Ga naar inhoud

Lammert

Lid
  • Items

    29
  • Registratiedatum

  • Laatst bezocht

Lammert's prestaties

  1. Hallo Mako, Hier is ZHPdiag log file. Grt. Lammert ZHPDiag.txt
  2. Hallo Mako Hier is de Adwcleaner (so) logje na verwijdering. Grt.Lammert AdwCleaner[S0].txt
  3. Hallo Mako, Heb maar even een nieuw berichtje gemaakt. Hier het ADWcleaner logje. Grt. L AdwCleaner[R0].txt
  4. Ik heb een fout gemaakt mijn PC is opnieuw opgestart ik weet nu niet waar het MBAN logje staat Grt. L - - - Updated - - - Hoi Mako, Hier is het Mbam logje ik heb hem gevonden Grt. L - - - Updated - - - Hallo Mako, Hier is Adwcleaner logje Grt. L MBAM.txt AdwCleaner[R0].txt
  5. Hallo Mako, Ik zag net jou bericht, de vorige reactie van mij kun je dus negeren. Dit is de nieuwste. Grt. Lammert zoek-results.log
  6. Hallo Mako, Hier de nieuwste log Grt. Lammert zoek-results.log
  7. Hier is het logje weer. Grt. L zoek-results.log
  8. Hier is het linkje nog sample_22-09-2014_1002.zip downloaden Grt. L
  9. Hier is het nieuwe logje Grt. Lammert zoek-results.log
  10. Hallo hier is het logje. Grt. L - - - Updated - - - Ik zie alleen geen sample op mijn bureaublad zoek-results.txt
  11. Ik heb een vermoeden dat er een mailware besmetting in mijn computer zit ,ik heb rsit 64 bits gedraaid en log.txt bij gevoegd. Kunnen jullie mij a.u.b helpen? Groet Lammert log.txt
  12. Ik heb ook problemen met mailware en heb daar om ook maar Rsit 64 bits gedraaid. Heb Log.txt toegevoegd log.txt
  13. Hier is hij weer. ComboFix 12-08-13.01 - Lammert 13-08-2012 20:18:12.4.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2935.1326 [GMT 2:00] Gestart vanuit: c:\users\Lammert\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Lammert\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Perion c:\program files (x86)\Perion\NewTab\data.txt c:\program files (x86)\Perion\NewTab\newTab.crx c:\programdata\Babylon c:\users\Lammert\AppData\Roaming\Babylon c:\users\Lammert\AppData\Roaming\Babylon\log_file.txt c:\users\Lammert\AppData\Roaming\BrowserCompanion . c:\windows\SysWow64\drivers\ntfs.sys . . . is geïnfecteerd!! . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-13 to 2012-08-13 )))))))))))))))))))))))))))))) . . 2012-08-13 18:33 . 2012-08-13 18:33 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-08 15:27 . 2012-08-08 15:29 -------- d-----w- c:\windows\SysWow64\MAGIX 2012-08-08 10:38 . 2012-08-08 10:38 -------- d-----w- c:\users\Lammert\AppData\Local\Spotify 2012-08-01 07:24 . 2012-08-01 07:24 -------- d-----w- c:\program files (x86)\Trend Micro 2012-07-31 20:22 . 2012-07-31 20:22 -------- d-----w- c:\users\Lammert\AppData\Roaming\Malwarebytes 2012-07-31 20:22 . 2012-07-31 20:22 -------- d-----w- c:\programdata\Malwarebytes 2012-07-31 19:53 . 2012-07-31 19:53 -------- d-----w- c:\users\Lammert\AppData\Roaming\SpeedyPC Software 2012-07-31 19:53 . 2012-07-31 19:53 -------- d-----w- c:\users\Lammert\AppData\Roaming\DriverCure 2012-07-31 19:53 . 2012-07-31 20:16 -------- d-----w- c:\programdata\SpeedyPC Software 2012-07-28 19:15 . 2012-07-29 06:50 -------- d-----w- c:\program files (x86)\hpmonitor 2012-07-28 19:14 . 2012-06-30 06:46 95744 ----a-w- c:\windows\system32\pdfcmon.dll 2012-07-28 19:14 . 2012-05-05 09:54 137000 ----a-w- c:\windows\SysWow64\MSMAPI32.OCX 2012-07-28 19:14 . 2012-05-05 09:54 23552 ----a-w- c:\windows\SysWow64\MSMPIDE.DLL 2012-07-28 19:14 . 2012-07-28 19:15 -------- d-----w- c:\program files (x86)\PDFCreator 2012-07-19 13:26 . 2012-07-22 11:24 -------- d-----w- c:\users\Lammert\AppData\Roaming\FreeCommander 2012-07-19 13:26 . 2012-07-19 13:26 -------- d-----w- c:\program files (x86)\FreeCommander . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-06 08:21 . 2012-03-31 06:45 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-06 08:21 . 2011-05-17 17:26 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-11 07:36 . 2010-03-02 19:50 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-07-05 09:27 . 2012-07-05 09:28 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-06-25 14:04 . 2012-06-25 14:04 1394248 ------w- c:\windows\SysWow64\msxml4.dll 2012-06-12 03:08 . 2012-07-11 07:44 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-06-09 05:43 . 2012-07-11 05:24 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-06-06 06:06 . 2012-07-11 05:24 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 06:06 . 2012-07-11 05:24 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 06:02 . 2012-07-11 05:24 1133568 ----a-w- c:\windows\system32\cdosys.dll 2012-06-06 05:05 . 2012-07-11 05:24 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-06-06 05:05 . 2012-07-11 05:24 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-06 05:03 . 2012-07-11 05:24 805376 ----a-w- c:\windows\SysWow64\cdosys.dll 2012-06-02 22:19 . 2012-07-01 10:18 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-07-01 10:18 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-07-01 10:18 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-07-01 10:18 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-07-01 10:18 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-07-01 10:18 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-07-01 10:18 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-07-01 10:18 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-07-01 10:18 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 12:49 . 2012-07-11 07:34 17807360 ----a-w- c:\windows\system32\mshtml.dll 2012-06-02 12:17 . 2012-07-11 07:34 10924032 ----a-w- c:\windows\system32\ieframe.dll 2012-06-02 12:12 . 2012-07-11 07:34 2311680 ----a-w- c:\windows\system32\jscript9.dll 2012-06-02 12:05 . 2012-07-11 07:34 1346048 ----a-w- c:\windows\system32\urlmon.dll 2012-06-02 12:05 . 2012-07-11 07:34 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-06-02 12:04 . 2012-07-11 07:34 1494528 ----a-w- c:\windows\system32\inetcpl.cpl 2012-06-02 12:04 . 2012-07-11 07:34 237056 ----a-w- c:\windows\system32\url.dll 2012-06-02 12:03 . 2012-07-11 07:34 85504 ----a-w- c:\windows\system32\jsproxy.dll 2012-06-02 12:01 . 2012-07-11 07:34 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-06-02 12:00 . 2012-07-11 07:34 818688 ----a-w- c:\windows\system32\jscript.dll 2012-06-02 11:59 . 2012-07-11 07:34 2144768 ----a-w- c:\windows\system32\iertutil.dll 2012-06-02 11:57 . 2012-07-11 07:34 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-06-02 11:57 . 2012-07-11 07:34 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-06-02 11:54 . 2012-07-11 07:34 248320 ----a-w- c:\windows\system32\ieui.dll 2012-06-02 08:33 . 2012-07-11 07:34 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-06-02 08:25 . 2012-07-11 07:34 1129472 ----a-w- c:\windows\SysWow64\wininet.dll 2012-06-02 08:25 . 2012-07-11 07:34 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-06-02 08:20 . 2012-07-11 07:34 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-06-02 08:16 . 2012-07-11 07:34 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-06-02 05:50 . 2012-07-11 05:24 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 05:48 . 2012-07-11 05:24 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 05:48 . 2012-07-11 05:24 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 05:45 . 2012-07-11 05:24 340992 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 05:44 . 2012-07-11 05:24 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-06-02 04:40 . 2012-07-11 05:24 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-06-02 04:40 . 2012-07-11 05:24 225280 ----a-w- c:\windows\SysWow64\schannel.dll 2012-06-02 04:39 . 2012-07-11 05:24 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-06-02 04:34 . 2012-07-11 05:24 96768 ----a-w- c:\windows\SysWow64\sspicli.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-08-13_15.57.44 ))))))))))))))))))))))))))))))))))))))))) . + 2009-07-14 05:10 . 2012-08-13 16:14 54554 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-03-02 17:06 . 2012-08-13 16:14 35966 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4115603503-1461586285-4172834887-1000_UserData.bin - 2012-08-13 15:57 . 2012-08-13 15:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-08-13 16:12 . 2012-08-13 16:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-08-13 15:57 . 2012-08-13 15:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-08-13 16:12 . 2012-08-13 16:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2010-01-09 10:50 . 2012-08-13 16:14 111732 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin - 2009-07-14 05:01 . 2012-08-13 15:56 561776 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-08-13 16:11 561776 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-21 68856] "OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 718720] "NokiaPCInternetAccess"="c:\program files (x86)\Nokia\PC Internet Access\NPCIA.exe" [2009-09-17 663552] "Spotify Web Helper"="c:\users\Lammert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-05-31 932528] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 500792] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2009-05-19 136544] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "NSU_agent"="c:\program files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888] . c:\users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer9"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-04 5160568] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136] R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-04-05 96768] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-05 135664] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-06 250056] R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-11-10 167264] R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896] R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [2008-03-20 28672] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-05 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800] R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-31 236544] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 tridhid;tridhid - USB 2.0 HID Driver;c:\windows\system32\drivers\tridhid6010.sys [2008-11-09 20992] R3 TridVid6010;Trident Analog plus Digital Video Device;c:\windows\system32\Drivers\TridVid6010.sys [2008-11-10 831744] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-25 1255736] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] R3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600] S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2009-12-19 29416] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2012-04-05 8704] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-04 687400] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-09-26 233984] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-08-13 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 08:21] . 2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-05 12:24] . 2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-05 12:24] . 2012-08-10 c:\windows\Tasks\HPCeeScheduleForLammert.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-10-24 408600] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-09 171520] "CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-17 767312] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-24 166424] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-24 390168] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-26 2184520] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SYSTEM32\blank.htm uInternet Settings,ProxyOverride = 127.0.0.1:9421 IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.2.254 FF - ProfilePath - c:\users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\sle170ep.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.google.nl/ . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{B80F591E-FE9A-46CF-A13E-180377240586} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-08-13 20:36:58 ComboFix-quarantined-files.txt 2012-08-13 18:36 ComboFix2.txt 2012-08-13 16:03 ComboFix3.txt 2012-08-02 06:35 . Pre-Run: 136.382.648.320 bytes beschikbaar Post-Run: 136.075.481.088 bytes beschikbaar . - - End Of File - - B7F152105C57D06CD2A5887ABD427278
  14. Hier is de logfile, ComboFix 12-08-13.01 - Lammert 13-08-2012 17:44:25.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2935.1123 [GMT 2:00] Gestart vanuit: c:\users\Lammert\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\BrowserCompanion c:\program files (x86)\BrowserCompanion\logo.ico c:\program files (x86)\BrowserCompanion\terms.lnk.url . Besmet exemplaar van c:\windows\SysWow64\userinit.exe werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - c:\windows\erdnt\cache86\userinit.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-13 to 2012-08-13 )))))))))))))))))))))))))))))) . . 2012-08-13 15:54 . 2012-08-13 15:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-08 15:27 . 2012-08-08 15:29 -------- d-----w- c:\windows\SysWow64\MAGIX 2012-08-08 15:24 . 2012-08-10 13:07 -------- d-----w- c:\users\Lammert\AppData\Roaming\BrowserCompanion 2012-08-08 15:24 . 2012-08-08 15:24 -------- d-----w- c:\users\Lammert\AppData\Roaming\Babylon 2012-08-08 15:24 . 2012-08-08 15:24 -------- d-----w- c:\programdata\Babylon 2012-08-08 10:38 . 2012-08-08 10:38 -------- d-----w- c:\users\Lammert\AppData\Local\Spotify 2012-08-01 07:24 . 2012-08-01 07:24 -------- d-----w- c:\program files (x86)\Trend Micro 2012-07-31 20:22 . 2012-07-31 20:22 -------- d-----w- c:\users\Lammert\AppData\Roaming\Malwarebytes 2012-07-31 20:22 . 2012-07-31 20:22 -------- d-----w- c:\programdata\Malwarebytes 2012-07-31 19:53 . 2012-07-31 19:53 -------- d-----w- c:\users\Lammert\AppData\Roaming\SpeedyPC Software 2012-07-31 19:53 . 2012-07-31 19:53 -------- d-----w- c:\users\Lammert\AppData\Roaming\DriverCure 2012-07-31 19:53 . 2012-07-31 20:16 -------- d-----w- c:\programdata\SpeedyPC Software 2012-07-28 19:15 . 2012-07-29 06:50 -------- d-----w- c:\program files (x86)\hpmonitor 2012-07-28 19:14 . 2012-06-30 06:46 95744 ----a-w- c:\windows\system32\pdfcmon.dll 2012-07-28 19:14 . 2012-05-05 09:54 137000 ----a-w- c:\windows\SysWow64\MSMAPI32.OCX 2012-07-28 19:14 . 2012-05-05 09:54 23552 ----a-w- c:\windows\SysWow64\MSMPIDE.DLL 2012-07-28 19:14 . 2012-07-28 19:15 -------- d-----w- c:\program files (x86)\PDFCreator 2012-07-28 18:19 . 2012-07-28 18:19 -------- d-----w- c:\program files (x86)\Perion 2012-07-19 13:26 . 2012-07-22 11:24 -------- d-----w- c:\users\Lammert\AppData\Roaming\FreeCommander 2012-07-19 13:26 . 2012-07-19 13:26 -------- d-----w- c:\program files (x86)\FreeCommander . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-06 08:21 . 2012-03-31 06:45 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-06 08:21 . 2011-05-17 17:26 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-11 07:36 . 2010-03-02 19:50 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-07-05 09:27 . 2012-07-05 09:28 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-06-25 14:04 . 2012-06-25 14:04 1394248 ------w- c:\windows\SysWow64\msxml4.dll 2012-06-12 03:08 . 2012-07-11 07:44 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-06-09 05:43 . 2012-07-11 05:24 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-06-06 06:06 . 2012-07-11 05:24 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 06:06 . 2012-07-11 05:24 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 06:02 . 2012-07-11 05:24 1133568 ----a-w- c:\windows\system32\cdosys.dll 2012-06-06 05:05 . 2012-07-11 05:24 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-06-06 05:05 . 2012-07-11 05:24 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-06 05:03 . 2012-07-11 05:24 805376 ----a-w- c:\windows\SysWow64\cdosys.dll 2012-06-02 22:19 . 2012-07-01 10:18 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-07-01 10:18 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-07-01 10:18 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-07-01 10:18 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-07-01 10:18 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-07-01 10:18 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-07-01 10:18 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-07-01 10:18 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-07-01 10:18 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 12:49 . 2012-07-11 07:34 17807360 ----a-w- c:\windows\system32\mshtml.dll 2012-06-02 12:17 . 2012-07-11 07:34 10924032 ----a-w- c:\windows\system32\ieframe.dll 2012-06-02 12:12 . 2012-07-11 07:34 2311680 ----a-w- c:\windows\system32\jscript9.dll 2012-06-02 12:05 . 2012-07-11 07:34 1346048 ----a-w- c:\windows\system32\urlmon.dll 2012-06-02 12:05 . 2012-07-11 07:34 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-06-02 12:04 . 2012-07-11 07:34 1494528 ----a-w- c:\windows\system32\inetcpl.cpl 2012-06-02 12:04 . 2012-07-11 07:34 237056 ----a-w- c:\windows\system32\url.dll 2012-06-02 12:03 . 2012-07-11 07:34 85504 ----a-w- c:\windows\system32\jsproxy.dll 2012-06-02 12:01 . 2012-07-11 07:34 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-06-02 12:00 . 2012-07-11 07:34 818688 ----a-w- c:\windows\system32\jscript.dll 2012-06-02 11:59 . 2012-07-11 07:34 2144768 ----a-w- c:\windows\system32\iertutil.dll 2012-06-02 11:57 . 2012-07-11 07:34 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-06-02 11:57 . 2012-07-11 07:34 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-06-02 11:54 . 2012-07-11 07:34 248320 ----a-w- c:\windows\system32\ieui.dll 2012-06-02 08:33 . 2012-07-11 07:34 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-06-02 08:25 . 2012-07-11 07:34 1129472 ----a-w- c:\windows\SysWow64\wininet.dll 2012-06-02 08:25 . 2012-07-11 07:34 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-06-02 08:20 . 2012-07-11 07:34 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-06-02 08:16 . 2012-07-11 07:34 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-06-02 05:50 . 2012-07-11 05:24 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 05:48 . 2012-07-11 05:24 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 05:48 . 2012-07-11 05:24 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 05:45 . 2012-07-11 05:24 340992 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 05:44 . 2012-07-11 05:24 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-06-02 04:40 . 2012-07-11 05:24 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-06-02 04:40 . 2012-07-11 05:24 225280 ----a-w- c:\windows\SysWow64\schannel.dll 2012-06-02 04:39 . 2012-07-11 05:24 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-06-02 04:34 . 2012-07-11 05:24 96768 ----a-w- c:\windows\SysWow64\sspicli.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-21 68856] "OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 718720] "NokiaPCInternetAccess"="c:\program files (x86)\Nokia\PC Internet Access\NPCIA.exe" [2009-09-17 663552] "Spotify Web Helper"="c:\users\Lammert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-05-31 932528] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 500792] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2009-05-19 136544] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "NSU_agent"="c:\program files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888] . c:\users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer9"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-05 135664] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-06 250056] R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-11-10 167264] R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896] R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [2008-03-20 28672] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-05 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800] R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-31 236544] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 tridhid;tridhid - USB 2.0 HID Driver;c:\windows\system32\drivers\tridhid6010.sys [2008-11-09 20992] R3 TridVid6010;Trident Analog plus Digital Video Device;c:\windows\system32\Drivers\TridVid6010.sys [2008-11-10 831744] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-25 1255736] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] R3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600] S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2009-12-19 29416] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-04 5160568] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136] S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-04-05 96768] S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2012-04-05 8704] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-04 687400] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-09-26 233984] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-08-13 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 08:21] . 2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-05 12:24] . 2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-05 12:24] . 2012-08-10 c:\windows\Tasks\HPCeeScheduleForLammert.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-10-24 408600] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-09 171520] "CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-17 767312] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-24 166424] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-24 390168] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-26 2184520] . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SYSTEM32\blank.htm uInternet Settings,ProxyOverride = 127.0.0.1:9421 IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.2.254 FF - ProfilePath - c:\users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\sle170ep.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - hxxps://www.google.nl/ FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=112060&tt=3212_5&babsrc=KW_ss&mntrId=046f2ddc000000000000c417fe34f4b7&q= FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112060&tt=3212_5 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q= FF - user.js: extensions.BabylonToolbar.id - 046f2ddc000000000000c417fe34f4b7 FF - user.js: extensions.BabylonToolbar.instlDay - 15560 FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.4.6 FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.4.6 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.4.617:24 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - base FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false . . ------- Bestandsassociaties ------- . JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %* . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) Wow6432Node-HKCU-Run-BrowserChoice - c:\windows\System32\browserchoice.exe WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{B80F591E-FE9A-46CF-A13E-180377240586} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-Nokia PC Internet Access - c:\programdata\Installations\{9652B1F8-F795-46D5-A23F-9C3C41647E51}\INSTALLER.EXE AddRemove-{A8EC0CC0-AD8D-4244-B080-424EDF7A7634} - c:\programdata\{4A818508-3355-4FBC-B302-D53B599DD9D5}\Traktor 2 Setup PC.exe AddRemove-{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226} - c:\program files (x86)\InstallShield Installation Information\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}\setup.exe AddRemove-Spotify - c:\users\Lammert\AppData\Roaming\Spotify\Spotify.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\xampp\mysql\bin\mysqld.exe c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe c:\program files (x86)\CyberLink\Shared files\RichVideo.exe c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe c:\program files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe . ************************************************************************** . Voltooingstijd: 2012-08-13 18:03:55 - machine werd herstart ComboFix-quarantined-files.txt 2012-08-13 16:03 ComboFix2.txt 2012-08-02 06:35 . Pre-Run: 136.427.474.944 bytes beschikbaar Post-Run: 136.107.610.112 bytes beschikbaar . - - End Of File - - A67E5AEE26168757EC625DD5DF413E5D
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.