romijo
-
Items
584 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door romijo
-
Beste kweezie Wabbit, van alles geprobeerd maar lukt me niet om te plakken in het CFScript. op bureaublad De handleiding van jullie gevolgd maar lukt bij alle mappen niet die je in voorgaand bericht hebt geplaatst. gr. -
YTD toolbar verwijderd mappen eset verwijderd Eset verwijderd en opnieuw geinstaleerd ccleaner schoongemaakt ccleaner register fouten hersteld herhaald tot er niets meer stond nu een log van Combofix: ComboFix 12-12-07.01 - MIEKE 10-12-2012 14:24:52.5.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4087.2266 [GMT 1:00] Gestart vanuit: c:\users\MIEKE\Desktop\ComboFix.exe AV: ESET Smart Security 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} FW: ESET Persoonlijke firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA} SP: ESET Smart Security 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-10 to 2012-12-10 )))))))))))))))))))))))))))))) . . 2012-12-10 13:36 . 2012-12-10 13:36 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-12-10 13:36 . 2012-12-10 13:36 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-09 22:35 . 2012-12-09 22:35 -------- d-----w- c:\windows\SysWow64\searchplugins 2012-12-09 22:35 . 2012-12-09 22:35 -------- d-----w- c:\windows\SysWow64\Extensions 2012-12-09 22:35 . 2012-12-09 22:35 -------- d-----w- c:\programdata\Browser Manager 2012-12-09 22:35 . 2012-12-09 22:35 -------- d-----w- c:\users\MIEKE\AppData\Roaming\Babylon 2012-12-09 22:35 . 2012-12-09 22:35 -------- d-----w- c:\programdata\Babylon 2012-12-08 21:59 . 2012-12-08 23:58 -------- d-----w- c:\program files (x86)\Master LaserLabels 2012-12-03 20:45 . 2012-12-03 21:03 -------- d-----w- c:\users\MIEKE\AppData\Roaming\Belastingdienst 2012-12-02 21:18 . 2012-12-02 21:18 -------- d-----w- c:\program files\Common Files\Adobe 2012-12-02 21:15 . 2010-03-19 02:00 55856 ------w- c:\windows\system32\drivers\PxHlpa64.sys 2012-12-02 21:15 . 2012-12-02 21:15 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine 2012-12-02 21:15 . 2012-12-02 21:15 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared 2012-12-02 21:02 . 2012-12-02 21:02 -------- d-----w- c:\users\MIEKE\AppData\Roaming\No Company Name 2012-12-01 22:47 . 2011-01-25 11:44 97280 ----a-w- c:\users\MIEKE\AppData\Local\UrlManager.exe 2012-12-01 10:16 . 2012-12-01 10:16 -------- d-----w- c:\program files\Speccy 2012-11-30 10:03 . 2012-11-30 10:03 161905 ----a-w- c:\windows\Animated Screensaver Maker Uninstaller.exe 2012-11-30 10:03 . 2012-11-30 10:03 -------- d-----w- c:\program files (x86)\Animated Screensaver Maker 2012-11-30 08:21 . 2012-11-30 08:21 81312 ----a-w- c:\windows\system32\drivers\wachidrouter.sys 2012-11-30 08:21 . 2012-11-30 08:21 13728 ----a-w- c:\windows\system32\drivers\hidkmdf.sys 2012-11-28 12:03 . 2012-11-28 12:03 -------- d-----w- c:\users\MIEKE\Nieuwe map 2012-11-28 10:42 . 2012-11-28 10:42 -------- d-----w- c:\users\MIEKE\AppData\Local\Spotnet 2012-11-28 10:41 . 2012-12-02 20:36 -------- d-----w- c:\programdata\Spotnet 2012-11-28 10:41 . 2012-11-28 10:41 -------- d-----w- c:\program files (x86)\Spotnet 2012-11-24 16:37 . 2012-11-24 17:04 -------- d-----w- c:\program files (x86)\Burrrn 2012-11-21 22:43 . 2012-11-21 23:05 -------- d-----w- c:\users\MIEKE\AppData\Roaming\Light Developer 2012-11-21 22:41 . 2012-12-02 10:45 -------- d-----w- c:\program files\Light Developer 2012-11-21 22:10 . 2012-11-21 22:30 -------- d-----w- c:\users\MIEKE\AppData\Roaming\onOne Software 2012-11-21 22:08 . 2012-11-21 22:08 -------- d-----w- c:\program files\onOne Software 2012-11-21 22:08 . 2012-11-21 22:08 -------- d-----w- c:\program files (x86)\onOne Software 2012-11-21 22:08 . 2012-10-26 13:19 66560 ----a-w- c:\windows\SysWow64\nlssrv32.exe 2012-11-21 22:08 . 2012-11-21 22:09 -------- d-----w- c:\programdata\onOne Software 2012-11-21 22:08 . 2012-10-26 13:19 66560 ----a-w- c:\windows\system32\nlssrv32.exe 2012-11-19 16:18 . 2012-11-19 16:18 -------- d-----w- c:\users\UpdatusUser 2012-11-19 16:10 . 2012-10-08 11:23 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-11-19 16:08 . 2012-10-17 01:31 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AFFC50E9-A7A2-4580-9601-C94B2C6D5CB5}\mpengine.dll 2012-11-19 16:08 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll 2012-11-19 16:08 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll 2012-11-19 16:08 . 2012-10-18 18:25 3149824 ----a-w- c:\windows\system32\win32k.sys 2012-11-17 15:35 . 2012-11-18 17:30 -------- d-----w- c:\users\MIEKE\.calme 2012-11-17 14:21 . 2012-11-17 14:21 -------- d-----w- c:\users\MIEKE\AppData\Local\Avanquest North America 2012-11-15 23:08 . 2012-11-15 23:08 120920 ----a-w- c:\windows\system32\drivers\jraid.sys 2012-11-15 23:07 . 2012-11-15 23:07 35328 ----a-w- c:\windows\system32\drivers\pmserenum.sys 2012-11-15 22:55 . 2012-11-15 22:55 19264 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys 2012-11-15 22:55 . 2012-11-15 22:55 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll 2012-11-15 22:55 . 2012-11-15 22:55 9888360 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll 2012-11-15 22:55 . 2012-11-15 22:55 422504 ----a-w- c:\windows\system32\RtsUStor.dll 2012-11-15 22:55 . 2012-11-15 22:55 250984 ----a-w- c:\windows\system32\drivers\RtsUStor.sys 2012-11-15 22:49 . 2012-11-15 22:49 18832 ----a-w- c:\windows\system32\drivers\pmkbdfltr.sys 2012-11-14 23:50 . 2012-11-14 23:50 -------- d-----w- c:\programdata\Uniblue . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-19 16:09 . 2011-05-09 19:07 66395536 ----a-w- c:\windows\system32\MRT.exe 2012-11-10 15:37 . 2010-12-30 22:27 31301632 ----a-w- c:\windows\SysWow64\common_res.dll 2012-11-07 20:58 . 2012-03-30 11:24 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-11-07 20:58 . 2011-06-09 07:08 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-10 20:23 . 2012-10-10 20:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2012-10-10 20:23 . 2012-10-10 20:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll 2012-10-10 20:23 . 2012-10-10 20:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll 2012-10-10 20:23 . 2012-10-10 20:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll 2012-10-10 20:23 . 2012-10-10 20:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-10-10 20:23 . 2012-10-10 20:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-10 20:23 . 2012-10-10 20:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-10 20:23 . 2012-10-10 20:23 2731880 ----a-w- c:\windows\system32\nvapi64.dll 2012-10-10 20:23 . 2010-03-16 04:19 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-10-10 20:23 . 2012-10-10 20:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-10 20:23 . 2012-10-10 20:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-10-10 20:23 . 2012-10-10 20:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-10 20:23 . 2012-10-10 20:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-10-10 20:22 . 2012-10-10 20:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-10-10 20:22 . 2012-10-10 20:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll 2012-10-10 20:22 . 2012-10-10 20:22 1760104 ----a-w- c:\windows\system32\nvdispco64.dll 2012-10-10 20:22 . 2012-10-10 20:22 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-10-10 20:22 . 2012-10-10 20:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-10 20:22 . 2012-10-10 20:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2012-10-10 20:22 . 2012-10-10 20:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-10 20:22 . 2012-10-10 20:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-10-02 19:51 . 2010-07-09 14:27 3293544 ----a-w- c:\windows\system32\nvsvc64.dll 2012-10-02 19:51 . 2010-07-09 14:27 6200680 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 19:50 . 2010-07-09 14:27 891240 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:50 . 2010-07-09 14:27 118120 ----a-w- c:\windows\system32\nvmctray.dll 2012-10-02 19:50 . 2010-02-17 08:47 63336 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 19:50 . 2010-02-17 08:47 2557800 ----a-w- c:\windows\system32\nvsvcr.dll 2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2012-09-29 18:54 . 2012-04-10 19:13 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-24 21:16 . 2012-10-21 11:38 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-09-14 19:19 . 2012-11-04 00:04 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-14 18:28 . 2012-11-04 00:04 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-09-12 16:21 . 2012-08-01 13:52 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2012-09-12 16:21 . 2012-08-01 13:52 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2012-09-12 16:21 . 2012-08-01 13:52 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2012-09-12 16:21 . 2012-08-01 13:52 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2011-12-08 06:06 . 2012-01-12 15:43 1261568 ----a-w- c:\program files (x86)\ess.msi 2011-12-08 06:01 . 2012-01-12 15:26 1245184 ----a-w- c:\program files (x86)\eav.msi 2011-10-10 11:55 . 2011-10-11 21:52 2254848 ----a-w- c:\program files (x86)\sp_setup.msi 2011-09-22 11:12 . 2012-01-12 15:26 375056 ----a-w- c:\program files (x86)\updater.dll 2011-09-22 11:11 . 2012-01-12 15:26 561480 ----a-w- c:\program files (x86)\eguiUpdate.dll 2011-09-22 11:11 . 2012-01-12 15:26 1694992 ----a-w- c:\program files (x86)\SysRescue.exe 2011-09-22 11:10 . 2012-01-12 15:26 1877272 ----a-w- c:\program files (x86)\SysInspector.exe 2011-09-22 11:10 . 2012-01-12 15:26 196848 ----a-w- c:\program files (x86)\shellExt.dll 2011-09-22 11:09 . 2012-01-12 15:26 380200 ----a-w- c:\program files (x86)\eplgOutlook.dll 2011-09-22 11:09 . 2012-01-12 15:26 403384 ----a-w- c:\program files (x86)\eplgOE.dll 2011-09-22 11:09 . 2012-01-12 15:26 11976 ----a-w- c:\program files (x86)\eplgHooks.dll 2011-09-22 11:09 . 2012-01-12 15:26 107768 ----a-w- c:\program files (x86)\eguiMailPlugins.dll 2011-09-22 11:07 . 2012-01-12 15:26 136120 ----a-w- c:\program files (x86)\http_dll.dll 2011-09-22 11:07 . 2012-01-12 15:26 36192 ----a-w- c:\program files (x86)\EHttpSrv.exe 2011-09-22 11:07 . 2012-01-12 15:26 246288 ----a-w- c:\program files (x86)\eguiHips.dll 2011-09-22 11:06 . 2012-01-12 15:43 500168 ----a-w- c:\program files (x86)\eplgOutlookSmon.dll 2011-09-22 11:06 . 2012-01-12 15:43 442512 ----a-w- c:\program files (x86)\eplgOESmon.dll 2011-09-22 11:06 . 2012-01-12 15:43 224152 ----a-w- c:\program files (x86)\eguiSmon.dll 2011-09-22 11:05 . 2012-01-12 15:26 556848 ----a-w- c:\program files (x86)\eguiScan.dll 2011-09-22 11:04 . 2012-01-12 15:26 1648672 ----a-w- c:\program files (x86)\eguiEpfw.dll 2011-09-22 11:04 . 2012-01-12 15:43 744856 ----a-w- c:\program files (x86)\eguiParental.dll 2011-09-22 11:03 . 2012-01-12 15:26 25904 ----a-w- c:\program files (x86)\eh64.exe 2011-09-22 11:03 . 2012-01-12 15:26 4035152 ----a-w- c:\program files (x86)\egui.exe 2011-09-22 11:03 . 2012-01-12 15:26 909024 ----a-w- c:\program files (x86)\eguiProductRcd.dll 2011-09-22 11:02 . 2012-01-12 15:26 896664 ----a-w- c:\program files (x86)\eguiProduct.dll 2011-09-22 11:02 . 2012-01-12 15:26 254016 ----a-w- c:\program files (x86)\eplgOEEmon.dll 2011-09-22 11:02 . 2012-01-12 15:26 234952 ----a-w- c:\program files (x86)\eplgOutlookEmon.dll 2011-09-22 11:02 . 2012-01-12 15:26 120128 ----a-w- c:\program files (x86)\eguiEmon.dll 2011-09-22 11:01 . 2012-01-12 15:26 43408 ----a-w- c:\program files (x86)\eeclnt.exe 2011-09-22 11:01 . 2012-01-12 15:26 115008 ----a-w- c:\program files (x86)\eguiDmon.dll 2011-09-22 11:01 . 2012-01-12 15:26 167472 ----a-w- c:\program files (x86)\DMON.dll 2011-09-22 11:01 . 2012-01-12 15:26 46480 ----a-w- c:\program files (x86)\ecmd.exe 2011-09-22 11:01 . 2012-01-12 15:26 278664 ----a-w- c:\program files (x86)\ecls.exe 2011-09-22 11:00 . 2012-01-12 15:26 346728 ----a-w- c:\program files (x86)\eguiAmon.dll 2011-09-22 11:00 . 2012-01-12 15:26 70176 ----a-w- c:\program files (x86)\callmsi.exe 2011-09-21 19:33 . 2012-01-12 15:43 369708 ----a-w- c:\program files (x86)\SS64NL.exe 2011-09-21 18:09 . 2012-01-12 15:13 369686 ----a-w- c:\program files (x86)\EAV64NL.exe 2010-09-20 11:24 . 2012-01-12 15:43 0 ----a-r- c:\program files (x86)\ekrnParentalLang.dll 2010-09-20 11:24 . 2012-01-12 15:43 0 ----a-r- c:\program files (x86)\eguiParentalLang.dll 2010-08-24 12:46 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnHipsLang.dll 2010-08-24 12:46 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiHipsLang.dll 2009-08-11 12:37 . 2012-01-12 15:26 1655296 ----a-w- c:\program files (x86)\mfc80u.dll 2009-08-11 12:37 . 2012-01-12 15:26 802640 ----a-w- c:\program files (x86)\msvcr80.dll 2009-08-11 12:37 . 2012-01-12 15:26 1068368 ----a-w- c:\program files (x86)\msvcp80.dll 2008-09-12 13:42 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\SysRescueLang.dll 2008-07-14 08:10 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\eplgTbSmonLang.dll 2008-07-14 08:10 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eplgTbLang.dll 2008-05-19 13:47 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\SysInspectorLang.dll 2008-04-23 11:44 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnDmonLang.dll 2008-04-23 11:44 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiDmonLang.dll 2007-09-12 08:45 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eclsLang.dll 2007-08-07 07:13 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnMailPluginsLang.dll 2007-08-07 07:13 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiMailPluginsLang.dll 2007-07-12 14:12 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\eplgOESmonLang.dll 2007-07-12 14:12 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eplgOELang.dll 2007-05-29 14:04 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ShellExtLang.dll 2007-05-10 15:22 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\eplgOutlookSmonLang.dll 2007-05-10 07:59 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnScanLang.dll 2007-04-25 13:09 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiLang.dll 2007-04-25 13:09 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\ekrnSmonLang.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ContactKeeper Birthday reminder"="c:\program files (x86)\ContactKeeper\ContactKeeper.exe" [2011-11-11 921600] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016] "BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2009-09-01 75048] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "TrayServer"="c:\program files (x86)\MAGIX\Video_deluxe_16_Plus_Download-versie\TrayServer.exe" [2008-09-10 90112] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "IndexSearch"="c:\program files (x86)\Nuance\PaperPort\IndexSearch.exe" [2010-03-08 46368] "PaperPort PTD"="c:\program files (x86)\Nuance\PaperPort\pptd40nt.exe" [2010-03-08 29984] "PPort12reminder"="c:\program files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" [2010-02-09 328992] "PDFHook"="c:\program files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-05 636192] "PDF5 Registry Controller"="c:\program files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-05 62752] "CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-03-28 1611160] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-9-22 110592] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\progra~3\BROWSE~1\25976~1.107\{C16C1~1\mngr.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2011-12-02 74752] R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x] R3 Droppix Service;Droppix Service;c:\program files (x86)\Common Files\Droppix\DxService.exe [2009-08-28 221184] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848] R3 IAMTVE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTVE.sys [2007-04-11 43416] R3 IAMTXPE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTXPE.sys [2007-04-11 51096] R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [2009-06-12 40144] R3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys [2009-06-12 41680] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2009-06-17 74256] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2009-06-17 13328] R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704] R3 LVUVC64;Logitech Webcam 300(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-09 1255736] R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592] S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496] S0 iusb3hcs;Intel® USB 3.0 hostcontrollerswitch-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-11-15 19264] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528] S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464] S2 {6E090BD5-4EF5-4bf0-A968-74049E88E935};Power Control [2011/05/09 19:58];c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\000.fcl [2010-01-25 10:32 146928] S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2011/05/10 00:09];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [2009-09-01 14:59 146928] S2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;c:\program files (x86)\Abrosoft\FantaMorph5\FantaUp.exe [2010-11-18 224176] S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-10-26 37280] S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312] S2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe [2012-12-05 2403352] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144] S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2012-01-23 1858048] S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2011-12-02 8704] S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-10 13336] S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000] S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe [2012-10-26 66560] S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-08 144672] S2 PSI_SVC_2_x64;Protexis Licensing V2 x64;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824] S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2008-05-01 4510504] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232] S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320] S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2010-12-24 29288] S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [2009-06-12 287960] S3 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768] S3 gwfilt64;gwfilt64;c:\windows\system32\drivers\gwfilt64.sys [2008-09-23 34840] S3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys [2012-11-30 13728] S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2011-05-09 82816] S3 pmkbdfltr;PenMount Keyboard Device Filter Driver;c:\windows\system32\DRIVERS\pmkbdfltr.sys [2012-11-15 18832] S3 pmserenum;PenMount Serial Device Enumeration Service;c:\windows\system32\DRIVERS\pmserenum.sys [2012-11-15 35328] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2012-11-15 250984] S3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys [2012-11-30 81312] S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2008-03-17 17192] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-08-16 11:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-12-10 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 20:58] . 2012-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 19:56] . 2012-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 19:56] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-11-15 12503184] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024] "CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 4081008] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startpagina.nl/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Openen in PDF Viewer Plus - c:\program files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm TCP: DhcpNameServer = 88.159.1.200 88.159.1.201 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) WebBrowser-{3EEC3C07-13C6-4B41-87C6-40B425A0B0A2} - (no file) ShellIconOverlayIdentifiers-{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} - (no file) ShellIconOverlayIdentifiers-{C72C6188-BEF2-46E5-A89A-52F0ED75219E} - (no file) ShellIconOverlayIdentifiers-{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} - (no file) ShellIconOverlayIdentifiers-{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-HelixYUVCodecs - c:\windows\system32\uninstHelixYUV.exe . . "ImagePath"="\SystemRoot\system32\drivers\1394ohci.sys" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.] . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{6E090BD5-4EF5-4bf0-A968-74049E88E935}] "ImagePath"="\??\c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\000.fcl" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FotoManager.8.alb" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.eps" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.gif" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.iff" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.pcd" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.png" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.tga" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.tif" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.tiff" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥|uE¥|u¾ZîkhŽ™ˆÈ–2*½2*x’2*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥|uE¥|u¾ZîkhŽ™ˆÈ–2*½2*x’2*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥ vE¥ v¾Zõ`Ž¯B<˜&*<»&*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥ vE¥ v¾Zõ`Ž¯B<˜&*<»&*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥€vE¥€v¾Z^Âtx¸l”(*l·(*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥€vE¥€v¾Z^Âtx¸l”(*l·(*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥ÒvE¥Òv¾ZÊ`Ef]¨–*ô¼*X’*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥ÒvE¥Òv¾ZÊ`Ef]¨–*ô¼*X’*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥uE¥u¾Z0a„Nîü—D*üºD*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥uE¥u¾Z0a„Nîü—D*üºD*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥?uE¥?u¾ZadÉË%5H–(*”¼(*ø‘(*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥?uE¥?u¾ZadÉË%5H–(*”¼(*ø‘(*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥NuE¥Nu¾Zóc‹ßÒ(”=*tº=*Ø=*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥NuE¥Nu¾Zóc‹ßÒ(”=*tº=*Ø=*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥§uE¥§u¾Zggž(—@*t½@*Ø’@*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥§uE¥§u¾Zggž(—@*t½@*Ø’@*\OpenWithList] @Class="Shell" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-12-10 14:50:44 ComboFix-quarantined-files.txt 2012-12-10 13:50 ComboFix2.txt 2012-12-07 21:39 ComboFix3.txt 2012-12-01 20:44 . Pre-Run: 470.903.377.920 bytes beschikbaar Post-Run: 470.717.886.464 bytes beschikbaar . - - End Of File - - 72F08B45705888985D37C7EFB342D2B4 "er is al een item met dezelfde sleutel ingevoerd " komt met start/herstart altijd in beeld dan klik ik het weg en verder niets. vr.gr.
-
Inmiddels wat later en bezig geweest op de pc, bij het starten zie ik telkens de melding: Er is al een item met dezelfde sleutel toegevoegd. dan klik ik op ja en het verdwijnt. Ik kom tot de conclusie dat mijn pc nog steeds raar doet want als ik naar programma's en onderdelen ga, dat accepteert de pc niet en sluit zich af om vervolgens zich weer te herstarten. op internet nu nog geen verslag want dat kan op zo'n korte tijd niet moet echt enkele dagen testen. vr. gr.
-
COMBOFIX: ComboFix 12-12-01.02 - MIEKE 07-12-2012 22:10:48.4.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4087.2622 [GMT 1:00] Gestart vanuit: c:\users\MIEKE\Desktop\ComboFix.exe AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} FW: ESET Persoonlijke firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA} SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\MIEKE\AppData\Roaming\Microsoft\~DFK2bbf093.tmp c:\users\MIEKE\AppData\Roaming\Microsoft\1eaadjc.dll c:\users\MIEKE\AppData\Roaming\Microsoft\bass.dll c:\users\MIEKE\AppData\Roaming\Microsoft\engine_vx.dll c:\users\MIEKE\AppData\Roaming\Microsoft\kfgresk.dll c:\users\MIEKE\AppData\Roaming\Microsoft\peaadje.dll c:\users\MIEKE\AppData\Roaming\Microsoft\qwadjb.dll c:\users\MIEKE\AppData\Roaming\Microsoft\rsaadjd.dll c:\users\MIEKE\AppData\Roaming\vso_ts_preview.xml . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-07 to 2012-12-07 )))))))))))))))))))))))))))))) . . 2012-12-07 21:24 . 2012-12-07 21:24 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-12-07 21:24 . 2012-12-07 21:24 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-05 21:21 . 2012-12-05 21:21 -------- d-----w- c:\program files (x86)\YTD Toolbar 2012-12-03 20:45 . 2012-12-03 21:03 -------- d-----w- c:\users\MIEKE\AppData\Roaming\Belastingdienst 2012-12-02 21:18 . 2012-12-02 21:18 -------- d-----w- c:\program files\Common Files\Adobe 2012-12-02 21:15 . 2010-03-19 02:00 55856 ------w- c:\windows\system32\drivers\PxHlpa64.sys 2012-12-02 21:15 . 2012-12-02 21:15 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine 2012-12-02 21:15 . 2012-12-02 21:15 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared 2012-12-02 21:02 . 2012-12-02 21:02 -------- d-----w- c:\users\MIEKE\AppData\Roaming\No Company Name 2012-12-01 22:47 . 2011-01-25 11:44 97280 ----a-w- c:\users\MIEKE\AppData\Local\UrlManager.exe 2012-12-01 10:16 . 2012-12-01 10:16 -------- d-----w- c:\program files\Speccy 2012-11-30 10:03 . 2012-11-30 10:03 161905 ----a-w- c:\windows\Animated Screensaver Maker Uninstaller.exe 2012-11-30 10:03 . 2012-11-30 10:03 -------- d-----w- c:\program files (x86)\Animated Screensaver Maker 2012-11-30 08:21 . 2012-11-30 08:21 81312 ----a-w- c:\windows\system32\drivers\wachidrouter.sys 2012-11-30 08:21 . 2012-11-30 08:21 13728 ----a-w- c:\windows\system32\drivers\hidkmdf.sys 2012-11-28 12:03 . 2012-11-28 12:03 -------- d-----w- c:\users\MIEKE\Nieuwe map 2012-11-28 10:42 . 2012-11-28 10:42 -------- d-----w- c:\users\MIEKE\AppData\Local\Spotnet 2012-11-28 10:41 . 2012-12-02 20:36 -------- d-----w- c:\programdata\Spotnet 2012-11-28 10:41 . 2012-11-28 10:41 -------- d-----w- c:\program files (x86)\Spotnet 2012-11-24 16:37 . 2012-11-24 17:04 -------- d-----w- c:\program files (x86)\Burrrn 2012-11-21 22:43 . 2012-11-21 23:05 -------- d-----w- c:\users\MIEKE\AppData\Roaming\Light Developer 2012-11-21 22:41 . 2012-12-02 10:45 -------- d-----w- c:\program files\Light Developer 2012-11-21 22:10 . 2012-11-21 22:30 -------- d-----w- c:\users\MIEKE\AppData\Roaming\onOne Software 2012-11-21 22:08 . 2012-11-21 22:08 -------- d-----w- c:\program files\onOne Software 2012-11-21 22:08 . 2012-11-21 22:08 -------- d-----w- c:\program files (x86)\onOne Software 2012-11-21 22:08 . 2012-10-26 13:19 66560 ----a-w- c:\windows\SysWow64\nlssrv32.exe 2012-11-21 22:08 . 2012-11-21 22:09 -------- d-----w- c:\programdata\onOne Software 2012-11-21 22:08 . 2012-10-26 13:19 66560 ----a-w- c:\windows\system32\nlssrv32.exe 2012-11-19 16:18 . 2012-11-19 16:18 -------- d-----w- c:\users\UpdatusUser 2012-11-19 16:10 . 2012-10-08 11:23 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-11-19 16:08 . 2012-10-17 01:31 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AFFC50E9-A7A2-4580-9601-C94B2C6D5CB5}\mpengine.dll 2012-11-19 16:08 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll 2012-11-19 16:08 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll 2012-11-19 16:08 . 2012-10-18 18:25 3149824 ----a-w- c:\windows\system32\win32k.sys 2012-11-17 15:35 . 2012-11-18 17:30 -------- d-----w- c:\users\MIEKE\.calme 2012-11-17 14:21 . 2012-11-17 14:21 -------- d-----w- c:\users\MIEKE\AppData\Local\Avanquest North America 2012-11-15 23:08 . 2012-11-15 23:08 120920 ----a-w- c:\windows\system32\drivers\jraid.sys 2012-11-15 23:07 . 2012-11-15 23:07 35328 ----a-w- c:\windows\system32\drivers\pmserenum.sys 2012-11-15 22:55 . 2012-11-15 22:55 19264 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys 2012-11-15 22:55 . 2012-11-15 22:55 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll 2012-11-15 22:55 . 2012-11-15 22:55 9888360 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll 2012-11-15 22:55 . 2012-11-15 22:55 422504 ----a-w- c:\windows\system32\RtsUStor.dll 2012-11-15 22:55 . 2012-11-15 22:55 250984 ----a-w- c:\windows\system32\drivers\RtsUStor.sys 2012-11-15 22:49 . 2012-11-15 22:49 18832 ----a-w- c:\windows\system32\drivers\pmkbdfltr.sys 2012-11-14 23:50 . 2012-11-14 23:50 -------- d-----w- c:\programdata\Uniblue 2012-11-08 13:19 . 2012-11-08 13:19 -------- d-----w- c:\users\MIEKE\AppData\Roaming\mojosoft 2012-11-08 13:19 . 2012-11-08 13:19 -------- d-----w- c:\program files (x86)\mojosoft . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-19 16:09 . 2011-05-09 19:07 66395536 ----a-w- c:\windows\system32\MRT.exe 2012-11-10 15:37 . 2010-12-30 22:27 31301632 ----a-w- c:\windows\SysWow64\common_res.dll 2012-11-07 20:58 . 2012-03-30 11:24 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-11-07 20:58 . 2011-06-09 07:08 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-10 20:23 . 2012-10-10 20:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2012-10-10 20:23 . 2012-10-10 20:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll 2012-10-10 20:23 . 2012-10-10 20:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll 2012-10-10 20:23 . 2012-10-10 20:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll 2012-10-10 20:23 . 2012-10-10 20:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-10-10 20:23 . 2012-10-10 20:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-10 20:23 . 2012-10-10 20:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-10 20:23 . 2012-10-10 20:23 2731880 ----a-w- c:\windows\system32\nvapi64.dll 2012-10-10 20:23 . 2010-03-16 04:19 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-10-10 20:23 . 2012-10-10 20:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-10 20:23 . 2012-10-10 20:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-10-10 20:23 . 2012-10-10 20:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-10 20:23 . 2012-10-10 20:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-10-10 20:22 . 2012-10-10 20:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-10-10 20:22 . 2012-10-10 20:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll 2012-10-10 20:22 . 2012-10-10 20:22 1760104 ----a-w- c:\windows\system32\nvdispco64.dll 2012-10-10 20:22 . 2012-10-10 20:22 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-10-10 20:22 . 2012-10-10 20:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-10 20:22 . 2012-10-10 20:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2012-10-10 20:22 . 2012-10-10 20:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-10 20:22 . 2012-10-10 20:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-10-02 19:51 . 2010-07-09 14:27 3293544 ----a-w- c:\windows\system32\nvsvc64.dll 2012-10-02 19:51 . 2010-07-09 14:27 6200680 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 19:50 . 2010-07-09 14:27 891240 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:50 . 2010-07-09 14:27 118120 ----a-w- c:\windows\system32\nvmctray.dll 2012-10-02 19:50 . 2010-02-17 08:47 63336 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 19:50 . 2010-02-17 08:47 2557800 ----a-w- c:\windows\system32\nvsvcr.dll 2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2012-09-29 18:54 . 2012-04-10 19:13 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-24 21:16 . 2012-10-21 11:38 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-09-14 19:19 . 2012-11-04 00:04 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-14 18:28 . 2012-11-04 00:04 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-09-12 16:21 . 2012-08-01 13:52 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2012-09-12 16:21 . 2012-08-01 13:52 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2012-09-12 16:21 . 2012-08-01 13:52 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2012-09-12 16:21 . 2012-08-01 13:52 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2011-12-08 06:06 . 2012-01-12 15:43 1261568 ----a-w- c:\program files (x86)\ess.msi 2011-12-08 06:01 . 2012-01-12 15:26 1245184 ----a-w- c:\program files (x86)\eav.msi 2011-10-10 11:55 . 2011-10-11 21:52 2254848 ----a-w- c:\program files (x86)\sp_setup.msi 2011-09-22 11:12 . 2012-01-12 15:26 375056 ----a-w- c:\program files (x86)\updater.dll 2011-09-22 11:11 . 2012-01-12 15:26 561480 ----a-w- c:\program files (x86)\eguiUpdate.dll 2011-09-22 11:11 . 2012-01-12 15:26 1694992 ----a-w- c:\program files (x86)\SysRescue.exe 2011-09-22 11:10 . 2012-01-12 15:26 1877272 ----a-w- c:\program files (x86)\SysInspector.exe 2011-09-22 11:10 . 2012-01-12 15:26 196848 ----a-w- c:\program files (x86)\shellExt.dll 2011-09-22 11:09 . 2012-01-12 15:26 380200 ----a-w- c:\program files (x86)\eplgOutlook.dll 2011-09-22 11:09 . 2012-01-12 15:26 403384 ----a-w- c:\program files (x86)\eplgOE.dll 2011-09-22 11:09 . 2012-01-12 15:26 11976 ----a-w- c:\program files (x86)\eplgHooks.dll 2011-09-22 11:09 . 2012-01-12 15:26 107768 ----a-w- c:\program files (x86)\eguiMailPlugins.dll 2011-09-22 11:07 . 2012-01-12 15:26 136120 ----a-w- c:\program files (x86)\http_dll.dll 2011-09-22 11:07 . 2012-01-12 15:26 36192 ----a-w- c:\program files (x86)\EHttpSrv.exe 2011-09-22 11:07 . 2012-01-12 15:26 246288 ----a-w- c:\program files (x86)\eguiHips.dll 2011-09-22 11:06 . 2012-01-12 15:43 500168 ----a-w- c:\program files (x86)\eplgOutlookSmon.dll 2011-09-22 11:06 . 2012-01-12 15:43 442512 ----a-w- c:\program files (x86)\eplgOESmon.dll 2011-09-22 11:06 . 2012-01-12 15:43 224152 ----a-w- c:\program files (x86)\eguiSmon.dll 2011-09-22 11:05 . 2012-01-12 15:26 556848 ----a-w- c:\program files (x86)\eguiScan.dll 2011-09-22 11:04 . 2012-01-12 15:26 1648672 ----a-w- c:\program files (x86)\eguiEpfw.dll 2011-09-22 11:04 . 2012-01-12 15:43 744856 ----a-w- c:\program files (x86)\eguiParental.dll 2011-09-22 11:03 . 2012-01-12 15:26 25904 ----a-w- c:\program files (x86)\eh64.exe 2011-09-22 11:03 . 2012-01-12 15:26 4035152 ----a-w- c:\program files (x86)\egui.exe 2011-09-22 11:03 . 2012-01-12 15:26 909024 ----a-w- c:\program files (x86)\eguiProductRcd.dll 2011-09-22 11:02 . 2012-01-12 15:26 896664 ----a-w- c:\program files (x86)\eguiProduct.dll 2011-09-22 11:02 . 2012-01-12 15:26 254016 ----a-w- c:\program files (x86)\eplgOEEmon.dll 2011-09-22 11:02 . 2012-01-12 15:26 234952 ----a-w- c:\program files (x86)\eplgOutlookEmon.dll 2011-09-22 11:02 . 2012-01-12 15:26 120128 ----a-w- c:\program files (x86)\eguiEmon.dll 2011-09-22 11:01 . 2012-01-12 15:26 43408 ----a-w- c:\program files (x86)\eeclnt.exe 2011-09-22 11:01 . 2012-01-12 15:26 115008 ----a-w- c:\program files (x86)\eguiDmon.dll 2011-09-22 11:01 . 2012-01-12 15:26 167472 ----a-w- c:\program files (x86)\DMON.dll 2011-09-22 11:01 . 2012-01-12 15:26 46480 ----a-w- c:\program files (x86)\ecmd.exe 2011-09-22 11:01 . 2012-01-12 15:26 278664 ----a-w- c:\program files (x86)\ecls.exe 2011-09-22 11:00 . 2012-01-12 15:26 346728 ----a-w- c:\program files (x86)\eguiAmon.dll 2011-09-22 11:00 . 2012-01-12 15:26 70176 ----a-w- c:\program files (x86)\callmsi.exe 2011-09-21 19:33 . 2012-01-12 15:43 369708 ----a-w- c:\program files (x86)\SS64NL.exe 2011-09-21 18:09 . 2012-01-12 15:13 369686 ----a-w- c:\program files (x86)\EAV64NL.exe 2010-09-20 11:24 . 2012-01-12 15:43 0 ----a-r- c:\program files (x86)\ekrnParentalLang.dll 2010-09-20 11:24 . 2012-01-12 15:43 0 ----a-r- c:\program files (x86)\eguiParentalLang.dll 2010-08-24 12:46 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnHipsLang.dll 2010-08-24 12:46 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiHipsLang.dll 2009-08-11 12:37 . 2012-01-12 15:26 1655296 ----a-w- c:\program files (x86)\mfc80u.dll 2009-08-11 12:37 . 2012-01-12 15:26 802640 ----a-w- c:\program files (x86)\msvcr80.dll 2009-08-11 12:37 . 2012-01-12 15:26 1068368 ----a-w- c:\program files (x86)\msvcp80.dll 2008-09-12 13:42 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\SysRescueLang.dll 2008-07-14 08:10 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\eplgTbSmonLang.dll 2008-07-14 08:10 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eplgTbLang.dll 2008-05-19 13:47 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\SysInspectorLang.dll 2008-04-23 11:44 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnDmonLang.dll 2008-04-23 11:44 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiDmonLang.dll 2007-09-12 08:45 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eclsLang.dll 2007-08-07 07:13 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnMailPluginsLang.dll 2007-08-07 07:13 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiMailPluginsLang.dll 2007-07-12 14:12 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\eplgOESmonLang.dll 2007-07-12 14:12 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eplgOELang.dll 2007-05-29 14:04 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ShellExtLang.dll 2007-05-10 15:22 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\eplgOutlookSmonLang.dll 2007-05-10 07:59 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnScanLang.dll 2007-04-25 13:09 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiLang.dll 2007-04-25 13:09 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\ekrnSmonLang.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ContactKeeper Birthday reminder"="c:\program files (x86)\ContactKeeper\ContactKeeper.exe" [2011-11-11 921600] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016] "BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2009-09-01 75048] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "TrayServer"="c:\program files (x86)\MAGIX\Video_deluxe_16_Plus_Download-versie\TrayServer.exe" [2008-09-10 90112] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "IndexSearch"="c:\program files (x86)\Nuance\PaperPort\IndexSearch.exe" [2010-03-08 46368] "PaperPort PTD"="c:\program files (x86)\Nuance\PaperPort\pptd40nt.exe" [2010-03-08 29984] "PPort12reminder"="c:\program files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" [2010-02-09 328992] "PDFHook"="c:\program files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-05 636192] "PDF5 Registry Controller"="c:\program files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-05 62752] "CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-03-28 1611160] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-9-22 110592] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2011-12-02 74752] R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x] R3 Droppix Service;Droppix Service;c:\program files (x86)\Common Files\Droppix\DxService.exe [2009-08-28 221184] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848] R3 IAMTVE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTVE.sys [2007-04-11 43416] R3 IAMTXPE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTXPE.sys [2007-04-11 51096] R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [2009-06-12 40144] R3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys [2009-06-12 41680] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2009-06-17 74256] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2009-06-17 13328] R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704] R3 LVUVC64;Logitech Webcam 300(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-09 1255736] R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592] S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496] S0 iusb3hcs;Intel® USB 3.0 hostcontrollerswitch-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-11-15 19264] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432] S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464] S2 {6E090BD5-4EF5-4bf0-A968-74049E88E935};Power Control [2011/05/09 19:58];c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\000.fcl [2010-01-25 10:32 146928] S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2011/05/10 00:09];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [2009-09-01 14:59 146928] S2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;c:\program files (x86)\Abrosoft\FantaMorph5\FantaUp.exe [2010-11-18 224176] S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-10-26 37280] S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944] S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2012-01-23 1858048] S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2011-12-02 8704] S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-10 13336] S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000] S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe [2012-10-26 66560] S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-08 144672] S2 PSI_SVC_2_x64;Protexis Licensing V2 x64;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824] S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2008-05-01 4510504] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232] S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320] S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2010-12-24 29288] S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [2009-06-12 287960] S3 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576] S3 gwfilt64;gwfilt64;c:\windows\system32\drivers\gwfilt64.sys [2008-09-23 34840] S3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys [2012-11-30 13728] S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2011-05-09 82816] S3 pmkbdfltr;PenMount Keyboard Device Filter Driver;c:\windows\system32\DRIVERS\pmkbdfltr.sys [2012-11-15 18832] S3 pmserenum;PenMount Serial Device Enumeration Service;c:\windows\system32\DRIVERS\pmserenum.sys [2012-11-15 35328] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2012-11-15 250984] S3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys [2012-11-30 81312] S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2008-03-17 17192] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-08-16 11:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-12-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 20:58] . 2012-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 19:56] . 2012-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 19:56] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-11-15 12503184] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024] "CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startpagina.nl/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Openen in PDF Viewer Plus - c:\program files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm TCP: DhcpNameServer = 88.159.1.200 88.159.1.201 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) WebBrowser-{3EEC3C07-13C6-4B41-87C6-40B425A0B0A2} - (no file) ShellIconOverlayIdentifiers-{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} - (no file) ShellIconOverlayIdentifiers-{C72C6188-BEF2-46E5-A89A-52F0ED75219E} - (no file) ShellIconOverlayIdentifiers-{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} - (no file) ShellIconOverlayIdentifiers-{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-HelixYUVCodecs - c:\windows\system32\uninstHelixYUV.exe . . "ImagePath"="\SystemRoot\system32\drivers\1394ohci.sys" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.] . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{6E090BD5-4EF5-4bf0-A968-74049E88E935}] "ImagePath"="\??\c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\000.fcl" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FotoManager.8.alb" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.eps" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.gif" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.iff" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.pcd" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.png" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.tga" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.tif" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.tiff" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\png*¾Zdab|Aˆ] "0"=hex:14,00,1f,44,47,1a,03,59,72,3f,a7,44,89,c5,55,95,fe,6b,30,ee,20,00,00, 00,1a,00,ee,bb,fe,23,00,00,10,00,30,81,e2,33,1e,4e,76,46,83,5a,98,39,5c,3b,\ "MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\png*E¥ÓtE¥Ót¾Zsa{†Ÿr] "0"=hex:14,00,1f,44,47,1a,03,59,72,3f,a7,44,89,c5,55,95,fe,6b,30,ee,20,00,00, 00,1a,00,ee,bb,fe,23,00,00,10,00,30,81,e2,33,1e,4e,76,46,83,5a,98,39,5c,3b,\ "MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*¾Zdab|Aˆ] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*¾Zdab|Aˆ\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*E¥ÓtE¥Ót¾Zsa{†Ÿr] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*E¥ÓtE¥Ót¾Zsa{†Ÿr\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥|uE¥|u¾ZîkhŽ™ˆÈ–2*½2*x’2*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥|uE¥|u¾ZîkhŽ™ˆÈ–2*½2*x’2*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥ vE¥ v¾Zõ`Ž¯B<˜&*<»&*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥ vE¥ v¾Zõ`Ž¯B<˜&*<»&*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥€vE¥€v¾Z^Âtx¸l”(*l·(*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥€vE¥€v¾Z^Âtx¸l”(*l·(*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥ÒvE¥Òv¾ZÊ`Ef]¨–*ô¼*X’*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥ÒvE¥Òv¾ZÊ`Ef]¨–*ô¼*X’*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥uE¥u¾Z0a„Nîü—D*üºD*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥uE¥u¾Z0a„Nîü—D*üºD*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥?uE¥?u¾ZadÉË%5H–(*”¼(*ø‘(*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥?uE¥?u¾ZadÉË%5H–(*”¼(*ø‘(*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥NuE¥Nu¾Zóc‹ßÒ(”=*tº=*Ø=*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥NuE¥Nu¾Zóc‹ßÒ(”=*tº=*Ø=*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥§uE¥§u¾Zggž(—@*t½@*Ø’@*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥§uE¥§u¾Zggž(—@*t½@*Ø’@*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.*png*¾Zdab|Aˆ] "0"=hex:61,00,6c,00,69,00,63,00,6a,00,65,00,32,00,2e,00,70,6e,67,00,be,5a,64, 61,62,7c,41,88,10,01,00,00,8a,00,36,00,00,00,00,00,00,00,00,00,00,00,61,00,\ "MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.*png*E¥ÓtE¥Ót¾Zsa{†Ÿr] "0"=hex:61,00,6c,00,69,00,63,00,6a,00,65,00,33,00,2e,00,70,6e,67,00,45,a5,d3, 74,45,a5,d3,74,be,5a,73,61,7b,86,9f,72,10,01,00,00,9a,00,36,00,00,00,00,00,\ "MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-12-07 22:39:52 ComboFix-quarantined-files.txt 2012-12-07 21:39 ComboFix2.txt 2012-12-01 20:44 . Pre-Run: 472.466.956.288 bytes beschikbaar Post-Run: 472.537.100.288 bytes beschikbaar . - - End Of File - - B1E567B6B42D8E5B85DE92A565505488 AdwCleaner is nergens terug te vinden, kwam ook overigens nooit op bureaublad te staan, kreeg geen keuze mogelijkheid. dus hiermee niets kunnen doen nu. De map C:\Qoobox kon ik niet verwijderen, krijg de melding dat ik niet gemachtigd ben. En als mijn pc uitvalt krijg ik geen flits van een blauw scherm, hij valt dan meteen uit en start opnieuw weer op. dus ik zie niet de oorzaak op 't scherm. zou idd wel gemakkelijker zijn maar helaas. Ik heb de pc nu niet kunnen testen, maar doe dit de komende dagen en laat het u weer weten. Alvast weer mijn hartelijke dank voor uw hulp en duidelijke instructie's fijn weekend!! vr. gr.
-
AdwCleaner log: # AdwCleaner v2.011 - Verslag gemaakt op 06/12/2012 om 22:10:42 # Geactualiseerd op 02/12/2012 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : MIEKE - MIEKE-PC # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\MIEKE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K81TOOPU\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** Map Verwijdert : C:\Program Files (x86)\Application Updater Map Verwijdert : C:\Program Files (x86)\Common Files\spigot Map Verwijdert : C:\Program Files (x86)\Conduit Map Verwijdert : C:\Program Files (x86)\ConduitEngine Map Verwijdert : C:\Program Files (x86)\FileConverter_1.4 Map Verwijdert : C:\Program Files (x86)\MyAshampoo Map Verwijdert : C:\Program Files (x86)\pdfforge Toolbar Map Verwijdert : C:\Program Files (x86)\WiseConvert Map Verwijdert : C:\ProgramData\Partner Map Verwijdert : C:\Users\MIEKE\AppData\Local\Conduit Map Verwijdert : C:\Users\MIEKE\AppData\Local\Ilivid Player Map Verwijdert : C:\Users\MIEKE\AppData\LocalLow\Conduit Map Verwijdert : C:\Users\MIEKE\AppData\LocalLow\ConduitEngine Map Verwijdert : C:\Users\MIEKE\AppData\LocalLow\facemoods.com Map Verwijdert : C:\Users\MIEKE\AppData\LocalLow\FileConverter_1.4 Map Verwijdert : C:\Users\MIEKE\AppData\LocalLow\MyAshampoo Map Verwijdert : C:\Users\MIEKE\AppData\LocalLow\pdfforge Map Verwijdert : C:\Users\MIEKE\AppData\LocalLow\PriceGong Map Verwijdert : C:\Users\MIEKE\AppData\LocalLow\Search Settings Map Verwijdert : C:\Users\MIEKE\AppData\LocalLow\Toolbar4 Map Verwijdert : C:\Users\MIEKE\AppData\LocalLow\WiseConvert Map Verwijdert : C:\Users\MIEKE\AppData\Roaming\OpenCandy ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\APN PIP Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\conduitEngine Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\FileConverter_1.4 Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\MyAshampoo Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\pdfforge Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Search Settings Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\WiseConvert Sleutel Verwijdert : HKCU\Software\AppDataLow\Toolbar Sleutel Verwijdert : HKCU\Software\facemoods.com Sleutel Verwijdert : HKCU\Software\ilivid Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F} Sleutel Verwijdert : HKCU\Software\pdfforge Sleutel Verwijdert : HKCU\Software\Search Settings Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Verwijdert : HKLM\Software\Application Updater Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Conduit.Engine Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2475029 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT3008653 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT3196716 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT3241951 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\conduitEngine Sleutel Verwijdert : HKLM\Software\facemoods.com Sleutel Verwijdert : HKLM\Software\FileConverter_1.4 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{988ABD7F-C363-4605-A81F-5751A690548E} Sleutel Verwijdert : HKLM\Software\MyAshampoo Sleutel Verwijdert : HKLM\Software\pdfforge Sleutel Verwijdert : HKLM\Software\PIP Sleutel Verwijdert : HKLM\Software\Search Settings Sleutel Verwijdert : HKLM\Software\WiseConvert Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{988ABD7F-C363-4605-A81F-5751A690548E} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F6D4856-486F-46C2-9DB3-D49B3E56AB15} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89046790-01F1-4F32-B338-B56E04E3FEF0} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A10294A4-8395-4B58-AEDF-56B2208B8024} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD8DA381-18AE-4F6D-BCE1-21486288E06A} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF96C6DC-1BB6-4540-A734-75E45EF65024} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6898F41-DA81-4829-A5B8-EAC5BBA7E1C9} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FileConverter_1.4 Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MyAshampoo Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WiseConvert Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9} Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{296AA17D-C89E-4242-A5A4-44BFE76914A2}] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{296AA17D-C89E-4242-A5A4-44BFE76914A2}] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16455 Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://newtab.certified-toolbar.com/nie?si=41460&tid=2937&new=true --> hxxp://www.google.com Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= --> hxxp://www.google.com Vervangen : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com -\\ Google Chrome v [Onmogelijk de versie te verkrijgen] File : C:\Users\MIEKE\AppData\Local\Google\Chrome\User Data\Default\Preferences Verwijdert [l.11] : homepage = "hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937", Verwijdert [l.206] : homepage = "hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937", ************************* AdwCleaner[s1].txt - [14441 octets] - [06/12/2012 22:10:42] ########## EOF - C:\AdwCleaner[s1].txt - [14502 octets] ########## Hjtackthis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:16:48, on 6-12-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Cyberlink\Shared files\brs.exe C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe L:\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_16_Plus_Download-versie\TrayServer.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ContactKeeper Birthday reminder] "C:\Program Files (x86)\ContactKeeper\ContactKeeper.exe" /Reminder O4 - HKUS\S-1-5-21-2245337307-2652089892-1536042135-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2245337307-2652089892-1536042135-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Openen in PDF Viewer Plus - res://C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - Unknown owner - C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Droppix Service - Unknown owner - C:\Program Files (x86)\Common Files\Droppix\DxService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12710 bytes ______________________________________________________________________ Ik had inderdaad nog steeds last van dat de pc zomaar uitviel. Bedankt voor uw hulp alvast. Wat moet ik nu verder doen? vr. groeten
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:20:59, on 6-12-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Normal Running processes: C:\Program Files (x86)\Protected Search\ProtectedSearch.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Cyberlink\Shared files\brs.exe C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe L:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Certified-Toolbar Search= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.6\pdfforgeToolbarIE.dll R3 - URLSearchHook: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.6\pdfforgeToolbarIE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.6\pdfforgeToolbarIE.dll O3 - Toolbar: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.6\ytdToolbarIE.dll O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_16_Plus_Download-versie\TrayServer.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" O4 - HKCU\..\Run: [ContactKeeper Birthday reminder] "C:\Program Files (x86)\ContactKeeper\ContactKeeper.exe" /Reminder O4 - HKUS\S-1-5-21-2245337307-2652089892-1536042135-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2245337307-2652089892-1536042135-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Openen in PDF Viewer Plus - res://C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - Unknown owner - C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Droppix Service - Unknown owner - C:\Program Files (x86)\Common Files\Droppix\DxService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14040 bytes groetjes
-
http://speccy.piriform.com/results/kznbK7RkVwJbEM8do8Aw80B gr.
-
Beste Kape, waarschijnlijk heb je het te druk maar zou je me aub nog verder kunnen helpen als je tijd hebt? of kan ik er nu verder niets meer aan doen? vr.gr. Romijo
-
even enkele dingen getest kan nu geen vreemde dingen ontdekken. alleen als ik naar programma's en onderdelen wil gaan, daar is hij 't niet mee eens en sluit zich af. Niet elke keer maar wel vaak. En Ai, Ai, ben nu mij favorite progje kwijt Adobephotoshop elements 10, had hem van de newsserver Eweka/spotnet en als ik hem opnieuw ga binnen halen zal de pc het natuurlijk niet meer accepteren poeh, poeh, wat nu, maar goed we kijken wel hoe we dit op kunnen lossen. Hopelijk kun je me nog verder helpen met bovenstaande (sluit zich af) gr.
-
Heel even tussendoor bezig geweest maar moet zo weer gaan, ik ging naar programma's en onderdelen om ook schoon schip daar te maken, maar tot 2x toe valt de computer weer uit. later vanavond de rest even testen. gr.
-
Goedemorgen Kape, ik kan nu alleen maar effe tussendoor testen en dat gaat tot nu toe goed, mijn Moeder ligt in ZKH, vanavond later kan ik hem uitgebreider testen en laat ik het weten, alvast mijn hartelijke dank!! en nog een fijne zondag. tot later. vr.gr.
-
ComboFix 12-12-01.02 - MIEKE 01-12-2012 21:14:45.3.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4087.2614 [GMT 1:00] Gestart vanuit: c:\users\MIEKE\Desktop\ComboFix.exe AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} FW: ESET Persoonlijke firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA} SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\MIEKE\AppData\Roaming\vso_ts_preview.xml . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-01 to 2012-12-01 )))))))))))))))))))))))))))))) . . 2012-12-01 20:27 . 2012-12-01 20:27 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-12-01 20:27 . 2012-12-01 20:27 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-01 10:16 . 2012-12-01 10:16 -------- d-----w- c:\program files\Speccy 2012-11-30 10:03 . 2012-11-30 10:03 161905 ----a-w- c:\windows\Animated Screensaver Maker Uninstaller.exe 2012-11-30 10:03 . 2012-11-30 10:03 -------- d-----w- c:\program files (x86)\Animated Screensaver Maker 2012-11-30 08:21 . 2012-11-30 08:21 81312 ----a-w- c:\windows\system32\drivers\wachidrouter.sys 2012-11-30 08:21 . 2012-11-30 08:21 13728 ----a-w- c:\windows\system32\drivers\hidkmdf.sys 2012-11-28 12:03 . 2012-11-28 12:03 -------- d-----w- c:\users\MIEKE\Nieuwe map 2012-11-28 10:42 . 2012-11-28 10:42 -------- d-----w- c:\users\MIEKE\AppData\Local\Spotnet 2012-11-28 10:41 . 2012-11-28 10:46 -------- d-----w- c:\programdata\Spotnet 2012-11-28 10:41 . 2012-11-28 10:41 -------- d-----w- c:\program files (x86)\Spotnet 2012-11-24 16:37 . 2012-11-24 17:04 -------- d-----w- c:\program files (x86)\Burrrn 2012-11-21 22:43 . 2012-11-21 23:05 -------- d-----w- c:\users\MIEKE\AppData\Roaming\Light Developer 2012-11-21 22:41 . 2012-11-21 22:43 -------- d-----w- c:\program files\Light Developer 2012-11-21 22:10 . 2012-11-21 22:30 -------- d-----w- c:\users\MIEKE\AppData\Roaming\onOne Software 2012-11-21 22:08 . 2012-11-21 22:08 -------- d-----w- c:\program files\onOne Software 2012-11-21 22:08 . 2012-11-21 22:08 -------- d-----w- c:\program files (x86)\onOne Software 2012-11-21 22:08 . 2012-10-26 13:19 66560 ----a-w- c:\windows\SysWow64\nlssrv32.exe 2012-11-21 22:08 . 2012-11-21 22:09 -------- d-----w- c:\programdata\onOne Software 2012-11-21 22:08 . 2012-10-26 13:19 66560 ----a-w- c:\windows\system32\nlssrv32.exe 2012-11-19 16:18 . 2012-11-19 16:18 -------- d-----w- c:\users\UpdatusUser 2012-11-19 16:10 . 2012-10-08 11:23 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-11-19 16:08 . 2012-10-17 01:31 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AFFC50E9-A7A2-4580-9601-C94B2C6D5CB5}\mpengine.dll 2012-11-19 16:08 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll 2012-11-19 16:08 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll 2012-11-19 16:08 . 2012-10-18 18:25 3149824 ----a-w- c:\windows\system32\win32k.sys 2012-11-17 15:35 . 2012-11-18 17:30 -------- d-----w- c:\users\MIEKE\.calme 2012-11-17 14:21 . 2012-11-17 14:21 -------- d-----w- c:\users\MIEKE\AppData\Local\Avanquest North America 2012-11-15 23:08 . 2012-11-15 23:08 120920 ----a-w- c:\windows\system32\drivers\jraid.sys 2012-11-15 23:07 . 2012-11-15 23:07 35328 ----a-w- c:\windows\system32\drivers\pmserenum.sys 2012-11-15 22:55 . 2012-11-15 22:55 19264 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys 2012-11-15 22:55 . 2012-11-15 22:55 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll 2012-11-15 22:55 . 2012-11-15 22:55 9888360 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll 2012-11-15 22:55 . 2012-11-15 22:55 422504 ----a-w- c:\windows\system32\RtsUStor.dll 2012-11-15 22:55 . 2012-11-15 22:55 250984 ----a-w- c:\windows\system32\drivers\RtsUStor.sys 2012-11-15 22:49 . 2012-11-15 22:49 18832 ----a-w- c:\windows\system32\drivers\pmkbdfltr.sys 2012-11-14 23:50 . 2012-11-14 23:50 -------- d-----w- c:\programdata\Uniblue 2012-11-08 13:19 . 2012-11-08 13:19 -------- d-----w- c:\users\MIEKE\AppData\Roaming\mojosoft 2012-11-08 13:19 . 2012-11-08 13:19 -------- d-----w- c:\program files (x86)\mojosoft 2012-11-04 00:04 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll 2012-11-04 00:04 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-11-03 14:59 . 2012-11-03 14:59 -------- d-----w- c:\programdata\RonyaSoft 2012-11-03 14:44 . 2012-11-03 14:49 -------- d-----w- c:\users\MIEKE\AppData\Roaming\The Complete Genealogy Reporter 2012-11-03 14:44 . 2012-11-03 14:45 -------- d-----w- c:\users\MIEKE\AppData\Roaming\The Complete Genealogy Builder 2012-11-03 14:42 . 2004-12-07 10:11 258352 ----a-w- c:\windows\SysWow64\unicows.dll 2012-11-01 22:19 . 2012-11-01 22:19 -------- d-----w- c:\program files (x86)\Protected Search 2012-11-01 22:19 . 2012-08-30 02:01 15432 ----a-w- c:\windows\Launcher.exe 2012-11-01 22:18 . 2012-11-01 22:22 -------- d-----w- c:\users\MIEKE\AppData\Local\DownTango 2012-11-01 22:18 . 2012-11-01 22:18 -------- d-----w- c:\program files (x86)\Red Sky . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-19 16:09 . 2011-05-09 19:07 66395536 ----a-w- c:\windows\system32\MRT.exe 2012-11-10 15:37 . 2010-12-30 22:27 31301632 ----a-w- c:\windows\SysWow64\common_res.dll 2012-11-07 20:58 . 2012-03-30 11:24 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-11-07 20:58 . 2011-06-09 07:08 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-10 20:23 . 2012-10-10 20:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2012-10-10 20:23 . 2012-10-10 20:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll 2012-10-10 20:23 . 2012-10-10 20:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll 2012-10-10 20:23 . 2012-10-10 20:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll 2012-10-10 20:23 . 2012-10-10 20:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-10-10 20:23 . 2012-10-10 20:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-10 20:23 . 2012-10-10 20:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-10 20:23 . 2012-10-10 20:23 2731880 ----a-w- c:\windows\system32\nvapi64.dll 2012-10-10 20:23 . 2010-03-16 04:19 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-10-10 20:23 . 2012-10-10 20:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-10 20:23 . 2012-10-10 20:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-10-10 20:23 . 2012-10-10 20:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-10 20:23 . 2012-10-10 20:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-10-10 20:22 . 2012-10-10 20:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-10-10 20:22 . 2012-10-10 20:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll 2012-10-10 20:22 . 2012-10-10 20:22 1760104 ----a-w- c:\windows\system32\nvdispco64.dll 2012-10-10 20:22 . 2012-10-10 20:22 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-10-10 20:22 . 2012-10-10 20:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-10 20:22 . 2012-10-10 20:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2012-10-10 20:22 . 2012-10-10 20:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-10 20:22 . 2012-10-10 20:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-10-02 19:51 . 2010-07-09 14:27 3293544 ----a-w- c:\windows\system32\nvsvc64.dll 2012-10-02 19:51 . 2010-07-09 14:27 6200680 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 19:50 . 2010-07-09 14:27 891240 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:50 . 2010-07-09 14:27 118120 ----a-w- c:\windows\system32\nvmctray.dll 2012-10-02 19:50 . 2010-02-17 08:47 63336 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 19:50 . 2010-02-17 08:47 2557800 ----a-w- c:\windows\system32\nvsvcr.dll 2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2012-09-29 18:54 . 2012-04-10 19:13 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-24 21:16 . 2012-10-21 11:38 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-09-12 16:21 . 2012-08-01 13:52 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2012-09-12 16:21 . 2012-08-01 13:52 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2012-09-12 16:21 . 2012-08-01 13:52 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2012-09-12 16:21 . 2012-08-01 13:52 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2012-09-06 21:12 . 2012-05-06 14:57 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-09-06 21:12 . 2011-07-22 07:04 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-12-08 06:06 . 2012-01-12 15:43 1261568 ----a-w- c:\program files (x86)\ess.msi 2011-12-08 06:01 . 2012-01-12 15:26 1245184 ----a-w- c:\program files (x86)\eav.msi 2011-10-10 11:55 . 2011-10-11 21:52 2254848 ----a-w- c:\program files (x86)\sp_setup.msi 2011-09-22 11:12 . 2012-01-12 15:26 375056 ----a-w- c:\program files (x86)\updater.dll 2011-09-22 11:11 . 2012-01-12 15:26 561480 ----a-w- c:\program files (x86)\eguiUpdate.dll 2011-09-22 11:11 . 2012-01-12 15:26 1694992 ----a-w- c:\program files (x86)\SysRescue.exe 2011-09-22 11:10 . 2012-01-12 15:26 1877272 ----a-w- c:\program files (x86)\SysInspector.exe 2011-09-22 11:10 . 2012-01-12 15:26 196848 ----a-w- c:\program files (x86)\shellExt.dll 2011-09-22 11:09 . 2012-01-12 15:26 380200 ----a-w- c:\program files (x86)\eplgOutlook.dll 2011-09-22 11:09 . 2012-01-12 15:26 403384 ----a-w- c:\program files (x86)\eplgOE.dll 2011-09-22 11:09 . 2012-01-12 15:26 11976 ----a-w- c:\program files (x86)\eplgHooks.dll 2011-09-22 11:09 . 2012-01-12 15:26 107768 ----a-w- c:\program files (x86)\eguiMailPlugins.dll 2011-09-22 11:07 . 2012-01-12 15:26 136120 ----a-w- c:\program files (x86)\http_dll.dll 2011-09-22 11:07 . 2012-01-12 15:26 36192 ----a-w- c:\program files (x86)\EHttpSrv.exe 2011-09-22 11:07 . 2012-01-12 15:26 246288 ----a-w- c:\program files (x86)\eguiHips.dll 2011-09-22 11:06 . 2012-01-12 15:43 500168 ----a-w- c:\program files (x86)\eplgOutlookSmon.dll 2011-09-22 11:06 . 2012-01-12 15:43 442512 ----a-w- c:\program files (x86)\eplgOESmon.dll 2011-09-22 11:06 . 2012-01-12 15:43 224152 ----a-w- c:\program files (x86)\eguiSmon.dll 2011-09-22 11:05 . 2012-01-12 15:26 556848 ----a-w- c:\program files (x86)\eguiScan.dll 2011-09-22 11:04 . 2012-01-12 15:26 1648672 ----a-w- c:\program files (x86)\eguiEpfw.dll 2011-09-22 11:04 . 2012-01-12 15:43 744856 ----a-w- c:\program files (x86)\eguiParental.dll 2011-09-22 11:03 . 2012-01-12 15:26 25904 ----a-w- c:\program files (x86)\eh64.exe 2011-09-22 11:03 . 2012-01-12 15:26 4035152 ----a-w- c:\program files (x86)\egui.exe 2011-09-22 11:03 . 2012-01-12 15:26 909024 ----a-w- c:\program files (x86)\eguiProductRcd.dll 2011-09-22 11:02 . 2012-01-12 15:26 896664 ----a-w- c:\program files (x86)\eguiProduct.dll 2011-09-22 11:02 . 2012-01-12 15:26 254016 ----a-w- c:\program files (x86)\eplgOEEmon.dll 2011-09-22 11:02 . 2012-01-12 15:26 234952 ----a-w- c:\program files (x86)\eplgOutlookEmon.dll 2011-09-22 11:02 . 2012-01-12 15:26 120128 ----a-w- c:\program files (x86)\eguiEmon.dll 2011-09-22 11:01 . 2012-01-12 15:26 43408 ----a-w- c:\program files (x86)\eeclnt.exe 2011-09-22 11:01 . 2012-01-12 15:26 115008 ----a-w- c:\program files (x86)\eguiDmon.dll 2011-09-22 11:01 . 2012-01-12 15:26 167472 ----a-w- c:\program files (x86)\DMON.dll 2011-09-22 11:01 . 2012-01-12 15:26 46480 ----a-w- c:\program files (x86)\ecmd.exe 2011-09-22 11:01 . 2012-01-12 15:26 278664 ----a-w- c:\program files (x86)\ecls.exe 2011-09-22 11:00 . 2012-01-12 15:26 346728 ----a-w- c:\program files (x86)\eguiAmon.dll 2011-09-22 11:00 . 2012-01-12 15:26 70176 ----a-w- c:\program files (x86)\callmsi.exe 2011-09-21 19:33 . 2012-01-12 15:43 369708 ----a-w- c:\program files (x86)\SS64NL.exe 2011-09-21 18:09 . 2012-01-12 15:13 369686 ----a-w- c:\program files (x86)\EAV64NL.exe 2010-09-20 11:24 . 2012-01-12 15:43 0 ----a-r- c:\program files (x86)\ekrnParentalLang.dll 2010-09-20 11:24 . 2012-01-12 15:43 0 ----a-r- c:\program files (x86)\eguiParentalLang.dll 2010-08-24 12:46 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnHipsLang.dll 2010-08-24 12:46 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiHipsLang.dll 2010-01-26 10:11 . 2011-12-03 22:35 444283 ----a-w- c:\program files (x86)\Common Files\WinPcapNmap.exe 2009-08-11 12:37 . 2012-01-12 15:26 1655296 ----a-w- c:\program files (x86)\mfc80u.dll 2009-08-11 12:37 . 2012-01-12 15:26 802640 ----a-w- c:\program files (x86)\msvcr80.dll 2009-08-11 12:37 . 2012-01-12 15:26 1068368 ----a-w- c:\program files (x86)\msvcp80.dll 2008-09-12 13:42 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\SysRescueLang.dll 2008-07-14 08:10 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\eplgTbSmonLang.dll 2008-07-14 08:10 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eplgTbLang.dll 2008-05-19 13:47 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\SysInspectorLang.dll 2008-04-23 11:44 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnDmonLang.dll 2008-04-23 11:44 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiDmonLang.dll 2007-09-12 08:45 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eclsLang.dll 2007-08-07 07:13 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnMailPluginsLang.dll 2007-08-07 07:13 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiMailPluginsLang.dll 2007-07-12 14:12 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\eplgOESmonLang.dll 2007-07-12 14:12 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eplgOELang.dll 2007-05-29 14:04 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ShellExtLang.dll 2007-05-10 15:22 . 2012-01-12 15:43 0 ----a-w- c:\program files (x86)\eplgOutlookSmonLang.dll 2007-05-10 07:59 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\ekrnScanLang.dll 2007-04-25 13:09 . 2012-01-12 15:26 0 ----a-w- c:\program files (x86)\eguiLang.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ContactKeeper Birthday reminder"="c:\program files (x86)\ContactKeeper\ContactKeeper.exe" [2011-11-11 921600] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016] "BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2009-09-01 75048] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "TrayServer"="c:\program files (x86)\MAGIX\Video_deluxe_16_Plus_Download-versie\TrayServer.exe" [2008-09-10 90112] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "IndexSearch"="c:\program files (x86)\Nuance\PaperPort\IndexSearch.exe" [2010-03-08 46368] "PaperPort PTD"="c:\program files (x86)\Nuance\PaperPort\pptd40nt.exe" [2010-03-08 29984] "PPort12reminder"="c:\program files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" [2010-02-09 328992] "PDFHook"="c:\program files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-05 636192] "PDF5 Registry Controller"="c:\program files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-05 62752] "CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-03-28 1611160] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-09-29 766536] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-9-22 110592] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2011-12-02 74752] R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x] R3 Droppix Service;Droppix Service;c:\program files (x86)\Common Files\Droppix\DxService.exe [2009-08-28 221184] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848] R3 IAMTVE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTVE.sys [2007-04-11 43416] R3 IAMTXPE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTXPE.sys [2007-04-11 51096] R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [2009-06-12 40144] R3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys [2009-06-12 41680] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2009-06-17 74256] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2009-06-17 13328] R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704] R3 LVUVC64;Logitech Webcam 300(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-09 1255736] R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592] S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496] S0 iusb3hcs;Intel® USB 3.0 hostcontrollerswitch-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-11-15 19264] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432] S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464] S2 {6E090BD5-4EF5-4bf0-A968-74049E88E935};Power Control [2011/05/09 19:58];c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\000.fcl [2010-01-25 10:32 146928] S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2011/05/10 00:09];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [2009-09-01 14:59 146928] S2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;c:\program files (x86)\Abrosoft\FantaMorph5\FantaUp.exe [2010-11-18 224176] S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2011-10-26 37280] S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312] S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2012-10-09 799112] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944] S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2012-01-23 1858048] S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2011-12-02 8704] S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-10 13336] S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000] S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe [2012-10-26 66560] S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-08 144672] S2 PSI_SVC_2_x64;Protexis Licensing V2 x64;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824] S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2008-05-01 4510504] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232] S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320] S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2010-12-24 29288] S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [2009-06-12 287960] S3 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576] S3 gwfilt64;gwfilt64;c:\windows\system32\drivers\gwfilt64.sys [2008-09-23 34840] S3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys [2012-11-30 13728] S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2011-05-09 82816] S3 pmkbdfltr;PenMount Keyboard Device Filter Driver;c:\windows\system32\DRIVERS\pmkbdfltr.sys [2012-11-15 18832] S3 pmserenum;PenMount Serial Device Enumeration Service;c:\windows\system32\DRIVERS\pmserenum.sys [2012-11-15 35328] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2012-11-15 250984] S3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys [2012-11-30 81312] S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2008-03-17 17192] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - CPUZ135 *Deregistered* - cpuz135 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-08-16 11:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-12-01 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 20:58] . 2012-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 19:56] . 2012-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-03 19:56] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-11-15 12503184] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024] "CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startpagina.nl/ uLocal Page = c:\windows\system32\blank.htm uSearch Page = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q= mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Openen in PDF Viewer Plus - c:\program files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm TCP: DhcpNameServer = 88.159.1.200 88.159.1.201 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe Wow6432Node-HKLM-Run-<NO NAME> - (no file) WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file) WebBrowser-{296AA17D-C89E-4242-A5A4-44BFE76914A2} - (no file) WebBrowser-{3EEC3C07-13C6-4B41-87C6-40B425A0B0A2} - (no file) ShellIconOverlayIdentifiers-{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} - (no file) ShellIconOverlayIdentifiers-{C72C6188-BEF2-46E5-A89A-52F0ED75219E} - (no file) ShellIconOverlayIdentifiers-{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} - (no file) ShellIconOverlayIdentifiers-{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-HelixYUVCodecs - c:\windows\system32\uninstHelixYUV.exe . . "ImagePath"="\SystemRoot\system32\drivers\1394ohci.sys" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.] . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{6E090BD5-4EF5-4bf0-A968-74049E88E935}] "ImagePath"="\??\c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\000.fcl" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}] "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FotoManager.8.alb" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.eps" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.gif" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.iff" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.pcd" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.png" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.tga" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.tif" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="MAGIXviewer.tiff" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥|uE¥|u¾ZîkhŽ™ˆÈ–2*½2*x’2*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥|uE¥|u¾ZîkhŽ™ˆÈ–2*½2*x’2*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥ vE¥ v¾Zõ`Ž¯B<˜&*<»&*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥ vE¥ v¾Zõ`Ž¯B<˜&*<»&*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥€vE¥€v¾Z^Âtx¸l”(*l·(*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥€vE¥€v¾Z^Âtx¸l”(*l·(*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥ÒvE¥Òv¾ZÊ`Ef]¨–*ô¼*X’*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*png*þÿÿÿE¥ÒvE¥Òv¾ZÊ`Ef]¨–*ô¼*X’*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥uE¥u¾Z0a„Nîü—D*üºD*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥uE¥u¾Z0a„Nîü—D*üºD*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥?uE¥?u¾ZadÉË%5H–(*”¼(*ø‘(*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥?uE¥?u¾ZadÉË%5H–(*”¼(*ø‘(*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥NuE¥Nu¾Zóc‹ßÒ(”=*tº=*Ø=*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥NuE¥Nu¾Zóc‹ßÒ(”=*tº=*Ø=*\OpenWithList] @Class="Shell" . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥§uE¥§u¾Zggž(—@*t½@*Ø’@*] @Class="Shell" @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-2245337307-2652089892-1536042135-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*þÿÿÿE¥§uE¥§u¾Zggž(—@*t½@*Ø’@*\OpenWithList] @Class="Shell" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-12-01 21:44:05 ComboFix-quarantined-files.txt 2012-12-01 20:44 . Pre-Run: 481.112.887.296 bytes beschikbaar Post-Run: 481.171.296.256 bytes beschikbaar . - - End Of File - - F43028DFCECE1A340B2AEEED1E77E14E gr.
-
Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Databaseversie: v2012.12.01.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 MIEKE :: MIEKE-PC [administrator] 1-12-2012 17:50:18 mbam-log-2012-12-01 (17-50-18).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 236381 Verstreken tijd: 4 minuut/minuten, 14 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search (PUP.ProtectedSearch) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search\Protected Search Settings.lnk (PUP.ProtectedSearch) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) HiJtack logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:47:32, on 1-12-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Normal Running processes: C:\Program Files (x86)\Protected Search\ProtectedSearch.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Cyberlink\Shared files\brs.exe C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe L:\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_16_Plus_Download-versie\TrayServer.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ContactKeeper Birthday reminder] "C:\Program Files (x86)\ContactKeeper\ContactKeeper.exe" /Reminder O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-21-2245337307-2652089892-1536042135-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2245337307-2652089892-1536042135-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Openen in PDF Viewer Plus - res://C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - Unknown owner - C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Droppix Service - Unknown owner - C:\Program Files (x86)\Common Files\Droppix\DxService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12965 bytes gr.
-
ben naar start gegaan etc opdrachtpromp en zie alleen het volgende
-
Scan saved at 13:09:16, on 1-12-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Normal Running processes: C:\Program Files (x86)\Protected Search\ProtectedSearch.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Cyberlink\Shared files\brs.exe C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe L:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Certified-Toolbar Search= R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Certified-Toolbar Search= R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Certified-Toolbar Search= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Certified-Toolbar Search= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Certified-Toolbar Search= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Certified-Toolbar Search= R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Certified-Toolbar Search R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Certified-Toolbar Search= R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Home Page} R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Certified-Toolbar Search= R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll R3 - URLSearchHook: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.5\ytdToolbarIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: FileConverter 1.4 - {296aa17d-c89e-4242-a5a4-44bfe76914a2} - C:\Program Files (x86)\FileConverter_1.4\prxtbFile.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: WiseConvert - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files (x86)\WiseConvert\prxtbWis0.dll O2 - BHO: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.5\ytdToolbarIE.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: WiseConvert Toolbar - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files (x86)\WiseConvert\prxtbWis0.dll O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O3 - Toolbar: FileConverter 1.4 Toolbar - {296aa17d-c89e-4242-a5a4-44bfe76914a2} - C:\Program Files (x86)\FileConverter_1.4\prxtbFile.dll O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll O3 - Toolbar: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.5\ytdToolbarIE.dll O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_16_Plus_Download-versie\TrayServer.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" O4 - HKCU\..\Run: [ContactKeeper Birthday reminder] "C:\Program Files (x86)\ContactKeeper\ContactKeeper.exe" /Reminder O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-21-2245337307-2652089892-1536042135-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2245337307-2652089892-1536042135-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Openen in PDF Viewer Plus - res://C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - Unknown owner - C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Droppix Service - Unknown owner - C:\Program Files (x86)\Common Files\Droppix\DxService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
-
Ik heb het precies zo gedaan, ennuh.... verwijderen hij staat niet eens in het lijstje meer bij programma's en onderdelen, en ga ik hem downloaden volgens jullie instructie's dan komt hij al meteen in beeld ook als ik zeg eerst opslaan, maar op mijn pc kan ik hem nergens vinden om te verwijderen raar maar waar. gr.
-
Dank weer voor jullie hulp, deze link is van speccy http://speccy.piriform.com/results/i7sL0FeI03pCwppEUHD2hwh Maar hijack this lukt niet blijkbaar staat hij ergens onzichtbaar op de pc als ik hem download komt ie meteen in beeld kan hem ook niet in de map vinden en als ik hem bij programma's en onderdelen verwijder lukt dat wel maar voorgaande herhaald zich dan opnieuw zie bovenstaand openingsbericht (had het verkeerd geschreven Hijtack) vr.gr.
-
Hallo beste helpers, daar ben ik weer, heb het probleem dat mijn pc steeds weer uitvalt als ik iets bekijk en nog eens niet altijd filmpje, ook bij een spelletje te spelen online en nu ook af en toe als ik ofline werk en dat is knap lastig als je weer alles verliest doordat pc afsluit. ik kon strakjes zelfs niet meer in programma's en onderdelen komen tot 3x toe achter elkaar viel mijn pc weer uit sluit een overzicht bij van informatie over mijn desktop [ATTACH=CONFIG]22763[/ATTACH] ik heb ccleaner alles weer schoon laten maken en ook register van fouten hersteld nu wilde ik Hijtack starten maar kan hem niet meer als administrator uitvoeren dan ga ik naar althans dat wilde ik naar mico.... maar nergens te vinden bij programma's en onderdelen verwijderd opnieuw willen downloaden maar dit alles lukt ook niet hij komt wel te voorschijn maar niet als administrator Kon dus niet een logje plaatsen hopelijk kunnen jullie me weer verder helpen want ik denk dat er weer flink wat mis is op mijn Maatje zo noem ik mijn PC O vergeet ik nog kan ook vaak linkjes niet openen als ik op een betrouwbare site ben nu ook weer problemen om dit naar jullie te zenden. vr gr Romijo
-
Hallo beste helpers, daar ben ik weer, heb het probleem dat mijn pc steeds weer uitvalt als ik iets bekijk en nog eens niet altijd filmpje, ook bij een spelletje te spelen online en nu ook af en toe als ik ofline werk en dat is knap lastig als je weer alles verliest doordat pc afsluit. ik kon strakjes zelfs niet meer in programma's en onderdelen komen tot 3x toe achter elkaar viel mijn pc weer uit sluit een overzicht bij van informatie over mijn desktop ik heb ccleaner alles weer schoon laten maken en ook register van fouten hersteld nu wilde ik Hijtack starten maar kan hem niet meer als administrator uitvoeren dan ga ik naar althans dat wilde ik naar mico.... maar nergens te vinden bij programma's en onderdelen verwijderd opnieuw willen downloaden maar dit alles lukt ook niet hij komt wel te voorschijn maar niet als administrator Kon dus niet een logje plaatsen hopelijk kunnen jullie me weer verder helpen want ik denk dat er weer flink wat mis is op mijn Maatje zo noem ik mijn PC
-
Heb ik gedaan, ben er superblij mee dat dit weer is opgelost, het is toch fantastisch dat dit kan op afstand, je hebt me duidelijke instructies gegeven daardoor is het dan ook gelukt. Geweldig!!!!! veel dank voor al je hulp SUPER !!!!! BEDANKT BEDANKT BEDANKT !!!!!!! en nog een fijn weekend toegewenst verder. vr.gr. Romijo
-
2x combofix verwijderd handmatig, Qoobox gezocht die staat nergens, ik kwam wel het volgende tegen moet ik daar nog iets mee doen ? ( laten staan /verwijderen) CCleaner afgewerkt. systeembeveiliging gedaan wat je zei, maar nu is dan systeembeveiliging uitgeschakeld denk ik moet dat ook? verder alles klaar opnieuw opgestart wacht toch nog even op je antwoord voordat ik opgelost aanklik vr.gr.
-
oke dan kan ik nu 't lijstje even afwerken dank je hopelijk gaat 't verder goed vr.gr.
-
Ben het nog eens gaan proberen en krijg nu het volgende te zien tot 2x toe geprobeerd. de tooltjes blijven beiden staan in downloads en bureaublad. vr.gr.
-
---------- Post toegevoegd om 21:06 ---------- Vorige post was om 21:04 ---------- ik bedoelde zal even kijken, maar heb ik inmiddels gedaan en hij staat in downloads en op bureaublad ---------- Post toegevoegd om 21:08 ---------- Vorige post was om 21:06 ---------- en is geen map maar gewoon beiden zijn de tooltjes
-
Kan het zijn omdat hij op 2 plaatsten staat? in downloads en bureaublad ---------- Post toegevoegd om 21:01 ---------- Vorige post was om 20:58 ---------- heb het tooltje gebruikt en hij zegt eerste instantie niet correct nog een keer en zegt done moet ik dan nog wat doen? combofix staat er nog wel
