scannen, is niet gegaan zoals jullie dat aangegeven hebben, niet als administrator daar het menu onmiddellijk openging, en de pc is niet heropgestart! # AdwCleaner v2.005 - Logfile created 10/27/2012 at 17:10:03 # Updated 14/10/2012 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (64 bits) # User : Danny - DANNY-PC # Boot Mode : Normal # Running from : C:\Users\Danny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V8OGZK3A\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml File Found : C:\user.js File Found : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\searchplugins\MyStart Search.xml Folder Found : C:\Program Files (x86)\Conduit Folder Found : C:\Program Files (x86)\Smartdl Folder Found : C:\Program Files\Babylon Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TheBflix Folder Found : C:\ProgramData\Premium Folder Found : C:\Users\Danny\AppData\Local\Conduit Folder Found : C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngmmcbedgcbfghamlghhpbpifnbhhpik Folder Found : C:\Users\Danny\AppData\LocalLow\Conduit Folder Found : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\extensions\{656461ef-40f6-4115-9ff1-bced9812ccbb} Folder Found : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} Folder Found : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\extensions\ffxtlbr@incredibar.com ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Google\Chrome\Extensions\ngmmcbedgcbfghamlghhpbpifnbhhpik Key Found : HKCU\Software\IM Key Found : HKCU\Software\ImInstaller Key Found : HKCU\Software\Softonic Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Key Found : HKLM\Software\BabylonToolbar Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3045275 Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\Iminent Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2} Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ngmmcbedgcbfghamlghhpbpifnbhhpik Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Found : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} Key Found : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} Key Found : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} Key Found : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} Key Found : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} Key Found : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} Key Found : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} Key Found : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} Key Found : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} Key Found : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} Key Found : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} Key Found : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} Key Found : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2} Key Found : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar Key Found : HKU\S-1-5-21-1434075484-1833317394-3949034151-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Found : HKU\S-1-5-21-1434075484-1833317394-3949034151-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKU\S-1-5-21-1434075484-1833317394-3949034151-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (nl) Profile name : default File : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\prefs.js Found : user_pref("CT3045275.autoDisableScopes", -1); Found : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb128?a=6R8J3cnmXv&i=26"); Found : user_pref("browser.search.defaultenginename", "MyStart Search"); Found : user_pref("browser.search.order.1", "Search the web (Babylon)"); Found : user_pref("browser.search.selectedEngine", "MyStart Search"); Found : user_pref("browser.startup.homepage", "hxxp://mystart.incredibar.com/mb128?a=6R8J3cnmXv&i=26"); Found : user_pref("extensions.4f807aad67e79.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...] Found : user_pref("extensions.enabledAddons", "4f807aad67e73@4f807aad67e74.info:5.1,{46551EC9-40F0-4e47-8E18[...] Found : user_pref("extensions.incredibar.actvtyRptTime", "1351325555728"); Found : user_pref("extensions.incredibar.admin", false); Found : user_pref("extensions.incredibar.aflt", "orgnl"); Found : user_pref("extensions.incredibar.afterInstallRpt", "sent"); Found : user_pref("extensions.incredibar.cntry", "BE"); Found : user_pref("extensions.incredibar.dfltLng", "EN"); Found : user_pref("extensions.incredibar.dfltSrch", false); Found : user_pref("extensions.incredibar.dfltlng", "en"); Found : user_pref("extensions.incredibar.dfltsrch", "false"); Found : user_pref("extensions.incredibar.did", "10658"); Found : user_pref("extensions.incredibar.envrmnt", "production"); Found : user_pref("extensions.incredibar.excTlbr", false); Found : user_pref("extensions.incredibar.hdrMd5", "08CB320B131989FB2550ED92560D5D65"); Found : user_pref("extensions.incredibar.hmpg", false); Found : user_pref("extensions.incredibar.hrdid", "40a9b75e0000000000000025d388a655"); Found : user_pref("extensions.incredibar.id", "40a9b75e0000000000000025d388a655"); Found : user_pref("extensions.incredibar.installerproductid", "26"); Found : user_pref("extensions.incredibar.instlDay", "15636"); Found : user_pref("extensions.incredibar.instlRef", ""); Found : user_pref("extensions.incredibar.instlday", "15636"); Found : user_pref("extensions.incredibar.instlref", ""); Found : user_pref("extensions.incredibar.isDcmntCmplt", false); Found : user_pref("extensions.incredibar.isdcmntcmplt", "false"); Found : user_pref("extensions.incredibar.keywordurl", ""); Found : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1419:59:35"); Found : user_pref("extensions.incredibar.mntrvrsn", "1.2.0"); Found : user_pref("extensions.incredibar.newTab", false); Found : user_pref("extensions.incredibar.newtab", "false"); Found : user_pref("extensions.incredibar.newtaburl", ""); Found : user_pref("extensions.incredibar.noFFXTlbr", false); Found : user_pref("extensions.incredibar.ppd", ""); Found : user_pref("extensions.incredibar.prdct", "incredibar"); Found : user_pref("extensions.incredibar.productid", "26"); Found : user_pref("extensions.incredibar.prtnrId", "Incredibar"); Found : user_pref("extensions.incredibar.prtnrid", "Incredibar"); Found : user_pref("extensions.incredibar.sg", "none"); Found : user_pref("extensions.incredibar.smplGrp", "none"); Found : user_pref("extensions.incredibar.smplgrp", "none"); Found : user_pref("extensions.incredibar.srch", ""); Found : user_pref("extensions.incredibar.srchprvdr", ""); Found : user_pref("extensions.incredibar.tlbrId", "base"); Found : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8J3cnmXv&loc=IB_T[...] Found : user_pref("extensions.incredibar.tlbrid", "base"); Found : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6R8J3cnmXv&loc=IB_T[...] Found : user_pref("extensions.incredibar.upn2", "6R8J3cnmXv"); Found : user_pref("extensions.incredibar.upn2n", "92825276732316073"); Found : user_pref("extensions.incredibar.vrsn", "1.5.11.14"); Found : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1419:59:35"); Found : user_pref("extensions.incredibar.vrsni", "1.5.11.14"); Found : user_pref("extensions.incredibar.vrsnts", "1.5.11.1419:59:35"); Found : user_pref("extensions.incredibar_i.aflt", "orgnl"); Found : user_pref("extensions.incredibar_i.dfltLng", ""); Found : user_pref("extensions.incredibar_i.did", "10658"); Found : user_pref("extensions.incredibar_i.excTlbr", false); Found : user_pref("extensions.incredibar_i.id", "40a9b75e0000000000000025d388a655"); Found : user_pref("extensions.incredibar_i.installerproductid", "26"); Found : user_pref("extensions.incredibar_i.instlDay", "15636"); Found : user_pref("extensions.incredibar_i.instlRef", ""); Found : user_pref("extensions.incredibar_i.ms_url_id", ""); Found : user_pref("extensions.incredibar_i.newTab", false); Found : user_pref("extensions.incredibar_i.ppd", ""); Found : user_pref("extensions.incredibar_i.prdct", "incredibar"); Found : user_pref("extensions.incredibar_i.productid", "26"); Found : user_pref("extensions.incredibar_i.prtnrId", "Incredibar"); Found : user_pref("extensions.incredibar_i.smplGrp", "none"); Found : user_pref("extensions.incredibar_i.tlbrId", "base"); Found : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8J3cnmXv&loc=IB[...] Found : user_pref("extensions.incredibar_i.upn2", "6R8J3cnmXv"); Found : user_pref("extensions.incredibar_i.upn2n", "92825276732316073"); Found : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14"); Found : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1419:59:35"); Found : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14"); Found : user_pref("keyword.URL", "hxxp://mystart.incredibar.com/mb128/?loc=IB_DS&a=6R8J3cnmXv&&i=26&search="[...] Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=too[...] Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_product_domain", "Incredibar"); Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...] -\\ Google Chrome v17.0.963.79 File : C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Preferences Found [l.32] : icon_url = "hxxp://mystart.incredibar.com/mb128/favicon.ico", Found [l.35] : keyword = "mystart.incredibar.com/mb128", Found [l.38] : search_url = "hxxp://mystart.incredibar.com/mb128/?loc=IB_DS&search={searchTerms}&a=6R8J3cnmXv&i=26", Found [l.1564] : homepage = "hxxp://mystart.incredibar.com/mb139?a=6R8pjRdy0d&i=26", ************************* AdwCleaner[s1].txt - [9784 octets] - [29/07/2012 22:20:51] AdwCleaner[R1].txt - [12528 octets] - [27/10/2012 17:10:03] ########## EOF - C:\AdwCleaner[R1].txt - [12589 octets] ##########

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:12:05, on 27/10/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\SysWOW64\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8316 bytes Malwarebytes Anti-Malware 1.65.1.1000 Malwarebytes : Free anti-malware download Databaseversie: v2012.10.24.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Danny :: DANNY-PC [administrator] 27/10/2012 15:18:29 mbam-log-2012-10-27 (15-18-29).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 213031 Verstreken tijd: 29 minuut/minuten, 3 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

Computer heel traag, precies te veel gewist (file missing) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:47:21, on 27/10/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe C:\Windows\SysWOW64\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MyStart by IncrediBar.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R3 - URLSearchHook: (no name) - {656461ef-40f6-4115-9ff1-bced9812ccbb} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\SysWOW64\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8553 bytes

Het marcheert ni, blijkbaar was de vorige versie ook een trial, of wa dan ook, ik geef het op....

Ja, staat er tussen, maar nog maar pas gedownload hoor; zou toch een 64bits moeten zijn (of ni?)!

Dit krijg ik altijd...., maar welke zijn die 32-bits (heb bv. powerpointviewer, voor de rest weet ik het niet...)

Er bevinden zich 32-bits Office produkten, .....

Van microsoft

Hoi, heb een trial versie van Microsoft Office 2010 gedeïnstalleerd! Maar zou die terug willen zetten! Een nieuwe krijg ik ni, omdat ik zogezegd nog één bezit, die niet verlopen is! Hoe kan ik die terug vinden, alsook de keycode? Groetjes, Jonati

Valt er iets aan te doen?

http://speccy.piriform.com/results/VdsHuDnBaI6ADwFpaX2SBsm

Is gevoelig sneller, maar hapert nog bij het veranderen naar andere sites! Zou het helpen het intern geheugen te verhogen van 2 naar 4gb?

Alvast deze; ComboFix 12-07-29.02 - Danny 29/07/2012 21:44:40.17.4 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.32.1033.18.1791.664 [GMT 2:00] Gestart vanuit: c:\users\Danny\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Danny\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-28 to 2012-07-29 )))))))))))))))))))))))))))))) . . 2012-07-29 19:58 . 2012-07-29 19:58 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-07-29 19:58 . 2012-07-29 19:58 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-29 19:58 . 2012-07-29 19:58 -------- d-----w- c:\users\AppData\AppData\Local\temp 2012-07-27 15:03 . 2012-07-27 15:03 388096 ----a-r- c:\users\Danny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-07-19 20:37 . 2012-07-19 20:37 -------- d-----w- c:\program files\Windows Live 2012-07-19 20:25 . 2012-07-19 20:25 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ae829f571cd65ec13\bingbarsetup.exe 2012-07-19 20:21 . 2012-07-28 10:19 -------- d-----w- c:\users\Danny\AppData\Local\Windows Live 2012-07-10 13:53 . 2012-07-10 13:53 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll 2012-07-10 13:53 . 2012-07-10 13:53 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-26 20:32 . 2012-04-08 06:29 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-26 20:32 . 2011-05-30 06:34 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-19 20:36 . 2011-03-28 16:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-07-03 11:46 . 2010-02-20 19:21 24904 ----a-w- c:\windows\system32\drivers\mbam.sys . . ((((((((((((((((((((((((((((( SnapShot_2012-07-29_12.58.22 ))))))))))))))))))))))))))))))))))))))))) . + 2010-02-14 22:54 . 2012-07-29 20:01 72904 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin - 2009-07-14 05:10 . 2012-07-29 12:59 34914 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-07-29 19:32 34914 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-02-14 22:54 . 2012-07-29 19:32 20664 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1434075484-1833317394-3949034151-1001_UserData.bin + 2012-07-29 19:53 . 2012-07-29 19:53 74240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SqlServer#\3115f30a0c680514e1dc6133ac911dad\Microsoft.SqlServer.SqlCEDest.ni.dll - 2012-07-29 12:57 . 2012-07-29 12:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-07-29 19:59 . 2012-07-29 19:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-07-29 12:57 . 2012-07-29 12:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-07-29 19:59 . 2012-07-29 19:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 05:01 . 2012-07-29 12:56 486376 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-07-29 19:58 486376 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2011-02-12 16:18 . 2012-07-29 12:56 4272728 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1434075484-1833317394-3949034151-1001-8192.dat + 2011-02-12 16:18 . 2012-07-29 19:58 4272728 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1434075484-1833317394-3949034151-1001-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] "RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [bU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-26 250056] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-03-24 16776] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-03-24 9096] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-22 1030600] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-29 113120] R3 nuviocir;Nuvoton W836x7HG CIR Device Driver;c:\windows\system32\DRIVERS\nuviocir_win7_x64.sys [2009-06-26 32768] R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-05-06 19936] R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-05-06 13280] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] R3 V0330VID;WebCam Vista/Live! Cam Chat VF0330;c:\windows\system32\DRIVERS\V0330Vid.sys [2009-07-03 193408] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] R4 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01 136176] R4 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01 136176] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744] R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [2010-04-03 313696] R4 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [x] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 428384] R4 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [x] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-04 5160568] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\SysWOW64\nvSCPAPISvr.exe [2009-07-08 239648] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-06-26 83488] . . Inhoud van de 'Gedeelde Taken' map . 2012-07-29 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 20:32] . 2012-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01 08:01] . 2012-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01 08:01] . 2012-03-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1434075484-1833317394-3949034151-1001Core.job - c:\users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-13 20:13] . 2012-03-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1434075484-1833317394-3949034151-1001UA.job - c:\users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-13 20:13] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-06 8158240] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = localhost uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Verzenden naar OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.4 195.130.130.132 FF - ProfilePath - c:\users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.gva.be/ontspanning/wedstrijden/ . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.9" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}] @Denied: (A 2) (Everyone) @="IFlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe c:\program files (x86)\Mozilla Firefox\firefox.exe . ************************************************************************** . Voltooingstijd: 2012-07-29 22:09:58 - machine werd herstart ComboFix-quarantined-files.txt 2012-07-29 20:09 ComboFix2.txt 2012-07-29 13:07 ComboFix3.txt 2012-03-17 11:32 ComboFix4.txt 2012-03-05 15:39 ComboFix5.txt 2012-07-29 19:41 . Pre-Run: 97.555.124.224 bytes free Post-Run: 97.213.927.424 bytes beschikbaar . - - End Of File - - 9613A2C9789EEA32BC93A97BBC187A17 ------------------------------------------------------------------------------- HEB MSS IETS VERGETEN, NI?????? # AdwCleaner v1.703 - Logfile created 07/29/2012 at 22:20:51 # Updated 20/07/2012 by Xplode # Operating system : Windows 7 Ultimate (64 bits) # User : Danny - DANNY-PC # Running from : C:\Users\Danny\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Deleted on reboot : C:\Users\Danny\AppData\Local\Conduit Deleted on reboot : C:\Users\Danny\AppData\Local\ConduitEngine Deleted on reboot : C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc Deleted on reboot : C:\Users\Danny\AppData\LocalLow\BabylonToolbar Deleted on reboot : C:\Users\Danny\AppData\LocalLow\Conduit Deleted on reboot : C:\Users\Danny\AppData\LocalLow\PriceGong Deleted on reboot : C:\Users\Danny\AppData\LocalLow\ShoppingReport2 Deleted on reboot : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\ConduitEngine Deleted on reboot : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\extensions\engine@conduit.com Deleted on reboot : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\extensions\ffxtlbr@incredibar.com Deleted on reboot : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\extensions\plugin@yontoo.com Deleted on reboot : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\extensions\vshare@toolbar Deleted on reboot : C:\ProgramData\InstallMate Deleted on reboot : C:\ProgramData\Tarma Installer Deleted on reboot : C:\Program Files (x86)\Yontoo File Deleted : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\searchplugins\Conduit.xml File Deleted : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\searchplugins\MyStart Search.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml ***** [Registry] ***** [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559 [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2535304 [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2603445 [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2849859 Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\ShoppingReport2 Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\SweetIm Key Deleted : HKCU\Toolbar Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1 Key Deleted : HKLM\SOFTWARE\Conduit Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Key Deleted : HKLM\SOFTWARE\Iminent Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Deleted : HKLM\SOFTWARE\Software Key Deleted : HKLM\SOFTWARE\SweetIM [x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F48DA960-0FD9-4BB5-9826-C0C271C6C74D} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F} ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v14.0.1 (nl) Profile name : default File : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\prefs.js C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\user.js ... Deleted ! Deleted : user_pref("browser.search.defaultenginename", "MyStart Search"); Deleted : user_pref("extensions.4f807aad67e79.scode", "(function(){try{if('mystart.incredibar.com,premiumrepor[...] Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 11); Deleted : user_pref("extensions.BabylonToolbar.cntry", "BE"); Deleted : user_pref("extensions.BabylonToolbar.firstRun", false); Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "C503D364723446057FC42E44A38312FB"); Deleted : user_pref("extensions.BabylonToolbar.id", "8e7d8b0b34e948e5a2b79e915e8db072"); Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15153"); Deleted : user_pref("extensions.BabylonToolbar.lastActv", "11"); Deleted : user_pref("extensions.BabylonToolbar.lastDP", 11); Deleted : user_pref("extensions.BabylonToolbar.lastVrsn", "1.4.23.10"); Deleted : user_pref("extensions.BabylonToolbar.newTab", true); Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb"); Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 59565672); Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true); Deleted : user_pref("extensions.BabylonToolbar.sid", "8e7d8b0b34e948e5a2b79e915e8db072"); -\\ Google Chrome v17.0.963.79 File : C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted : "icon_url": "hxxp://mystart.incredibar.com/mb139/favicon.ico", Deleted : "keyword": "mystart.incredibar.com/mb139", Deleted : "name": "MyStart Search", Deleted : "search_url": "hxxp://mystart.incredibar.com/mb139/?loc=IB_DS&search={searchTerms}&a=6R8pjRdy0[...] Deleted : "homepage": "hxxp://mystart.incredibar.com/mb139?a=6R8pjRdy0d&i=26", ************************* AdwCleaner[s1].txt - [9673 octets] - [29/07/2012 22:20:51] ########## EOF - C:\AdwCleaner[s1].txt - [9801 octets] ##########

ComboFix 12-07-29.02 - Danny 29/07/2012 14:42:00.16.4 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.32.1033.18.1791.739 [GMT 2:00] Gestart vanuit: c:\users\Danny\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-28 to 2012-07-29 )))))))))))))))))))))))))))))) . . 2012-07-29 12:55 . 2012-07-29 12:55 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-07-29 12:55 . 2012-07-29 12:55 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-29 12:55 . 2012-07-29 12:55 -------- d-----w- c:\users\AppData\AppData\Local\temp 2012-07-27 15:03 . 2012-07-27 15:03 388096 ----a-r- c:\users\Danny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-07-19 20:37 . 2012-07-19 20:37 -------- d-----w- c:\program files\Windows Live 2012-07-19 20:25 . 2012-07-19 20:25 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ae829f571cd65ec13\bingbarsetup.exe 2012-07-19 20:21 . 2012-07-28 10:19 -------- d-----w- c:\users\Danny\AppData\Local\Windows Live 2012-07-10 13:53 . 2012-07-10 13:53 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll 2012-07-10 13:53 . 2012-07-10 13:53 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-26 20:32 . 2012-04-08 06:29 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-26 20:32 . 2011-05-30 06:34 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-19 20:36 . 2011-03-28 16:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-07-03 11:46 . 2010-02-20 19:21 24904 ----a-w- c:\windows\system32\drivers\mbam.sys . . ((((((((((((((((((((((((((((( SnapShot_2012-03-05_15.29.08 ))))))))))))))))))))))))))))))))))))))))) . + 2010-02-17 19:42 . 2010-02-17 19:42 51584 c:\windows\SysWOW64\VBAME.DLL + 2012-03-08 16:50 . 2012-03-08 16:50 49016 c:\windows\SysWOW64\sirenacm.dll + 2010-03-20 18:20 . 2010-03-20 18:20 36224 c:\windows\SysWOW64\FM20NLD.DLL + 2010-02-20 15:20 . 2010-02-20 15:20 31616 c:\windows\SysWOW64\FM20ENU.DLL - 2009-07-14 04:54 . 2012-03-05 15:06 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-07-26 20:32 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-07-26 20:32 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-03-05 15:06 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-03-05 15:06 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-07-26 20:32 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-02-14 22:54 . 2012-07-29 12:59 72762 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-07-29 12:59 34914 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-02-14 22:54 . 2012-07-29 12:59 20648 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1434075484-1833317394-3949034151-1001_UserData.bin + 2012-06-21 15:58 . 2010-03-29 18:30 60288 c:\windows\system32\spool\drivers\x64\SendToOneNoteUI.dll + 2009-07-14 05:30 . 2012-07-20 20:59 86016 c:\windows\system32\DriverStore\infpub.dat - 2009-07-14 05:30 . 2011-12-23 17:16 86016 c:\windows\system32\DriverStore\infpub.dat + 2011-05-13 01:21 . 2011-05-13 01:21 13288 c:\windows\system32\DriverStore\FileRepository\ssadsdm2.inf_amd64_neutral_9bb4b9312ba5263c\amd64\ssadcmnt.sys + 2011-05-13 01:21 . 2011-05-13 01:21 16872 c:\windows\system32\DriverStore\FileRepository\ssadmdm2.inf_amd64_neutral_3dfc8f4f4d2c1b34\amd64\ssadmdfl.sys + 2011-05-13 01:21 . 2011-05-13 01:21 13288 c:\windows\system32\DriverStore\FileRepository\ssadmdm2.inf_amd64_neutral_3dfc8f4f4d2c1b34\amd64\ssadcmnt.sys + 2011-05-13 01:21 . 2011-05-13 01:21 13800 c:\windows\system32\DriverStore\FileRepository\ssadbus.inf_amd64_neutral_d0d780fe82c4e8c4\amd64\ssadwhnt.sys + 2007-05-14 14:06 . 2007-05-14 14:06 27520 c:\windows\system32\DriverStore\FileRepository\rimusbnt.inf_amd64_neutral_0e62256bde3faf4b\RimUsb_AMD64.sys + 2011-05-13 01:21 . 2011-05-13 01:21 13800 c:\windows\system32\drivers\ssadwhnt.sys + 2011-05-13 01:21 . 2011-05-13 01:21 13800 c:\windows\system32\drivers\ssadwh.sys + 2011-05-13 01:21 . 2011-05-13 01:21 16872 c:\windows\system32\drivers\ssadmdfl.sys + 2011-05-13 01:21 . 2011-05-13 01:21 13288 c:\windows\system32\drivers\ssadcmnt.sys + 2011-05-13 01:21 . 2011-05-13 01:21 13288 c:\windows\system32\drivers\ssadcm.sys + 2007-05-14 14:06 . 2007-05-14 14:06 27520 c:\windows\system32\drivers\RimUsb_AMD64.sys + 2012-01-31 02:46 . 2012-01-31 02:46 36944 c:\windows\system32\drivers\avgrkx64.sys + 2011-12-23 11:32 . 2011-12-23 11:32 47696 c:\windows\system32\drivers\avgmfx64.sys + 2012-04-19 02:50 . 2012-04-19 02:50 28480 c:\windows\system32\drivers\avgidsha.sys + 2011-12-23 11:32 . 2011-12-23 11:32 29776 c:\windows\system32\drivers\avgidsfiltera.sys - 2010-02-14 22:42 . 2012-02-29 18:04 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-02-14 22:42 . 2012-07-26 20:32 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-02-14 22:42 . 2012-07-26 20:32 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2010-02-14 22:42 . 2012-02-29 18:04 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-02-29 18:04 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-07-26 20:32 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:46 . 2012-07-27 19:43 71944 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat + 2012-07-19 20:21 . 2012-07-19 20:21 29696 c:\windows\Installer\5a795a.msp + 2012-07-19 20:21 . 2012-07-19 20:21 69120 c:\windows\Installer\5a7954.msi + 2012-07-19 20:26 . 2012-07-19 20:26 39936 c:\windows\Installer\5a77b6.msp + 2012-07-19 20:26 . 2012-07-19 20:26 74240 c:\windows\Installer\5a77b1.msi + 2012-07-19 20:23 . 2012-07-19 20:23 26112 c:\windows\Installer\5a77ad.msi + 2012-07-19 20:41 . 2012-07-19 20:41 80395 c:\windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe - 2010-06-23 09:48 . 2011-06-22 12:37 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll + 2010-06-23 09:48 . 2012-04-02 18:34 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll + 2010-09-22 22:17 . 2010-09-22 22:17 86376 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\startuplang.dll + 2010-09-22 22:32 . 2010-09-22 22:32 93552 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\WLXImageTranscode.dll + 2010-09-22 22:32 . 2010-09-22 22:32 56176 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\WindowsLivePhotoViewer.exe + 2010-09-22 22:37 . 2010-09-22 22:37 12144 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\Microsoft.WindowsLive.SubscribePlugins.dll + 2010-09-22 22:37 . 2010-09-22 22:37 11632 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\Microsoft.WindowsLive.PublishPlugins.dll + 1999-11-25 01:40 . 1999-11-25 01:40 40960 c:\windows\Installer\$PatchCache$\Managed\3140820900063D11C8EF00054038389C\10.0.2627\VBAME.DLL + 2001-02-13 08:23 . 2001-02-13 08:23 58784 c:\windows\Installer\$PatchCache$\Managed\3140820900063D11C8EF00054038389C\10.0.2627\MSOSV.DLL + 2000-10-24 00:18 . 2000-10-24 00:18 34200 c:\windows\Installer\$PatchCache$\Managed\3140820900063D11C8EF00054038389C\10.0.2627\MSOEURO.DLL + 1998-08-09 18:07 . 1998-08-09 18:07 86016 c:\windows\Installer\$PatchCache$\Managed\3140820900063D11C8EF00054038389C\10.0.2627\MSADDNDR.DLL + 2001-01-11 09:05 . 2001-01-11 09:05 12288 c:\windows\Installer\$PatchCache$\Managed\3140820900063D11C8EF00054038389C\10.0.2627\CAGCAT10.DLL + 1999-11-25 01:40 . 1999-11-25 01:40 40960 c:\windows\Installer\$PatchCache$\Managed\1EEE545563AF67F46BEB65697E4F2E6D\6.3.0\VBAME.DLL + 2012-06-21 16:30 . 2012-06-21 16:30 84992 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SqlServer#\fd9c821b726c8b9a74d9b0706ec13b59\Microsoft.SqlServer.SqlCEDest.ni.dll + 2010-02-15 20:10 . 2012-07-23 10:59 2074 c:\windows\system32\wdi\ERCQueuedResolutions.dat + 2012-06-09 17:45 . 2012-06-12 14:18 9560 c:\windows\system32\NetworkList\Icons\{1A928F45-0A8A-4149-AAC7-0E5C445355A9}_48.bin + 2012-06-09 17:45 . 2012-06-12 14:18 4280 c:\windows\system32\NetworkList\Icons\{1A928F45-0A8A-4149-AAC7-0E5C445355A9}_32.bin + 2012-06-09 17:45 . 2012-06-12 14:18 2456 c:\windows\system32\NetworkList\Icons\{1A928F45-0A8A-4149-AAC7-0E5C445355A9}_24.bin + 2012-07-29 12:57 . 2012-07-29 12:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-03-05 15:28 . 2012-03-05 15:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-03-05 15:28 . 2012-03-05 15:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-07-29 12:57 . 2012-07-29 12:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2010-09-22 22:17 . 2010-09-22 22:17 9576 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlsettingslang.dll + 2010-09-22 22:17 . 2010-09-22 22:17 9064 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\LangSelectorLang.dll + 2012-07-26 20:32 . 2012-07-26 20:32 686792 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_Plugin.exe + 2012-04-08 06:29 . 2012-07-26 20:32 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe + 2011-03-28 18:31 . 2011-03-28 18:31 209280 c:\windows\SysWOW64\LIVESSP.DLL + 2010-07-11 13:47 . 2010-07-11 13:47 453456 c:\windows\SysWOW64\d3dx10_41.dll - 2010-02-14 23:05 . 2012-03-03 18:49 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2010-02-14 23:05 . 2012-04-02 18:34 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2010-02-15 18:32 . 2012-06-27 19:09 383158 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin + 2012-06-21 15:58 . 2009-07-14 01:30 762368 c:\windows\system32\spool\drivers\x64\unires.dll + 2012-06-21 15:58 . 2009-07-14 01:41 884224 c:\windows\system32\spool\drivers\x64\unidrvui.dll + 2012-06-21 15:58 . 2009-07-14 01:41 479232 c:\windows\system32\spool\drivers\x64\unidrv.dll + 2012-06-21 15:58 . 2010-03-29 18:30 114568 c:\windows\system32\spool\drivers\x64\SendToOneNoteFilter.dll + 2012-06-21 15:58 . 2009-07-14 01:41 715264 c:\windows\system32\spool\drivers\x64\mxdwdrv.dll - 2010-02-15 11:29 . 2012-03-02 22:34 806114 c:\windows\system32\perfh013.dat + 2010-02-15 11:29 . 2012-07-27 11:28 806114 c:\windows\system32\perfh013.dat - 2009-07-14 02:36 . 2012-03-02 22:34 717162 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-07-27 11:28 717162 c:\windows\system32\perfh009.dat - 2010-02-15 11:29 . 2012-03-02 22:34 176032 c:\windows\system32\perfc013.dat + 2010-02-15 11:29 . 2012-07-27 11:28 176032 c:\windows\system32\perfc013.dat - 2009-07-14 02:36 . 2012-03-02 22:34 145184 c:\windows\system32\perfc009.dat + 2009-07-14 02:36 . 2012-07-27 11:28 145184 c:\windows\system32\perfc009.dat + 2012-07-26 20:32 . 2012-07-26 20:32 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_268_Plugin.exe + 2011-03-28 19:11 . 2011-03-28 19:11 252800 c:\windows\system32\LIVESSP.DLL + 2009-07-14 04:45 . 2012-07-27 14:57 536888 c:\windows\system32\FNTCACHE.DAT + 2009-07-14 05:30 . 2012-07-20 20:59 143360 c:\windows\system32\DriverStore\infstrng.dat - 2009-07-14 05:30 . 2011-12-23 17:16 143360 c:\windows\system32\DriverStore\infstrng.dat - 2009-07-14 05:30 . 2011-12-23 17:16 143360 c:\windows\system32\DriverStore\infstor.dat + 2009-07-14 05:30 . 2012-07-20 20:58 143360 c:\windows\system32\DriverStore\infstor.dat + 2011-05-13 01:21 . 2011-05-13 01:21 146920 c:\windows\system32\DriverStore\FileRepository\ssadsdm2.inf_amd64_neutral_9bb4b9312ba5263c\amd64\ssadserd.sys + 2011-05-13 01:21 . 2011-05-13 01:21 177640 c:\windows\system32\DriverStore\FileRepository\ssadmdm2.inf_amd64_neutral_3dfc8f4f4d2c1b34\amd64\ssadmdm.sys + 2011-05-13 01:21 . 2011-05-13 01:21 157672 c:\windows\system32\DriverStore\FileRepository\ssadbus.inf_amd64_neutral_d0d780fe82c4e8c4\amd64\ssadbus.sys + 2011-05-13 01:21 . 2011-05-13 01:21 146920 c:\windows\system32\drivers\ssadserd.sys + 2011-05-13 01:21 . 2011-05-13 01:21 177640 c:\windows\system32\drivers\ssadmdm.sys + 2011-05-13 01:21 . 2011-05-13 01:21 157672 c:\windows\system32\drivers\ssadbus.sys + 2012-03-19 03:17 . 2012-03-19 03:17 383808 c:\windows\system32\drivers\avgtdia.sys + 2012-02-22 03:25 . 2012-02-22 03:25 289872 c:\windows\system32\drivers\avgldx64.sys + 2011-12-23 11:31 . 2011-12-23 11:31 124496 c:\windows\system32\drivers\avgidsdrivera.sys + 2009-07-14 05:01 . 2012-07-29 12:56 486376 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-07-19 20:29 . 2012-07-19 20:29 513024 c:\windows\Installer\5a7998.msp + 2012-07-19 20:29 . 2012-07-19 20:29 665088 c:\windows\Installer\5a798f.msp + 2012-07-19 20:28 . 2012-07-19 20:28 468992 c:\windows\Installer\5a7975.msp + 2012-07-19 20:22 . 2012-07-19 20:22 630272 c:\windows\Installer\5a7967.msp + 2012-07-19 20:26 . 2012-07-19 20:26 715264 c:\windows\Installer\5a77fd.msp + 2012-07-19 20:23 . 2012-07-19 20:23 136704 c:\windows\Installer\5a77d0.msp + 2012-07-19 20:23 . 2012-07-19 20:23 429056 c:\windows\Installer\5a77cb.msi + 2012-07-19 20:22 . 2012-07-19 20:22 147968 c:\windows\Installer\5a77c7.msi + 2010-09-22 22:17 . 2010-09-22 22:17 827240 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlupdate.dll + 2010-09-22 22:17 . 2010-09-22 22:17 618856 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlstartup.exe + 2010-09-22 22:17 . 2010-09-22 22:17 138600 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlsres.dll + 2010-09-22 22:17 . 2010-09-22 22:17 552296 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlshim.dll + 2010-09-22 22:17 . 2010-09-22 22:17 265576 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlsettingsres.dll + 2010-09-22 22:17 . 2010-09-22 22:17 493928 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlsettings.exe + 2010-09-22 22:17 . 2010-09-22 22:17 166248 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlbici.dll + 2010-09-22 22:17 . 2010-09-22 22:17 476008 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\LangSelectorRes.dll + 2010-09-22 22:17 . 2010-09-22 22:17 345960 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\LangSelector.exe + 2010-09-22 22:32 . 2010-09-22 22:32 822128 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\WindowsLivePhotoViewerCore.dll + 2010-09-22 22:37 . 2010-09-22 22:37 104304 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\SubscribePluginsInterop.dll + 2010-09-22 22:37 . 2010-09-22 22:37 103792 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\PublishPluginsInterop.dll + 1998-11-05 14:27 . 1998-11-05 14:27 536576 c:\windows\Installer\$PatchCache$\Managed\3140820900063D11C8EF00054038389C\10.0.2627\MSLID.DLL + 2000-11-09 23:45 . 2000-11-09 23:45 148480 c:\windows\Installer\$PatchCache$\Managed\3140820900063D11C8EF00054038389C\10.0.2627\MSCONV97.DLL + 2001-02-24 02:36 . 2001-02-24 02:36 389632 c:\windows\Installer\$PatchCache$\Managed\3140820900063D11C8EF00054038389C\10.0.2627\MSCDM.DLL + 2007-02-25 23:01 . 2007-02-25 23:01 437160 c:\windows\Installer\$PatchCache$\Managed\000021599B0090400000000000F01FEC\12.0.6012\DWTRIG20.EXE + 2012-06-21 16:30 . 2012-06-21 16:30 930304 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlServ#\2f2059a875868233eb303004df3b8673\System.Data.SqlServerCe.ni.dll + 2012-07-26 20:32 . 2012-07-26 20:32 9465032 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll + 2012-07-26 20:32 . 2012-07-26 20:32 1536712 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe + 2012-03-22 19:12 . 2012-03-22 19:12 4435968 c:\windows\SysWOW64\GPhotos.scr + 2010-02-20 15:20 . 2010-02-20 15:20 1207144 c:\windows\SysWOW64\FM20.DLL + 2010-07-11 13:47 . 2010-07-11 13:47 1846632 c:\windows\SysWOW64\D3DCompiler_41.dll + 2012-06-21 15:58 . 2009-07-14 01:41 1576448 c:\windows\system32\spool\drivers\x64\XpsSvcs.dll + 2009-06-20 02:09 . 2009-06-20 02:09 1394688 c:\windows\system32\drivers\athrx.sys + 2009-07-14 04:45 . 2012-07-27 14:58 3607991 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2009-07-14 04:45 . 2011-10-23 07:58 3607991 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2011-02-12 16:18 . 2012-07-29 12:56 4272728 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1434075484-1833317394-3949034151-1001-8192.dat - 2011-10-12 13:40 . 2012-02-15 16:16 1141224 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1434075484-1833317394-3949034151-1001-4096.dat + 2011-10-12 13:40 . 2012-06-13 18:54 1141224 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1434075484-1833317394-3949034151-1001-4096.dat + 2011-02-13 22:04 . 2012-04-15 17:38 2157540 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1434075484-1833317394-3949034151-1001-12288.dat + 2012-07-16 20:09 . 2012-07-16 20:09 8452608 c:\windows\Installer\67e9e.msi + 2012-07-27 15:01 . 2012-07-27 15:01 1402880 c:\windows\Installer\62503.msi + 2012-07-19 20:29 . 2012-07-19 20:29 6219776 c:\windows\Installer\5a7993.msi + 2012-07-19 20:28 . 2012-07-19 20:28 5416448 c:\windows\Installer\5a7989.msi + 2012-07-19 20:28 . 2012-07-19 20:28 4302336 c:\windows\Installer\5a7984.msp + 2012-07-19 20:28 . 2012-07-19 20:28 5864960 c:\windows\Installer\5a797a.msi + 2012-07-19 20:28 . 2012-07-19 20:28 1073664 c:\windows\Installer\5a796b.msi + 2012-07-19 20:22 . 2012-07-19 20:22 1524736 c:\windows\Installer\5a795e.msi + 2012-07-19 20:28 . 2012-07-19 20:28 2957312 c:\windows\Installer\5a7950.msp + 2012-07-19 20:28 . 2012-07-19 20:28 8313856 c:\windows\Installer\5a7936.msi + 2012-07-19 20:27 . 2012-07-19 20:27 5868544 c:\windows\Installer\5a7932.msp + 2012-07-19 20:27 . 2012-07-19 20:27 3734016 c:\windows\Installer\5a78c2.msi + 2012-07-19 20:27 . 2012-07-19 20:27 3664384 c:\windows\Installer\5a78be.msi + 2012-07-19 20:27 . 2012-07-19 20:27 5535744 c:\windows\Installer\5a78b5.msp + 2012-07-19 20:26 . 2012-07-19 20:26 3312128 c:\windows\Installer\5a7862.msp + 2012-07-19 20:26 . 2012-07-19 20:26 8332288 c:\windows\Installer\5a7846.msi + 2012-07-19 20:22 . 2012-07-19 20:22 2343936 c:\windows\Installer\5a7842.msi + 2012-07-19 20:22 . 2012-07-19 20:22 2932224 c:\windows\Installer\5a783e.msp + 2012-07-19 20:21 . 2012-07-19 20:21 7710720 c:\windows\Installer\5a7817.msi + 2012-07-19 20:21 . 2012-07-19 20:21 4426240 c:\windows\Installer\5a7810.msp + 2012-07-19 20:21 . 2012-07-19 20:21 9433088 c:\windows\Installer\5a7801.msi + 2012-07-19 20:23 . 2012-07-19 20:23 2310656 c:\windows\Installer\5a77f5.msi + 2012-07-19 20:23 . 2012-07-19 20:23 1139712 c:\windows\Installer\5a77f1.msp + 2012-07-19 20:23 . 2012-07-19 20:23 4004864 c:\windows\Installer\5a77da.msi + 2012-07-19 20:22 . 2012-07-19 20:22 4680704 c:\windows\Installer\5a77ba.msi + 2012-07-19 20:26 . 2012-07-19 20:26 8822784 c:\windows\Installer\5a77a9.msi + 2011-04-01 09:18 . 2011-04-01 09:18 4556800 c:\windows\Installer\5a7770.msi + 2012-06-19 13:55 . 2012-06-19 13:55 2871808 c:\windows\Installer\48496.msi + 2010-09-22 22:17 . 2010-09-22 22:17 2668392 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\startupres.dll + 2010-09-22 22:32 . 2010-09-22 22:32 1378160 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\WLXMediaPublishSubscribe.dll + 2010-09-22 22:17 . 2010-09-22 22:17 1204584 c:\windows\Installer\$PatchCache$\Managed\B53C70A248384AD4A95944B2C6980A37\15.4.3502\wlarp.exe + 2011-06-06 10:55 . 2011-06-06 10:55 1189004 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B744AA0100000010\10.1.0\JSByteCodeWin.bin + 2010-09-22 21:28 . 2010-09-22 21:28 1043312 c:\windows\Installer\$PatchCache$\Managed\3D04254D3B6B9FF42B3445CE3E1E0066\15.4.3502\LivePlatform.dll + 1999-10-18 03:01 . 1999-10-18 03:01 1129232 c:\windows\Installer\$PatchCache$\Managed\3140820900063D11C8EF00054038389C\10.0.2627\FM20.DLL + 1999-10-18 03:01 . 1999-10-18 03:01 1129232 c:\windows\Installer\$PatchCache$\Managed\1EEE545563AF67F46BEB65697E4F2E6D\6.3.0\FM20.DLL + 2012-06-21 16:25 . 2012-06-21 16:25 2666496 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Data.Sche#\7806c91b3e564d86effb21131364a395\Microsoft.Data.Schema.ni.dll - 2009-07-14 02:34 . 2011-12-23 17:25 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat + 2009-07-14 02:34 . 2012-07-27 11:22 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat + 2012-07-26 20:32 . 2012-07-26 20:32 12315336 c:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll + 2012-04-02 18:33 . 2012-04-02 18:33 20314624 c:\windows\Installer\c2c6e.msp + 2012-04-04 13:32 . 2012-04-04 13:32 16613376 c:\windows\Installer\6c5f2.msp + 2012-07-19 20:27 . 2012-07-19 20:27 13850624 c:\windows\Installer\5a791b.msi + 2012-07-19 20:27 . 2012-07-19 20:27 22647296 c:\windows\Installer\5a7891.msi + 2012-06-21 16:27 . 2012-06-21 16:27 10504704 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VSDesigner\3bfccd475b5cccbc4219259bafbb7c30\Microsoft.VSDesigner.ni.dll + 2012-06-21 16:26 . 2012-06-21 16:26 14960128 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Data.Sche#\d5ca29ccab1e16d35112037ae7f5be4e\Microsoft.Data.Schema.Sql.ni.dll . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] "RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [bU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-26 250056] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-03-24 16776] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-03-24 9096] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-22 1030600] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-29 113120] R3 nuviocir;Nuvoton W836x7HG CIR Device Driver;c:\windows\system32\DRIVERS\nuviocir_win7_x64.sys [2009-06-26 32768] R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-05-06 19936] R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-05-06 13280] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] R3 V0330VID;WebCam Vista/Live! Cam Chat VF0330;c:\windows\system32\DRIVERS\V0330Vid.sys [2009-07-03 193408] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] R4 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01 136176] R4 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01 136176] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744] R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [2010-04-03 313696] R4 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [x] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 428384] R4 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [x] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-04 5160568] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\SysWOW64\nvSCPAPISvr.exe [2009-07-08 239648] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-06-26 83488] . . Inhoud van de 'Gedeelde Taken' map . 2012-07-27 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 20:32] . 2012-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01 08:01] . 2012-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-01 08:01] . 2012-03-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1434075484-1833317394-3949034151-1001Core.job - c:\users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-13 20:13] . 2012-03-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1434075484-1833317394-3949034151-1001UA.job - c:\users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-13 20:13] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-06 8158240] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = localhost uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Verzenden naar OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.4 195.130.130.132 FF - ProfilePath - c:\users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\bmgfrksz.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.gva.be/ontspanning/wedstrijden/ FF - prefs.js: keyword.URL - hxxp://mystart.incredibar.com/mb139/?loc=IB_DS&a=6R8pjRdy0d&&i=26&search= FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8pjRdy0d&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - 40a9b75e0000000000000625d388a655 FF - user.js: extensions.incredibar_i.instlDay - 15438 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1420:38 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6R8pjRdy0d FF - user.js: extensions.incredibar_i.upn2n - 92824155989218653 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10650 FF - user.js: extensions.incredibar_i.ppd - 20%5F4 FF - user.js: extentions.y2layers.installId - 23142d04-67bd-49cb-8bd8-22dcde75501b FF - user.js: extentions.y2layers.defaultEnableAppsList - ezLooker,pagerage,buzzdock,toprelatedtopics,twittube FF - user.js: extensions.autoDisableScopes - 14 . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.9" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}] @Denied: (A 2) (Everyone) @="IFlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe . ************************************************************************** . Voltooingstijd: 2012-07-29 15:07:15 - machine werd herstart ComboFix-quarantined-files.txt 2012-07-29 13:07 ComboFix2.txt 2012-03-17 11:32 ComboFix3.txt 2012-03-05 15:39 ComboFix4.txt 2011-04-18 19:49 ComboFix5.txt 2012-07-29 12:37 . Pre-Run: 97.443.344.384 bytes free Post-Run: 96.989.306.880 bytes beschikbaar . - - End Of File - - 3FDD6D1DD084D4A6E1C217AEB068A465

Malwarebytes Anti-Malware 1.62.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2012.07.27.05 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Danny :: DANNY-PC [administrator] 29/07/2012 12:47:52 mbam-log-2012-07-29 (12-47-52).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 204773 Verstreken tijd: 5 minuut/minuten, 57 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:56:10, on 29/07/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\SysWOW64\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7105 bytes

Als admininstrator Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:10:18, on 28/07/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\SysWOW64\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7499 bytes

Hoi, ik heb traag internet; start traag op, van site veranderen gebeurt traag... speedtest van telenet; ok malwarebyte gedraaid; ok, niks gevonden beestjes? mvg, Jonati

ff verplaatst naar verkoopadvies!!!

Hoi, ik twijfel tussen ipad3, Samsung Galaxy TAb 10.1 P7510, en Acer Iconia A200 Wi-Fi tablet - 16GB (of is er nog iets beter?) Ik heb zelf niks van Apple! Waar koop ik het best zulke dingen? (is er iets goedkoper; Apple IPAD 3 WIFI / 16 GB) Groetjes, Jonati

Hoi, ik twijfel tussen ipad3, Samsung Galaxy TAb 10.1 P7510, en [h=2]Acer Iconia A200 Wi-Fi tablet - 16GB[/h] Ik heb zelf niks van Apple! Waar koop ik het best zulke dingen? (is er iets goedkoper; Apple IPAD 3 WIFI / 16 GB) Groetjes, Jonati

Dat is al heel wat beter, bedankt!