Ga naar inhoud

Lodewijk16

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    18

  • Registratiedatum

  • Laatst bezocht

Lodewijk16's prestaties

Leerling

Leerling (3/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. Lodewijk16
    Is uitgevoerd. Opstarten Outlook duurt nog ca. 1,5 minuten. Mag dit als opgelost beschouwd worden? Alvast hartelijk dank voor de geboden hulp!!!
  2. Lodewijk16
    "Windows 7" en "Office Professional Plus 2010" heb ik volledig legaal!
  3. Lodewijk16
    Bij het klikken op Download CCleaner gaat de browser naar CCleaner - Slim en daarna naar http://www.piriform.com/ccleaner/download/slim/downloadfile om dan te veranderen in een volledig witte pagina. Via de homepage van piriform heb ik toch CCleaner kunnen downloaden. Outlook heeft ca. 2 minuten nodig om op te starten. Wat kan er hieraan verhelpen?
  4. Lodewijk16
    Beste Kape, Na het scannen met SUPERAntiSpyware (gevonden op een site die ook ging over het Google Redirect Virus en Emsisoft Emergency Kit, is dit hardnekkig virus kennelijk verdwenen. Google werkt weer normaal op IE9 en op Firefox. Ik stel nu evenwel vast dat Outlook 2010 tergend traag opstart. Wat zou daar de oorzaak van kunnen zijn? Werd er toch iets verwijderd dat bij het opstarten van Outlook nodig is? Bedankt voor alle hulp. Voorlopig sluit in deze discussie nog niet af.
  5. Lodewijk16
    Emsisoft Emergency Kit - Versie 3.0 Laatste Update: 23-12-2012 08:36:24 Scaninstellingen: Scantype: Diepe scan Objecten: Rootkits, Geheugen, Sporen, C:\, D:\, F:\ Detecteer riskware: Uit Scan archieven: Aan ADS Scan: Aan Bestandsextensiefilter: Uit Geavanceerde cache: Aan Directe schijftoegang: Uit Scan gestart: 23-12-2012 08:37:08 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games Ontdekt: Trace.File.Bejeweled 2 Deluxe 1.0 (A) D:\Downloads\WinKeyFinder173.exe Ontdekt: Trojan.Win32.KeyFind.A (A) F:\Backup Medion HDD500_1\Backup Medion XP 20080524\Mijn documenten Medion XP 20080524\Mijn documenten oud\My Deliveries\kdx\TeenageLawnmowerDemoInstaller.exe Ontdekt: Adware.Win32.BetterInternet.AMN (A) F:\Backup Medion HDD500_1\Backup Medion XP 20080524\Mijn documenten Medion XP 20080524\My Deliveries\kdx\TeenageLawnmowerDemoInstaller.exe Ontdekt: Adware.Win32.BetterInternet.AMN (A) F:\Backup TargaDataBox 20090721\Backup Medion 2 20080427\Backup Mijn documenten 20080427\My Deliveries\kdx\TeenageLawnmowerDemoInstaller.exe Ontdekt: Adware.Win32.BetterInternet.AMN (A) F:\Backup TargaDataBox 20090721\Backup Medion2 20060923\Mijn documenten 20060923\My Deliveries\kdx\TeenageLawnmowerDemoInstaller.exe Ontdekt: Adware.Win32.BetterInternet.AMN (A) Gescand 1602264 Gevonden 6 Scan geëindigd: 23-12-2012 23:19:15 Scantijd: 14:42:07 F:\Backup Medion HDD500_1\Backup Medion XP 20080524\Mijn documenten Medion XP 20080524\Mijn documenten oud\My Deliveries\kdx\TeenageLawnmowerDemoInstaller.exe Verwijderd Adware.Win32.BetterInternet.AMN (A) F:\Backup Medion HDD500_1\Backup Medion XP 20080524\Mijn documenten Medion XP 20080524\My Deliveries\kdx\TeenageLawnmowerDemoInstaller.exe Verwijderd Adware.Win32.BetterInternet.AMN (A) F:\Backup TargaDataBox 20090721\Backup Medion 2 20080427\Backup Mijn documenten 20080427\My Deliveries\kdx\TeenageLawnmowerDemoInstaller.exe Verwijderd Adware.Win32.BetterInternet.AMN (A) F:\Backup TargaDataBox 20090721\Backup Medion2 20060923\Mijn documenten 20060923\My Deliveries\kdx\TeenageLawnmowerDemoInstaller.exe Verwijderd Adware.Win32.BetterInternet.AMN (A) D:\Downloads\WinKeyFinder173.exe Verwijderd Trojan.Win32.KeyFind.A (A) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games Verwijderd Trace.File.Bejeweled 2 Deluxe 1.0 (A) Verwijderd 6
  6. Lodewijk16
    IE9 heb ik hersteld naar de standaardwaarden. Het probleem is niet verholpen. De zoekresultaten van Google leiden af naar: http://directagain.net/in.php?source=3547&q=floralux&suid=700029951-9080001&rnd=c2m5V6wO8vf7wthO0yyGHw%3D%3D Zijn er nog andere opties, behalve windows herinstalleren?
  7. Lodewijk16
    Kan ik dit doormailen ofzo? De bestanden noemen: hosts, hosts.datum.backup, hosts.bak, HOSTS.MVP, Imhosts.sam, networks, protocol en services.
  8. Lodewijk16
    Nu werd ik omgeleid naar: "http://www.ads4adult.com/my_traffic.php?track=reach_BE" en "http://directagain.net/i.php?a=2&b=231876"
  9. Lodewijk16
    Het probleem is helaas nog niet opgelost. In IE9 wordt ik in google via http://search-faster.com/vcpv.php omgeleid naar: news.findpin.org en Find what you need!= en http://worddictionary.com.au/?utm_so...n=CampaignName
  10. Lodewijk16
    # AdwCleaner v2.101 - Verslag gemaakt op 21/12/2012 om 11:48:55 # Geactualiseerd op 16/12/2012 door Xplode # Besturingssysteem : Windows 7 Ultimate Service Pack 1 (32 bits) # Gebruiker : Ludo - PC_VAN_LUDO # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Ludo\Desktop\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** Map Verwijdert : C:\Program Files\Ask.com Map Verwijdert : C:\ProgramData\Trymedia Map Verwijdert : C:\Users\Ludo\AppData\Local\AskToolbar Map Verwijdert : C:\Users\Ludo\AppData\LocalLow\boost_interprocess Map Verwijdert : C:\Users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\Conduit Map Verwijdert : C:\Users\Ludo\AppData\Roaming\OpenCandy Map Verwijdert : C:\Users\Ludo\AppData\Roaming\pdfforge ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\Conduit Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\b Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v17.0.1 (nl) Profielnaam : default File : C:\Users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\prefs.js C:\Users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\user.js ... Verwijdert ! Verwijdert : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Verwijdert : user_pref("CT2438727.CTID", "CT2438727"); Verwijdert : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0"); Verwijdert : user_pref("CT2438727.CurrentServerDate", "11-8-2010"); Verwijdert : user_pref("CT2438727.DialogsAlignMode", "LTR"); Verwijdert : user_pref("CT2438727.DownloadReferralCookieData", ""); Verwijdert : user_pref("CT2438727.FirstServerDate", "26-6-2010"); Verwijdert : user_pref("CT2438727.FirstTime", true); Verwijdert : user_pref("CT2438727.FirstTimeFF3", true); Verwijdert : user_pref("CT2438727.FirstTimeSettingsDone", true); Verwijdert : user_pref("CT2438727.GroupingInvalidateCache", false); Verwijdert : user_pref("CT2438727.GroupingLastCheckTime", "0"); Verwijdert : user_pref("CT2438727.GroupingLastServerUpdateTime", "0"); Verwijdert : user_pref("CT2438727.GroupingServerCheckInterval", 1440); Verwijdert : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Verwijdert : user_pref("CT2438727.Initialize", true); Verwijdert : user_pref("CT2438727.InitializeCommonPrefs", true); Verwijdert : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3); Verwijdert : user_pref("CT2438727.InstalledDate", "Fri Jun 25 2010 23:27:10 GMT+0200 (Romance (zomertijd))"); Verwijdert : user_pref("CT2438727.InvalidateCache", false); Verwijdert : user_pref("CT2438727.IsGrouping", false); Verwijdert : user_pref("CT2438727.IsMulticommunity", false); Verwijdert : user_pref("CT2438727.IsOpenThankYouPage", true); Verwijdert : user_pref("CT2438727.IsOpenUninstallPage", true); Verwijdert : user_pref("CT2438727.LanguagePackLastCheckTime", "Wed Aug 11 2010 08:36:08 GMT+0200 (Romance (zomert[...] Verwijdert : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440); Verwijdert : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Verwijdert : user_pref("CT2438727.LastLogin_2.5.8.6", "Tue Jul 20 2010 19:20:57 GMT+0200 (Romance (zomertijd))"); Verwijdert : user_pref("CT2438727.LastLogin_2.7.1.3", "Wed Aug 11 2010 20:36:08 GMT+0200 (Romance (zomertijd))"); Verwijdert : user_pref("CT2438727.LatestVersion", "2.7.1.3"); Verwijdert : user_pref("CT2438727.Locale", "en"); Verwijdert : user_pref("CT2438727.LoginCache", 4); Verwijdert : user_pref("CT2438727.MCDetectTooltipHeight", "83"); Verwijdert : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Verwijdert : user_pref("CT2438727.MCDetectTooltipWidth", "295"); Verwijdert : user_pref("CT2438727.RadioLastCheckTime", "0"); Verwijdert : user_pref("CT2438727.RadioLastUpdateIPServer", "0"); Verwijdert : user_pref("CT2438727.RadioLastUpdateServer", "0"); Verwijdert : user_pref("CT2438727.SHRINK_TOOLBAR", 1); Verwijdert : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...] Verwijdert : user_pref("CT2438727.SearchFromAddressBarIsInit", true); Verwijdert : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...] Verwijdert : user_pref("CT2438727.SearchInNewTabEnabled", true); Verwijdert : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440); Verwijdert : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Wed Aug 11 2010 21:18:09 GMT+0200 (Romance (zome[...] Verwijdert : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Verwijdert : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Verwijdert : user_pref("CT2438727.SettingsCheckIntervalMin", 120); Verwijdert : user_pref("CT2438727.SettingsLastCheckTime", "Wed Aug 11 2010 19:43:46 GMT+0200 (Romance (zomertijd)[...] Verwijdert : user_pref("CT2438727.SettingsLastUpdate", "1280964427"); Verwijdert : user_pref("CT2438727.ThirdPartyComponentsInterval", 504); Verwijdert : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Tue Aug 10 2010 20:02:56 GMT+0200 (Romance (zo[...] Verwijdert : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1278548974"); Verwijdert : user_pref("CT2438727.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...] Verwijdert : user_pref("CT2438727.UserID", "UN28179037069844472"); Verwijdert : user_pref("CT2438727.ValidationData_Toolbar", 2); Verwijdert : user_pref("CT2438727.alertChannelId", "832836"); Verwijdert : user_pref("CT2438727.clientLogIsEnabled", false); Verwijdert : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Verwijdert : user_pref("CT2438727.myStuffEnabled", true); Verwijdert : user_pref("CT2438727.myStuffPublihserMinWidth", 400); Verwijdert : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Verwijdert : user_pref("CT2438727.myStuffServiceIntervalMM", 1440); Verwijdert : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Verwijdert : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Verwijdert : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...] Verwijdert : user_pref("CommunityToolbar.ToolbarsList", "CT2438727"); Verwijdert : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727"); Verwijdert : user_pref("CommunityToolbar.alert.alertInfoInterval", 60); Verwijdert : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Aug 11 2010 21:43:46 GMT+0200 (Roman[...] Verwijdert : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Verwijdert : user_pref("CommunityToolbar.alert.locale", "en"); Verwijdert : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Verwijdert : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Aug 11 2010 21:18:09 GMT+0200 (Romance ([...] Verwijdert : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1276093853"); Verwijdert : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Verwijdert : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Verwijdert : user_pref("CommunityToolbar.alert.showTrayIcon", false); Verwijdert : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Verwijdert : user_pref("CommunityToolbar.alert.userId", "{45b12261-5635-47f4-b643-fbc3ec92785f}"); Verwijdert : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Verwijdert : user_pref("browser.search.defaultenginename", "Search the web (Babylon)"); Verwijdert : user_pref("browser.search.order.1", "Search the web (Babylon)"); Verwijdert : user_pref("extensions.BabylonToolbar.admin", false); Verwijdert : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Verwijdert : user_pref("extensions.BabylonToolbar.babExt", ""); Verwijdert : user_pref("extensions.BabylonToolbar.babTrack", "affID=107763"); Verwijdert : user_pref("extensions.BabylonToolbar.bbDpng", 2); Verwijdert : user_pref("extensions.BabylonToolbar.dfltSrch", false); Verwijdert : user_pref("extensions.BabylonToolbar.hmpg", false); Verwijdert : user_pref("extensions.BabylonToolbar.id", "ce50de3d000000000000001167000000"); Verwijdert : user_pref("extensions.BabylonToolbar.instlDay", "15309"); Verwijdert : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Verwijdert : user_pref("extensions.BabylonToolbar.lastDP", 2); Verwijdert : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1723:45:22"); Verwijdert : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "8.0"); Verwijdert : user_pref("extensions.BabylonToolbar.newTab", true); Verwijdert : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb"); Verwijdert : user_pref("extensions.BabylonToolbar.noFFXTlbr", false); Verwijdert : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Verwijdert : user_pref("extensions.BabylonToolbar.propectorlck", 61342229); Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 1); Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 0); Verwijdert : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Verwijdert : user_pref("extensions.BabylonToolbar.ptch_0717", true); Verwijdert : user_pref("extensions.BabylonToolbar.smplGrp", "none"); Verwijdert : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Verwijdert : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Verwijdert : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17"); Verwijdert : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1723:45:22"); Verwijdert : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17"); -\\ Google Chrome v23.0.1271.97 File : C:\Users\Ludo\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [11598 octets] - [21/12/2012 11:48:55] ########## EOF - C:\AdwCleaner[s1].txt - [11659 octets] ########## - - - Updated - - - Probleem nog niet opgelost. In IE9 wordt ik in google omgeleid naar: http://worddictionary.com.au/?utm_source=aip&utm_medium=optional&utm_term=optional&utm_content=optional&utm_campaign=CampaignName
  11. Lodewijk16
    ComboFix 12-12-20.02 - Ludo 21-12-2012 11:11:37.3.4 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.3070.1856 [GMT 1:00] Gestart vanuit: c:\users\Ludo\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Ludo\Desktop\CFScript AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7} AV: McAfee VirusScan Enterprise *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC} SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A} SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-21 to 2012-12-21 )))))))))))))))))))))))))))))) . . 2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\Lieve\AppData\Local\temp 2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp 2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-21 07:46 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll 2012-12-21 07:46 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-21 00:04 . 2012-12-21 10:26 -------- d-----w- c:\users\Ludo\AppData\Local\temp 2012-12-20 21:35 . 2012-12-20 21:35 -------- d-----w- c:\program files\Leadtek 2012-12-20 21:25 . 2012-12-20 21:25 -------- d-----w- c:\programdata\PDF Architect 2012-12-20 13:24 . 2012-12-20 13:24 -------- d-----w- c:\program files\iPod 2012-12-20 13:24 . 2012-12-20 13:25 -------- d-----w- c:\program files\iTunes 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll 2012-12-20 13:19 . 2012-12-20 13:20 -------- d-----w- c:\program files\QuickTime 2012-12-20 13:17 . 2012-12-20 13:17 -------- d-----w- c:\program files\Bonjour 2012-12-17 19:08 . 2012-12-17 19:08 388096 ----a-r- c:\users\Ludo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-12-17 09:17 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX 2012-12-17 09:17 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL 2012-12-17 09:17 . 2012-12-17 09:18 -------- d-----w- c:\program files\PDFCreator 2012-12-14 18:01 . 2012-12-14 18:01 -------- d-----w- c:\programdata\Ad-Aware Antivirus 2012-12-14 17:58 . 2012-12-14 17:58 -------- d-----w- c:\programdata\Lavasoft 2012-12-14 17:58 . 2012-12-20 21:03 -------- d-----w- c:\program files\Ad-Aware Antivirus 2012-12-14 17:57 . 2012-12-14 17:57 44424 ----a-w- c:\windows\system32\sbbd.exe 2012-12-14 17:57 . 2012-12-14 17:57 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys 2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\program files\adawaretb 2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\program files\Toolbar Cleaner 2012-12-14 17:56 . 2012-12-15 21:34 -------- d-----w- c:\users\Ludo\AppData\Roaming\Ad-Aware Antivirus 2012-12-13 01:12 . 2012-12-13 01:13 -------- d-----w- c:\users\Ludo\AppData\Roaming\PDF Architect 2012-12-12 11:43 . 2012-11-22 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-12-10 23:39 . 2012-12-10 23:39 -------- d-----w- c:\users\Ludo\AppData\Roaming\APP_NAME_NON_STRING 2012-12-10 23:38 . 2012-10-28 17:32 88576 ----a-w- c:\windows\system32\pdfcmon.dll 2012-12-10 08:28 . 2012-12-10 08:28 122880 --sha-r- c:\windows\system32\C_1149W.dll 2012-12-07 08:03 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A799F2D-49BD-408D-B9FD-B7922F014CC0}\mpengine.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-15 21:38 . 2012-07-17 23:59 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-12-15 21:38 . 2012-07-17 23:19 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts 2012-10-16 07:39 . 2012-11-28 00:48 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-10 20:15 . 2012-10-10 20:15 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-10 20:15 . 2012-10-10 20:15 2574696 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-10 20:14 . 2012-10-10 20:14 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll 2012-10-10 20:14 . 2009-07-13 22:09 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll 2012-10-10 20:14 . 2012-10-10 20:14 17559912 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-10 20:14 . 2009-07-14 23:54 2428776 ----a-w- c:\windows\system32\nvapi.dll 2012-10-10 20:14 . 2012-10-10 20:14 7697768 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-10 20:14 . 2012-10-10 20:14 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-10 20:14 . 2012-10-10 20:14 19906920 ----a-w- c:\windows\system32\nvoglv32.dll 2012-10-10 20:14 . 2011-08-13 22:43 1009512 ----a-w- c:\windows\system32\nvdispco32.dll 2012-10-10 20:14 . 2012-10-10 20:14 6127464 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-10 20:14 . 2012-10-10 20:14 15309160 ----a-w- c:\windows\system32\nvd3dum.dll 2012-10-09 17:40 . 2012-11-14 12:21 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-10-09 17:40 . 2012-11-14 12:21 193536 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-10-03 16:58 . 2012-11-14 12:21 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-10-03 16:42 . 2012-11-14 12:21 52224 ----a-w- c:\windows\system32\nlaapi.dll 2012-10-03 16:42 . 2012-11-14 12:21 242176 ----a-w- c:\windows\system32\nlasvc.dll 2012-10-03 16:42 . 2012-11-14 12:21 175104 ----a-w- c:\windows\system32\netcorehc.dll 2012-10-03 16:42 . 2012-11-14 12:21 18944 ----a-w- c:\windows\system32\netevent.dll 2012-10-03 16:42 . 2012-11-14 12:21 156672 ----a-w- c:\windows\system32\ncsi.dll 2012-10-03 16:40 . 2012-11-14 12:21 499712 ----a-w- c:\windows\system32\iphlpsvc.dll 2012-10-03 15:21 . 2012-11-14 12:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-10-02 19:29 . 2010-10-16 11:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:29 . 2011-08-12 08:58 2557288 ----a-w- c:\windows\system32\nvsvcr.dll 2012-10-02 19:29 . 2010-10-16 11:42 108392 ----a-w- c:\windows\system32\nvmctray.dll 2012-10-02 19:29 . 2009-07-14 11:29 62312 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 19:29 . 2010-10-16 11:42 2853224 ----a-w- c:\windows\system32\nvsvc.dll 2012-10-02 19:28 . 2010-10-16 11:42 3965288 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\system32\nvStreaming.exe 2012-09-25 22:47 . 2012-11-14 12:21 78336 ----a-w- c:\windows\system32\synceng.dll 2012-09-24 21:16 . 2012-10-25 06:31 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 1999-06-25 07:55 . 2008-05-09 14:22 149504 ----a-w- c:\program files\UNWISE.EXE 2012-11-29 08:26 . 2012-12-05 22:52 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-28 39408] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-08-28 247768] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-06-04 2056192] "Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-10-03 161336] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2011-01-12 161088] "ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2011-09-14 215360] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544] . c:\users\Ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk] backup=c:\windows\pss\PDFCreator.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Ludo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk] backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter] 2007-04-03 16:50 1603152 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu] 2007-05-14 16:01 644696 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCUTRAYICON] 2007-06-27 09:18 215256 ----a-w- c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] 2010-11-20 12:17 144384 ----a-w- c:\windows\ehome\ehtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui] 2011-05-13 14:27 884584 ----a-w- c:\program files\Windows Live\Family Safety\fsui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2007-10-08 22:19 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2012-12-12 12:57 152544 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2011-05-13 15:03 4283256 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NMSSupport] 2007-06-27 09:14 439512 ----a-w- c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2012-10-02 19:28 3965288 ----a-w- c:\windows\System32\nvcpl.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2012-10-02 19:29 108392 ----a-w- c:\windows\System32\nvmctray.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc] 2012-10-02 19:29 2853224 ----a-w- c:\windows\System32\nvsvc.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4] 2007-02-04 11:02 79400 ----a-w- c:\program files\ScanSoft\OmniPageSE4\OpWareSE4.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2007-11-14 14:50 4706304 ----a-w- c:\windows\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] 2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher] 2007-02-09 13:54 16896 ----a-w- c:\program files\GoogleEULA\EULALauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService] 2007-10-19 16:42 155648 ----a-w- c:\program files\HomeCinema\TV Enhance\TVEService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter] 2010-11-20 12:20 859648 ----a-w- c:\windows\System32\OobeFldr.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2009-07-14 01:14 65024 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe] 2006-09-20 07:35 20480 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\WrtMon.exe . R2 gupdate1c9f90f25e0dfb8;Google Updateservice (gupdate1c9f90f25e0dfb8);c:\program files\Google\Update\GoogleUpdate.exe [x] R2 MSR Service;Virtual Disk Service Manager;c:\program files\Clarus\Samsung SecretZone\MSSvc.exe [x] R2 NMSCore;Intel® NMSCore;c:\program files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [x] R2 QualityManager;Intel® Quality Manager;c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [x] R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [x] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [x] R3 DHTRACE;Intel® DHTrace Controller;c:\program files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [x] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x] R3 netr28u;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr28u.sys [x] R3 OXSDIDRV_x32;Oxford Semi eSATA Filter (x32);c:\windows\system32\DRIVERS\OXSDIDRV_x32.sys [x] R3 OXUDIDRV;OXUDIDRV;c:\windows\system32\Drivers\OXUDIDRV_X32.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [x] R4 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] R4 MpKsl03370312;MpKsl03370312;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D65724E6-01F8-4B8A-BA77-189E6F21FD85}\MpKsl03370312.sys [x] R4 MpKsl035317aa;MpKsl035317aa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8D4B61E3-255E-4C75-AC01-B88E4320087E}\MpKsl035317aa.sys [x] R4 MpKsl0b7e66dc;MpKsl0b7e66dc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{27996703-9CDD-4146-B5F9-9DA9E80A824C}\MpKsl0b7e66dc.sys [x] R4 MpKsl1b904031;MpKsl1b904031;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKsl1b904031.sys [x] R4 MpKsl2d35253d;MpKsl2d35253d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2A3AB075-532A-4AB9-BA58-BDB9C9535599}\MpKsl2d35253d.sys [x] R4 MpKsl52d2512a;MpKsl52d2512a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKsl52d2512a.sys [x] R4 MpKsl75a794c6;MpKsl75a794c6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{94810CF2-A2C3-40AA-9318-2A6BD12F9F80}\MpKsl75a794c6.sys [x] R4 MpKsl75b08b33;MpKsl75b08b33;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D65724E6-01F8-4B8A-BA77-189E6F21FD85}\MpKsl75b08b33.sys [x] R4 MpKsl8cf43cdb;MpKsl8cf43cdb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F5A7877-AF4D-4AD7-808A-8C9581650AEC}\MpKsl8cf43cdb.sys [x] R4 MpKslc93cedb2;MpKslc93cedb2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKslc93cedb2.sys [x] R4 MpKsle580181c;MpKsle580181c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3B3F112D-17D8-4E3E-BCE5-9B1A6F11ADCE}\MpKsle580181c.sys [x] R4 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x] R4 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R4 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R4 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [x] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x] S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [x] S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x] S2 nmsunidr;UniDriver for NMS;c:\windows\system32\DRIVERS\nmsunidr.sys [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x] S2 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [x] S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - mfeavfk01 *Deregistered* - pavboot . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] GPSvcGroup REG_MULTI_SZ GPSvc . Inhoud van de 'Gedeelde Taken' map . 2012-12-20 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-18 21:55] . 2012-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:12] . 2012-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:12] . 2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2105529871-2663039784-3143822886-1001Core.job - c:\users\Ludo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 09:52] . 2012-12-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2105529871-2663039784-3143822886-1001UA.job - c:\users\Ludo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 09:52] . 2012-12-21 c:\windows\Tasks\USNLZSJ.job - c:\windows\system32\C_1149W.dll [2012-12-10 08:28] . . ------- Bijkomende Scan ------- . uStart Page = about:blank mSearch Bar = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 Trusted Zone: dexia.be Trusted Zone: dexia.be\directnet Trusted Zone: exact.nl Trusted Zone: exactonline.be Trusted Zone: exactonline.be\start Trusted Zone: fortuneo.be\www TCP: DhcpNameServer = 192.168.2.254 FF - ProfilePath - c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=F9A8E3AD7E1C78DC700BC3508F36C877 FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - ExtSQL: 2012-10-29 18:42; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2012-10-30 03:09; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack . - - - - ORPHANS VERWIJDERD - - - - . HKCU-Run-ISUSPM - c:\programdata\FLEXnet\Connect\11\ISUSPM.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync] "DisplayName"="Microsoft ActiveSync" "Name"="ActiveSync" "Order"=dword:00000001 "Param1"="ActiveSync" "State"=dword:00000013 "Type"="wellknown" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings] "Name"="IESettings" "Order"=dword:00000004 "State"=dword:00000003 "Type"="IESettings" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles] "Name"="MediaFiles" "Order"=dword:00000003 "State"=dword:00000003 "Type"="MediaFiles" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW] "Name"="NPW" "Order"=dword:00000002 "Param1"="NPW" "State"=dword:00000003 "Type"="wellknown" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook] "DisplayName"="Microsoft Outlook" "Name"="Outlook" "Order"=dword:00000000 "Param1"="Outlook" "State"=dword:00000020 "Type"="wellknown" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-12-21 11:31:08 ComboFix-quarantined-files.txt 2012-12-21 10:31 ComboFix2.txt 2012-12-21 00:10 ComboFix3.txt 2012-12-19 20:47 . Pre-Run: 85 380 571 136 bytes beschikbaar Post-Run: 85 327 106 048 bytes beschikbaar . - - End Of File - - D7803692BBDA61DEDE1CE46C00286CA2 - - - Updated - - - ComboFix 12-12-20.02 - Ludo 21-12-2012 11:11:37.3.4 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.3070.1856 [GMT 1:00] Gestart vanuit: c:\users\Ludo\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Ludo\Desktop\CFScript AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7} AV: McAfee VirusScan Enterprise *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC} SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A} SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-21 to 2012-12-21 )))))))))))))))))))))))))))))) . . 2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\Lieve\AppData\Local\temp 2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp 2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-21 07:46 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll 2012-12-21 07:46 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-21 00:04 . 2012-12-21 10:26 -------- d-----w- c:\users\Ludo\AppData\Local\temp 2012-12-20 21:35 . 2012-12-20 21:35 -------- d-----w- c:\program files\Leadtek 2012-12-20 21:25 . 2012-12-20 21:25 -------- d-----w- c:\programdata\PDF Architect 2012-12-20 13:24 . 2012-12-20 13:24 -------- d-----w- c:\program files\iPod 2012-12-20 13:24 . 2012-12-20 13:25 -------- d-----w- c:\program files\iTunes 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll 2012-12-20 13:19 . 2012-12-20 13:20 -------- d-----w- c:\program files\QuickTime 2012-12-20 13:17 . 2012-12-20 13:17 -------- d-----w- c:\program files\Bonjour 2012-12-17 19:08 . 2012-12-17 19:08 388096 ----a-r- c:\users\Ludo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-12-17 09:17 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX 2012-12-17 09:17 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL 2012-12-17 09:17 . 2012-12-17 09:18 -------- d-----w- c:\program files\PDFCreator 2012-12-14 18:01 . 2012-12-14 18:01 -------- d-----w- c:\programdata\Ad-Aware Antivirus 2012-12-14 17:58 . 2012-12-14 17:58 -------- d-----w- c:\programdata\Lavasoft 2012-12-14 17:58 . 2012-12-20 21:03 -------- d-----w- c:\program files\Ad-Aware Antivirus 2012-12-14 17:57 . 2012-12-14 17:57 44424 ----a-w- c:\windows\system32\sbbd.exe 2012-12-14 17:57 . 2012-12-14 17:57 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys 2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\program files\adawaretb 2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\program files\Toolbar Cleaner 2012-12-14 17:56 . 2012-12-15 21:34 -------- d-----w- c:\users\Ludo\AppData\Roaming\Ad-Aware Antivirus 2012-12-13 01:12 . 2012-12-13 01:13 -------- d-----w- c:\users\Ludo\AppData\Roaming\PDF Architect 2012-12-12 11:43 . 2012-11-22 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-12-10 23:39 . 2012-12-10 23:39 -------- d-----w- c:\users\Ludo\AppData\Roaming\APP_NAME_NON_STRING 2012-12-10 23:38 . 2012-10-28 17:32 88576 ----a-w- c:\windows\system32\pdfcmon.dll 2012-12-10 08:28 . 2012-12-10 08:28 122880 --sha-r- c:\windows\system32\C_1149W.dll 2012-12-07 08:03 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A799F2D-49BD-408D-B9FD-B7922F014CC0}\mpengine.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-15 21:38 . 2012-07-17 23:59 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-12-15 21:38 . 2012-07-17 23:19 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts 2012-10-16 07:39 . 2012-11-28 00:48 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-10 20:15 . 2012-10-10 20:15 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-10 20:15 . 2012-10-10 20:15 2574696 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-10 20:14 . 2012-10-10 20:14 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll 2012-10-10 20:14 . 2009-07-13 22:09 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll 2012-10-10 20:14 . 2012-10-10 20:14 17559912 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-10 20:14 . 2009-07-14 23:54 2428776 ----a-w- c:\windows\system32\nvapi.dll 2012-10-10 20:14 . 2012-10-10 20:14 7697768 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-10 20:14 . 2012-10-10 20:14 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-10 20:14 . 2012-10-10 20:14 19906920 ----a-w- c:\windows\system32\nvoglv32.dll 2012-10-10 20:14 . 2011-08-13 22:43 1009512 ----a-w- c:\windows\system32\nvdispco32.dll 2012-10-10 20:14 . 2012-10-10 20:14 6127464 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-10 20:14 . 2012-10-10 20:14 15309160 ----a-w- c:\windows\system32\nvd3dum.dll 2012-10-09 17:40 . 2012-11-14 12:21 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-10-09 17:40 . 2012-11-14 12:21 193536 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-10-03 16:58 . 2012-11-14 12:21 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-10-03 16:42 . 2012-11-14 12:21 52224 ----a-w- c:\windows\system32\nlaapi.dll 2012-10-03 16:42 . 2012-11-14 12:21 242176 ----a-w- c:\windows\system32\nlasvc.dll 2012-10-03 16:42 . 2012-11-14 12:21 175104 ----a-w- c:\windows\system32\netcorehc.dll 2012-10-03 16:42 . 2012-11-14 12:21 18944 ----a-w- c:\windows\system32\netevent.dll 2012-10-03 16:42 . 2012-11-14 12:21 156672 ----a-w- c:\windows\system32\ncsi.dll 2012-10-03 16:40 . 2012-11-14 12:21 499712 ----a-w- c:\windows\system32\iphlpsvc.dll 2012-10-03 15:21 . 2012-11-14 12:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-10-02 19:29 . 2010-10-16 11:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:29 . 2011-08-12 08:58 2557288 ----a-w- c:\windows\system32\nvsvcr.dll 2012-10-02 19:29 . 2010-10-16 11:42 108392 ----a-w- c:\windows\system32\nvmctray.dll 2012-10-02 19:29 . 2009-07-14 11:29 62312 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 19:29 . 2010-10-16 11:42 2853224 ----a-w- c:\windows\system32\nvsvc.dll 2012-10-02 19:28 . 2010-10-16 11:42 3965288 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\system32\nvStreaming.exe 2012-09-25 22:47 . 2012-11-14 12:21 78336 ----a-w- c:\windows\system32\synceng.dll 2012-09-24 21:16 . 2012-10-25 06:31 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 1999-06-25 07:55 . 2008-05-09 14:22 149504 ----a-w- c:\program files\UNWISE.EXE 2012-11-29 08:26 . 2012-12-05 22:52 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-28 39408] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-08-28 247768] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-06-04 2056192] "Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-10-03 161336] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2011-01-12 161088] "ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2011-09-14 215360] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544] . c:\users\Ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk] backup=c:\windows\pss\PDFCreator.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Ludo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk] backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter] 2007-04-03 16:50 1603152 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu] 2007-05-14 16:01 644696 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCUTRAYICON] 2007-06-27 09:18 215256 ----a-w- c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] 2010-11-20 12:17 144384 ----a-w- c:\windows\ehome\ehtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui] 2011-05-13 14:27 884584 ----a-w- c:\program files\Windows Live\Family Safety\fsui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2007-10-08 22:19 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2012-12-12 12:57 152544 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2011-05-13 15:03 4283256 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NMSSupport] 2007-06-27 09:14 439512 ----a-w- c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2012-10-02 19:28 3965288 ----a-w- c:\windows\System32\nvcpl.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2012-10-02 19:29 108392 ----a-w- c:\windows\System32\nvmctray.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc] 2012-10-02 19:29 2853224 ----a-w- c:\windows\System32\nvsvc.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4] 2007-02-04 11:02 79400 ----a-w- c:\program files\ScanSoft\OmniPageSE4\OpWareSE4.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2007-11-14 14:50 4706304 ----a-w- c:\windows\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] 2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher] 2007-02-09 13:54 16896 ----a-w- c:\program files\GoogleEULA\EULALauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService] 2007-10-19 16:42 155648 ----a-w- c:\program files\HomeCinema\TV Enhance\TVEService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter] 2010-11-20 12:20 859648 ----a-w- c:\windows\System32\OobeFldr.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2009-07-14 01:14 65024 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe] 2006-09-20 07:35 20480 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\WrtMon.exe . R2 gupdate1c9f90f25e0dfb8;Google Updateservice (gupdate1c9f90f25e0dfb8);c:\program files\Google\Update\GoogleUpdate.exe [x] R2 MSR Service;Virtual Disk Service Manager;c:\program files\Clarus\Samsung SecretZone\MSSvc.exe [x] R2 NMSCore;Intel® NMSCore;c:\program files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [x] R2 QualityManager;Intel® Quality Manager;c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [x] R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [x] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [x] R3 DHTRACE;Intel® DHTrace Controller;c:\program files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [x] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x] R3 netr28u;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr28u.sys [x] R3 OXSDIDRV_x32;Oxford Semi eSATA Filter (x32);c:\windows\system32\DRIVERS\OXSDIDRV_x32.sys [x] R3 OXUDIDRV;OXUDIDRV;c:\windows\system32\Drivers\OXUDIDRV_X32.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [x] R4 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] R4 MpKsl03370312;MpKsl03370312;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D65724E6-01F8-4B8A-BA77-189E6F21FD85}\MpKsl03370312.sys [x] R4 MpKsl035317aa;MpKsl035317aa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8D4B61E3-255E-4C75-AC01-B88E4320087E}\MpKsl035317aa.sys [x] R4 MpKsl0b7e66dc;MpKsl0b7e66dc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{27996703-9CDD-4146-B5F9-9DA9E80A824C}\MpKsl0b7e66dc.sys [x] R4 MpKsl1b904031;MpKsl1b904031;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKsl1b904031.sys [x] R4 MpKsl2d35253d;MpKsl2d35253d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2A3AB075-532A-4AB9-BA58-BDB9C9535599}\MpKsl2d35253d.sys [x] R4 MpKsl52d2512a;MpKsl52d2512a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKsl52d2512a.sys [x] R4 MpKsl75a794c6;MpKsl75a794c6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{94810CF2-A2C3-40AA-9318-2A6BD12F9F80}\MpKsl75a794c6.sys [x] R4 MpKsl75b08b33;MpKsl75b08b33;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D65724E6-01F8-4B8A-BA77-189E6F21FD85}\MpKsl75b08b33.sys [x] R4 MpKsl8cf43cdb;MpKsl8cf43cdb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F5A7877-AF4D-4AD7-808A-8C9581650AEC}\MpKsl8cf43cdb.sys [x] R4 MpKslc93cedb2;MpKslc93cedb2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKslc93cedb2.sys [x] R4 MpKsle580181c;MpKsle580181c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3B3F112D-17D8-4E3E-BCE5-9B1A6F11ADCE}\MpKsle580181c.sys [x] R4 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x] R4 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R4 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R4 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [x] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x] S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [x] S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x] S2 nmsunidr;UniDriver for NMS;c:\windows\system32\DRIVERS\nmsunidr.sys [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x] S2 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [x] S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - mfeavfk01 *Deregistered* - pavboot . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] GPSvcGroup REG_MULTI_SZ GPSvc . Inhoud van de 'Gedeelde Taken' map . 2012-12-20 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-18 21:55] . 2012-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:12] . 2012-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:12] . 2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2105529871-2663039784-3143822886-1001Core.job - c:\users\Ludo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 09:52] . 2012-12-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2105529871-2663039784-3143822886-1001UA.job - c:\users\Ludo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 09:52] . 2012-12-21 c:\windows\Tasks\USNLZSJ.job - c:\windows\system32\C_1149W.dll [2012-12-10 08:28] . . ------- Bijkomende Scan ------- . uStart Page = about:blank mSearch Bar = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 Trusted Zone: dexia.be Trusted Zone: dexia.be\directnet Trusted Zone: exact.nl Trusted Zone: exactonline.be Trusted Zone: exactonline.be\start Trusted Zone: fortuneo.be\www TCP: DhcpNameServer = 192.168.2.254 FF - ProfilePath - c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=F9A8E3AD7E1C78DC700BC3508F36C877 FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - ExtSQL: 2012-10-29 18:42; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2012-10-30 03:09; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack . - - - - ORPHANS VERWIJDERD - - - - . HKCU-Run-ISUSPM - c:\programdata\FLEXnet\Connect\11\ISUSPM.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync] "DisplayName"="Microsoft ActiveSync" "Name"="ActiveSync" "Order"=dword:00000001 "Param1"="ActiveSync" "State"=dword:00000013 "Type"="wellknown" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings] "Name"="IESettings" "Order"=dword:00000004 "State"=dword:00000003 "Type"="IESettings" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles] "Name"="MediaFiles" "Order"=dword:00000003 "State"=dword:00000003 "Type"="MediaFiles" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW] "Name"="NPW" "Order"=dword:00000002 "Param1"="NPW" "State"=dword:00000003 "Type"="wellknown" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook] "DisplayName"="Microsoft Outlook" "Name"="Outlook" "Order"=dword:00000000 "Param1"="Outlook" "State"=dword:00000020 "Type"="wellknown" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-12-21 11:31:08 ComboFix-quarantined-files.txt 2012-12-21 10:31 ComboFix2.txt 2012-12-21 00:10 ComboFix3.txt 2012-12-19 20:47 . Pre-Run: 85 380 571 136 bytes beschikbaar Post-Run: 85 327 106 048 bytes beschikbaar . - - End Of File - - D7803692BBDA61DEDE1CE46C00286CA2 - - - Updated - - - Oeps, had uw nieuw bericht nog niet gezien! Aangezien ik gisteren ComboFix had laten draaien zonder mijn virusscanner uit te schakelen, heb ik het opnieuw gedaan. Sorry! Zal nu ADWCleaner uitvoeren zoals u aangaf. Bedankt voor de hulp totnogtoe. Tot straks.
  12. Lodewijk16
    ComboFix 12-12-20.02 - Ludo 20-12-2012 23:09:53.2.4 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.3070.1820 [GMT 1:00] Gestart vanuit: c:\users\Ludo\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Ludo\Desktop\CFScript AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7} AV: McAfee VirusScan Enterprise *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC} SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A} SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt * Aanwezig AV is actief . . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\GEARDIFx.exe c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DIFxAPI.dll c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DifXInst32.exe c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DIFxInstallLog.txt c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\GEARAspi.dll c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\GEARAspiWDM.inf c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\gearaspiwdmx86.cat c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\x86\GEARAspiWDM.sys c:\programdata\blekko toolbars c:\programdata\blekko toolbars\toolbar.txt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-21 to 2012-12-21 )))))))))))))))))))))))))))))) . . 2012-12-21 00:04 . 2012-12-21 00:04 -------- d-----w- c:\users\Ludo\AppData\Local\temp 2012-12-21 00:04 . 2012-12-21 00:04 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-12-21 00:04 . 2012-12-21 00:04 -------- d-----w- c:\users\Lieve\AppData\Local\temp 2012-12-21 00:04 . 2012-12-21 00:04 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp 2012-12-21 00:04 . 2012-12-21 00:04 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-20 21:35 . 2012-12-20 21:35 -------- d-----w- c:\program files\Leadtek 2012-12-20 21:25 . 2012-12-20 21:25 -------- d-----w- c:\programdata\PDF Architect 2012-12-20 13:24 . 2012-12-20 13:24 -------- d-----w- c:\program files\iPod 2012-12-20 13:24 . 2012-12-20 13:25 -------- d-----w- c:\program files\iTunes 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll 2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll 2012-12-20 13:19 . 2012-12-20 13:20 -------- d-----w- c:\program files\QuickTime 2012-12-20 13:17 . 2012-12-20 13:17 -------- d-----w- c:\program files\Bonjour 2012-12-17 19:08 . 2012-12-17 19:08 388096 ----a-r- c:\users\Ludo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-12-17 09:17 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX 2012-12-17 09:17 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL 2012-12-17 09:17 . 2012-12-17 09:18 -------- d-----w- c:\program files\PDFCreator 2012-12-14 18:01 . 2012-12-14 18:01 -------- d-----w- c:\programdata\Ad-Aware Antivirus 2012-12-14 17:58 . 2012-12-14 17:58 -------- d-----w- c:\programdata\Lavasoft 2012-12-14 17:58 . 2012-12-20 21:03 -------- d-----w- c:\program files\Ad-Aware Antivirus 2012-12-14 17:57 . 2012-12-14 17:57 44424 ----a-w- c:\windows\system32\sbbd.exe 2012-12-14 17:57 . 2012-12-14 17:57 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys 2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\program files\adawaretb 2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\program files\Toolbar Cleaner 2012-12-14 17:56 . 2012-12-15 21:34 -------- d-----w- c:\users\Ludo\AppData\Roaming\Ad-Aware Antivirus 2012-12-13 01:12 . 2012-12-13 01:13 -------- d-----w- c:\users\Ludo\AppData\Roaming\PDF Architect 2012-12-12 11:43 . 2012-11-22 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-12-10 23:39 . 2012-12-10 23:39 -------- d-----w- c:\users\Ludo\AppData\Roaming\APP_NAME_NON_STRING 2012-12-10 23:38 . 2012-10-28 17:32 88576 ----a-w- c:\windows\system32\pdfcmon.dll 2012-12-10 08:28 . 2012-12-10 08:28 122880 --sha-r- c:\windows\system32\C_1149W.dll 2012-12-07 08:03 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A799F2D-49BD-408D-B9FD-B7922F014CC0}\mpengine.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-15 21:38 . 2012-07-17 23:59 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-12-15 21:38 . 2012-07-17 23:19 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts 2012-10-16 07:39 . 2012-11-28 00:48 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-10 20:15 . 2012-10-10 20:15 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-10 20:15 . 2012-10-10 20:15 2574696 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-10 20:14 . 2012-10-10 20:14 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll 2012-10-10 20:14 . 2009-07-13 22:09 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll 2012-10-10 20:14 . 2012-10-10 20:14 17559912 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-10 20:14 . 2009-07-14 23:54 2428776 ----a-w- c:\windows\system32\nvapi.dll 2012-10-10 20:14 . 2012-10-10 20:14 7697768 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-10 20:14 . 2012-10-10 20:14 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-10 20:14 . 2012-10-10 20:14 19906920 ----a-w- c:\windows\system32\nvoglv32.dll 2012-10-10 20:14 . 2011-08-13 22:43 1009512 ----a-w- c:\windows\system32\nvdispco32.dll 2012-10-10 20:14 . 2012-10-10 20:14 6127464 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-10 20:14 . 2012-10-10 20:14 15309160 ----a-w- c:\windows\system32\nvd3dum.dll 2012-10-09 17:40 . 2012-11-14 12:21 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-10-09 17:40 . 2012-11-14 12:21 193536 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-10-03 16:58 . 2012-11-14 12:21 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-10-03 16:42 . 2012-11-14 12:21 52224 ----a-w- c:\windows\system32\nlaapi.dll 2012-10-03 16:42 . 2012-11-14 12:21 242176 ----a-w- c:\windows\system32\nlasvc.dll 2012-10-03 16:42 . 2012-11-14 12:21 175104 ----a-w- c:\windows\system32\netcorehc.dll 2012-10-03 16:42 . 2012-11-14 12:21 18944 ----a-w- c:\windows\system32\netevent.dll 2012-10-03 16:42 . 2012-11-14 12:21 156672 ----a-w- c:\windows\system32\ncsi.dll 2012-10-03 16:40 . 2012-11-14 12:21 499712 ----a-w- c:\windows\system32\iphlpsvc.dll 2012-10-03 15:21 . 2012-11-14 12:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-10-02 19:29 . 2010-10-16 11:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:29 . 2011-08-12 08:58 2557288 ----a-w- c:\windows\system32\nvsvcr.dll 2012-10-02 19:29 . 2010-10-16 11:42 108392 ----a-w- c:\windows\system32\nvmctray.dll 2012-10-02 19:29 . 2009-07-14 11:29 62312 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 19:29 . 2010-10-16 11:42 2853224 ----a-w- c:\windows\system32\nvsvc.dll 2012-10-02 19:28 . 2010-10-16 11:42 3965288 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\system32\nvStreaming.exe 2012-09-25 22:47 . 2012-11-14 12:21 78336 ----a-w- c:\windows\system32\synceng.dll 2012-09-24 21:16 . 2012-10-25 06:31 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 1999-06-25 07:55 . 2008-05-09 14:22 149504 ----a-w- c:\program files\UNWISE.EXE 2012-12-05 22:52 . 2012-12-05 22:52 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-28 39408] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-08-28 247768] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-06-04 2056192] "Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-10-03 161336] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2011-01-12 161088] "ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2011-09-14 215360] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544] . c:\users\Ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler] "{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2010-06-22 202088] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk] backup=c:\windows\pss\PDFCreator.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Ludo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk] backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter] 2007-04-03 16:50 1603152 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu] 2007-05-14 16:01 644696 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCUTRAYICON] 2007-06-27 09:18 215256 ----a-w- c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] 2010-11-20 12:17 144384 ----a-w- c:\windows\ehome\ehtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui] 2011-05-13 14:27 884584 ----a-w- c:\program files\Windows Live\Family Safety\fsui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2007-10-08 22:19 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2012-12-12 12:57 152544 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2011-05-13 15:03 4283256 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NMSSupport] 2007-06-27 09:14 439512 ----a-w- c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2012-10-02 19:28 3965288 ----a-w- c:\windows\System32\nvcpl.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2012-10-02 19:29 108392 ----a-w- c:\windows\System32\nvmctray.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc] 2012-10-02 19:29 2853224 ----a-w- c:\windows\System32\nvsvc.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4] 2007-02-04 11:02 79400 ----a-w- c:\program files\ScanSoft\OmniPageSE4\OpWareSE4.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2007-11-14 14:50 4706304 ----a-w- c:\windows\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] 2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher] 2007-02-09 13:54 16896 ----a-w- c:\program files\GoogleEULA\EULALauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService] 2007-10-19 16:42 155648 ----a-w- c:\program files\HomeCinema\TV Enhance\TVEService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter] 2010-11-20 12:20 859648 ----a-w- c:\windows\System32\OobeFldr.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2009-07-14 01:14 65024 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe] 2006-09-20 07:35 20480 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\WrtMon.exe . R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] R1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [x] R1 MpKsl03370312;MpKsl03370312;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D65724E6-01F8-4B8A-BA77-189E6F21FD85}\MpKsl03370312.sys [x] R1 MpKsl035317aa;MpKsl035317aa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8D4B61E3-255E-4C75-AC01-B88E4320087E}\MpKsl035317aa.sys [x] R1 MpKsl0b7e66dc;MpKsl0b7e66dc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{27996703-9CDD-4146-B5F9-9DA9E80A824C}\MpKsl0b7e66dc.sys [x] R1 MpKsl1b904031;MpKsl1b904031;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKsl1b904031.sys [x] R1 MpKsl2d35253d;MpKsl2d35253d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2A3AB075-532A-4AB9-BA58-BDB9C9535599}\MpKsl2d35253d.sys [x] R1 MpKsl52d2512a;MpKsl52d2512a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKsl52d2512a.sys [x] R1 MpKsl75a794c6;MpKsl75a794c6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{94810CF2-A2C3-40AA-9318-2A6BD12F9F80}\MpKsl75a794c6.sys [x] R1 MpKsl75b08b33;MpKsl75b08b33;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D65724E6-01F8-4B8A-BA77-189E6F21FD85}\MpKsl75b08b33.sys [x] R1 MpKsl8cf43cdb;MpKsl8cf43cdb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F5A7877-AF4D-4AD7-808A-8C9581650AEC}\MpKsl8cf43cdb.sys [x] R1 MpKslc93cedb2;MpKslc93cedb2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKslc93cedb2.sys [x] R1 MpKsle580181c;MpKsle580181c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3B3F112D-17D8-4E3E-BCE5-9B1A6F11ADCE}\MpKsle580181c.sys [x] R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x] R2 gupdate1c9f90f25e0dfb8;Google Updateservice (gupdate1c9f90f25e0dfb8);c:\program files\Google\Update\GoogleUpdate.exe [x] R2 MSR Service;Virtual Disk Service Manager;c:\program files\Clarus\Samsung SecretZone\MSSvc.exe [x] R2 NMSCore;Intel® NMSCore;c:\program files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [x] R2 QualityManager;Intel® Quality Manager;c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [x] R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [x] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [x] R3 DHTRACE;Intel® DHTrace Controller;c:\program files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [x] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x] R3 netr28u;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr28u.sys [x] R3 OXSDIDRV_x32;Oxford Semi eSATA Filter (x32);c:\windows\system32\DRIVERS\OXSDIDRV_x32.sys [x] R3 OXUDIDRV;OXUDIDRV;c:\windows\system32\Drivers\OXUDIDRV_X32.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [x] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x] S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [x] S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x] S2 nmsunidr;UniDriver for NMS;c:\windows\system32\DRIVERS\nmsunidr.sys [x] S2 PDFProFiltSrv;PDFProFiltSrv;c:\program files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x] S2 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [x] S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - FSUSBEXDISK *Deregistered* - mfeavfk01 *Deregistered* - pavboot . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] GPSvcGroup REG_MULTI_SZ GPSvc . Inhoud van de 'Gedeelde Taken' map . 2012-12-20 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-18 21:55] . 2012-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:12] . 2012-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:12] . 2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2105529871-2663039784-3143822886-1001Core.job - c:\users\Ludo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 09:52] . 2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2105529871-2663039784-3143822886-1001UA.job - c:\users\Ludo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 09:52] . 2012-12-21 c:\windows\Tasks\USNLZSJ.job - c:\windows\system32\C_1149W.dll [2012-12-10 08:28] . . ------- Bijkomende Scan ------- . uStart Page = about:blank mSearch Bar = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 IE: Inhoud van geselecteerde koppelingen toevoegen aan bestaand PDF-bestand - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML IE: Koppelingsinhoud toevoegen aan bestaand PDF-bestand - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML IE: Openen in PDF Professional 6 - c:\program files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm IE: Openen met Nuance PDF Converter 6.0 - c:\program files\Nuance\PDF Professional 6\cnvres_dut.dll /100 IE: PDF-bestand maken - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML IE: PDF-bestand maken van koppelingsinhoud - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML IE: PDF-bestanden maken van geselecteerde koppelingen - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML IE: Toevoegen aan bestaand PDF-bestand - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML Trusted Zone: dexia.be Trusted Zone: dexia.be\directnet Trusted Zone: exact.nl Trusted Zone: exactonline.be Trusted Zone: exactonline.be\start Trusted Zone: fortuneo.be\www TCP: DhcpNameServer = 192.168.2.254 FF - ProfilePath - c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=F9A8E3AD7E1C78DC700BC3508F36C877 FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - ExtSQL: 2012-10-29 18:42; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2012-10-30 03:09; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack . - - - - ORPHANS VERWIJDERD - - - - . HKCU-Run-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync] "DisplayName"="Microsoft ActiveSync" "Name"="ActiveSync" "Order"=dword:00000001 "Param1"="ActiveSync" "State"=dword:00000013 "Type"="wellknown" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings] "Name"="IESettings" "Order"=dword:00000004 "State"=dword:00000003 "Type"="IESettings" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles] "Name"="MediaFiles" "Order"=dword:00000003 "State"=dword:00000003 "Type"="MediaFiles" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW] "Name"="NPW" "Order"=dword:00000002 "Param1"="NPW" "State"=dword:00000003 "Type"="wellknown" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook] "DisplayName"="Microsoft Outlook" "Name"="Outlook" "Order"=dword:00000000 "Param1"="Outlook" "State"=dword:00000020 "Type"="wellknown" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-12-21 01:10:39 ComboFix-quarantined-files.txt 2012-12-21 00:10 ComboFix2.txt 2012-12-19 20:47 . Pre-Run: 84 641 366 016 bytes beschikbaar Post-Run: 84 702 863 360 bytes beschikbaar . - - End Of File - - DE4EBCF9C327227E2FDE4AF5227AE229
  13. Lodewijk16
    Bij het heropstarten werd mij gevraagd om Smart File Advisor opnieuw te installeren. Mag dit?
  14. Lodewijk16
    ComboFix 12-12-19.02 - Ludo 19-12-2012 21:22:20.1.4 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.3070.1605 [GMT 1:00] Gestart vanuit: c:\users\Ludo\Desktop\ComboFix.exe AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Downloaded Installers c:\program files\Downloaded Installers\{ecbff841-a2af-4c89-88fd-d3576330775f}\setup.msi c:\program files\INSTALL.LOG c:\program files\WinPCap c:\programdata\ntuser.dat C:\UNWISE.EXE c:\users\Ludo\AppData\Roaming\.# c:\users\Ludo\AppData\Roaming\.#\MBX@A548@1CB28F8.### c:\users\Ludo\AppData\Roaming\.#\MBX@A548@1CB2928.### c:\users\Ludo\AppData\Roaming\.#\MBX@A548@1CB2958.### c:\windows\iun6002.exe c:\windows\system32\winspool.dll c:\windows\wininit.ini . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-19 to 2012-12-19 )))))))))))))))))))))))))))))) . . 2012-12-19 20:37 . 2012-12-19 20:37 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-12-19 20:37 . 2012-12-19 20:37 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp 2012-12-19 20:37 . 2012-12-19 20:37 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-17 19:08 . 2012-12-17 19:08 388096 ----a-r- c:\users\Ludo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-12-17 09:17 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX 2012-12-17 09:17 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL 2012-12-17 09:17 . 2012-12-17 09:18 -------- d-----w- c:\program files\PDFCreator 2012-12-14 18:01 . 2012-12-14 18:01 -------- d-----w- c:\programdata\Ad-Aware Antivirus 2012-12-14 17:58 . 2012-12-14 17:58 -------- d-----w- c:\programdata\Lavasoft 2012-12-14 17:58 . 2012-12-14 18:01 -------- d-----w- c:\program files\Ad-Aware Antivirus 2012-12-14 17:57 . 2012-12-14 17:57 44424 ----a-w- c:\windows\system32\sbbd.exe 2012-12-14 17:57 . 2012-12-14 17:57 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys 2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\programdata\blekko toolbars 2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\users\Ludo\AppData\Local\adawarebp 2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection 2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\program files\adawaretb 2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\program files\Toolbar Cleaner 2012-12-14 17:56 . 2012-12-15 21:34 -------- d-----w- c:\users\Ludo\AppData\Roaming\Ad-Aware Antivirus 2012-12-13 18:50 . 2012-12-13 18:50 -------- d-----w- c:\program files\CCleaner 2012-12-13 01:12 . 2012-12-13 01:13 -------- d-----w- c:\users\Ludo\AppData\Roaming\PDF Architect 2012-12-12 11:43 . 2012-11-22 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-12-10 23:39 . 2012-12-10 23:39 -------- d-----w- c:\users\Ludo\AppData\Roaming\APP_NAME_NON_STRING 2012-12-10 23:38 . 2012-12-10 23:39 -------- d-----w- c:\program files\PDF Architect 2012-12-10 23:38 . 2012-10-28 17:32 88576 ----a-w- c:\windows\system32\pdfcmon.dll 2012-12-10 08:28 . 2012-12-10 08:28 122880 --sha-r- c:\windows\system32\C_1149W.dll 2012-12-03 06:04 . 2012-12-03 06:04 -------- d-----w- c:\program files\iPod 2012-12-03 06:04 . 2012-12-03 06:05 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 2012-12-03 06:04 . 2012-12-03 06:05 -------- d-----w- c:\program files\iTunes . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-15 21:38 . 2012-07-17 23:59 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-12-15 21:38 . 2012-07-17 23:19 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-11-08 18:00 . 2012-12-07 08:03 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A799F2D-49BD-408D-B9FD-B7922F014CC0}\mpengine.dll 2012-10-16 07:39 . 2012-11-28 00:48 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-10 20:15 . 2012-10-10 20:15 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-10 20:15 . 2012-10-10 20:15 2574696 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-10 20:14 . 2012-10-10 20:14 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll 2012-10-10 20:14 . 2009-07-13 22:09 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll 2012-10-10 20:14 . 2012-10-10 20:14 17559912 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-10 20:14 . 2009-07-14 23:54 2428776 ----a-w- c:\windows\system32\nvapi.dll 2012-10-10 20:14 . 2012-10-10 20:14 7697768 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-10 20:14 . 2012-10-10 20:14 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-10 20:14 . 2012-10-10 20:14 19906920 ----a-w- c:\windows\system32\nvoglv32.dll 2012-10-10 20:14 . 2011-08-13 22:43 1009512 ----a-w- c:\windows\system32\nvdispco32.dll 2012-10-10 20:14 . 2012-10-10 20:14 6127464 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-10 20:14 . 2012-10-10 20:14 15309160 ----a-w- c:\windows\system32\nvd3dum.dll 2012-10-09 17:40 . 2012-11-14 12:21 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-10-09 17:40 . 2012-11-14 12:21 193536 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-10-03 16:58 . 2012-11-14 12:21 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-10-03 16:42 . 2012-11-14 12:21 52224 ----a-w- c:\windows\system32\nlaapi.dll 2012-10-03 16:42 . 2012-11-14 12:21 242176 ----a-w- c:\windows\system32\nlasvc.dll 2012-10-03 16:42 . 2012-11-14 12:21 175104 ----a-w- c:\windows\system32\netcorehc.dll 2012-10-03 16:42 . 2012-11-14 12:21 18944 ----a-w- c:\windows\system32\netevent.dll 2012-10-03 16:42 . 2012-11-14 12:21 156672 ----a-w- c:\windows\system32\ncsi.dll 2012-10-03 16:40 . 2012-11-14 12:21 499712 ----a-w- c:\windows\system32\iphlpsvc.dll 2012-10-03 15:21 . 2012-11-14 12:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-10-02 19:29 . 2010-10-16 11:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:29 . 2011-08-12 08:58 2557288 ----a-w- c:\windows\system32\nvsvcr.dll 2012-10-02 19:29 . 2010-10-16 11:42 108392 ----a-w- c:\windows\system32\nvmctray.dll 2012-10-02 19:29 . 2009-07-14 11:29 62312 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 19:29 . 2010-10-16 11:42 2853224 ----a-w- c:\windows\system32\nvsvc.dll 2012-10-02 19:28 . 2010-10-16 11:42 3965288 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\system32\nvStreaming.exe 2012-09-29 18:54 . 2011-06-25 08:12 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-25 22:47 . 2012-11-14 12:21 78336 ----a-w- c:\windows\system32\synceng.dll 2012-09-24 21:16 . 2012-10-25 06:31 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 1999-06-25 07:55 . 2008-05-09 14:22 149504 ----a-w- c:\program files\UNWISE.EXE 2012-12-05 22:52 . 2012-12-05 22:52 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{237EB6DA-3FEA-4DD2-8A61-A901B5C489D7}] 2011-04-20 13:25 605888 ----a-w- c:\program files\GhosteryIEplugin\GhosteryBrowserHelperObject.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}] 2012-11-22 16:05 91784 ----a-w- c:\program files\PDF Architect\PDFIEHelper.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{25A3A431-30BB-47C8-AD6A-E1063801134F}"= "c:\program files\PDF Architect\PDFIEPlugin.dll" [2012-11-22 731784] . [HKEY_CLASSES_ROOT\clsid\{25a3a431-30bb-47c8-ad6a-e1063801134f}] [HKEY_CLASSES_ROOT\PDFArchitectIEPlugin.PDFIEConverter.1] [HKEY_CLASSES_ROOT\TypeLib\{78D9250B-1DEB-4469-9B35-591AB7D41CAA}] [HKEY_CLASSES_ROOT\PDFArchitectIEPlugin.PDFIEConverter] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-06-30 04:19 94208 ----a-w- c:\users\Ludo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-06-30 04:19 94208 ----a-w- c:\users\Ludo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-06-30 04:19 94208 ----a-w- c:\users\Ludo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-28 39408] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-08-28 247768] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] "Spotify Web Helper"="c:\users\Ludo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-06-22 932528] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Ad-Aware Antivirus"="c:\program files\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-06-04 2056192] "Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-10-03 161336] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240] "Smart File Advisor"="c:\program files\Smart File Advisor\sfa.exe" [2011-04-04 280824] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888] "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2011-01-12 161088] "ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2011-09-14 215360] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-11-28 151952] "Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-11-16 542104] . c:\users\Ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Ludo\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-8-27 26924984] OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler] "{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2010-06-22 202088] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service] @="Ad-Aware Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk] backup=c:\windows\pss\PDFCreator.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Ludo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk] backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] ????????????????????????e [?] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center] ???????????????e [?] HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beidsystemtray . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter] 2007-04-03 16:50 1603152 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu] 2007-05-14 16:01 644696 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCUTRAYICON] 2007-06-27 09:18 215256 ----a-w- c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] 2010-11-20 12:17 144384 ----a-w- c:\windows\ehome\ehtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui] 2011-05-13 14:27 884584 ----a-w- c:\program files\Windows Live\Family Safety\fsui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2007-10-08 22:19 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2012-11-28 23:49 151952 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2011-05-13 15:03 4283256 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NMSSupport] 2007-06-27 09:14 439512 ----a-w- c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2012-10-02 19:28 3965288 ----a-w- c:\windows\System32\nvcpl.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2012-10-02 19:29 108392 ----a-w- c:\windows\System32\nvmctray.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc] 2012-10-02 19:29 2853224 ----a-w- c:\windows\System32\nvsvc.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4] 2007-02-04 11:02 79400 ----a-w- c:\program files\ScanSoft\OmniPageSE4\OpWareSE4.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2007-11-14 14:50 4706304 ----a-w- c:\windows\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] 2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher] 2007-02-09 13:54 16896 ----a-w- c:\program files\GoogleEULA\EULALauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService] 2007-10-19 16:42 155648 ----a-w- c:\program files\HomeCinema\TV Enhance\TVEService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter] 2010-11-20 12:20 859648 ----a-w- c:\windows\System32\OobeFldr.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2009-07-14 01:14 65024 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe] 2006-09-20 07:35 20480 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\WrtMon.exe . R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] R1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [x] R1 MpKsl03370312;MpKsl03370312;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D65724E6-01F8-4B8A-BA77-189E6F21FD85}\MpKsl03370312.sys [x] R1 MpKsl035317aa;MpKsl035317aa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8D4B61E3-255E-4C75-AC01-B88E4320087E}\MpKsl035317aa.sys [x] R1 MpKsl0b7e66dc;MpKsl0b7e66dc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{27996703-9CDD-4146-B5F9-9DA9E80A824C}\MpKsl0b7e66dc.sys [x] R1 MpKsl1b904031;MpKsl1b904031;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKsl1b904031.sys [x] R1 MpKsl2d35253d;MpKsl2d35253d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2A3AB075-532A-4AB9-BA58-BDB9C9535599}\MpKsl2d35253d.sys [x] R1 MpKsl52d2512a;MpKsl52d2512a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKsl52d2512a.sys [x] R1 MpKsl75a794c6;MpKsl75a794c6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{94810CF2-A2C3-40AA-9318-2A6BD12F9F80}\MpKsl75a794c6.sys [x] R1 MpKsl75b08b33;MpKsl75b08b33;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D65724E6-01F8-4B8A-BA77-189E6F21FD85}\MpKsl75b08b33.sys [x] R1 MpKsl8cf43cdb;MpKsl8cf43cdb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F5A7877-AF4D-4AD7-808A-8C9581650AEC}\MpKsl8cf43cdb.sys [x] R1 MpKslc93cedb2;MpKslc93cedb2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKslc93cedb2.sys [x] R1 MpKsle580181c;MpKsle580181c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3B3F112D-17D8-4E3E-BCE5-9B1A6F11ADCE}\MpKsle580181c.sys [x] R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x] R2 gupdate1c9f90f25e0dfb8;Google Updateservice (gupdate1c9f90f25e0dfb8);c:\program files\Google\Update\GoogleUpdate.exe [x] R2 NMSCore;Intel® NMSCore;c:\program files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [x] R2 QualityManager;Intel® Quality Manager;c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x] R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [x] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [x] R3 DHTRACE;Intel® DHTrace Controller;c:\program files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [x] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x] R3 netr28u;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr28u.sys [x] R3 OXSDIDRV_x32;Oxford Semi eSATA Filter (x32);c:\windows\system32\DRIVERS\OXSDIDRV_x32.sys [x] R3 OXUDIDRV;OXUDIDRV;c:\windows\system32\Drivers\OXUDIDRV_X32.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [x] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x] S1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [x] S2 Ad-Aware Service;Ad-Aware Service;c:\program files\Ad-Aware Antivirus\AdAwareService.exe [x] S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [x] S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x] S2 MSR Service;Virtual Disk Service Manager;c:\program files\Clarus\Samsung SecretZone\MSSvc.exe [x] S2 nmsunidr;UniDriver for NMS;c:\windows\system32\DRIVERS\nmsunidr.sys [x] S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [x] S2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [x] S2 PDFProFiltSrv;PDFProFiltSrv;c:\program files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [x] S2 SBAMSvc;Ad-Aware;c:\program files\Ad-Aware Antivirus\SBAMSvc.exe [x] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x] S2 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [x] S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL *Deregistered* - mfeavfk01 *Deregistered* - pavboot . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] GPSvcGroup REG_MULTI_SZ GPSvc . Inhoud van de 'Gedeelde Taken' map . 2012-12-19 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-18 21:55] . 2012-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:12] . 2012-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:12] . 2012-12-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2105529871-2663039784-3143822886-1001Core.job - c:\users\Ludo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 09:52] . 2012-12-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2105529871-2663039784-3143822886-1001UA.job - c:\users\Ludo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 09:52] . 2012-12-19 c:\windows\Tasks\USNLZSJ.job - c:\windows\system32\C_1149W.dll [2012-12-10 08:28] . . ------- Bijkomende Scan ------- . uStart Page = about:blank mSearch Bar = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 IE: Inhoud van geselecteerde koppelingen toevoegen aan bestaand PDF-bestand - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML IE: Koppelingsinhoud toevoegen aan bestaand PDF-bestand - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML IE: Openen in PDF Professional 6 - c:\program files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm IE: Openen met Nuance PDF Converter 6.0 - c:\program files\Nuance\PDF Professional 6\cnvres_dut.dll /100 IE: PDF-bestand maken - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML IE: PDF-bestand maken van koppelingsinhoud - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML IE: PDF-bestanden maken van geselecteerde koppelingen - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML IE: Toevoegen aan bestaand PDF-bestand - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML IE: {{237EB6DA-3FEA-4DD2-8A61-A901B5C489D7} - {237EB6DA-3FEA-4DD2-8A61-A901B5C489D7} - c:\program files\GhosteryIEplugin\GhosteryBrowserHelperObject.dll Trusted Zone: dexia.be Trusted Zone: dexia.be\directnet Trusted Zone: exact.nl Trusted Zone: exactonline.be Trusted Zone: exactonline.be\start Trusted Zone: fortuneo.be\www TCP: DhcpNameServer = 192.168.2.254 FF - ProfilePath - c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=F9A8E3AD7E1C78DC700BC3508F36C877 FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - ExtSQL: 2012-10-29 18:42; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2012-10-30 03:09; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack FF - ExtSQL: 2012-12-11 00:38; FFPDFArchitectConverter@pdfarchitect.com; c:\program files\PDF Architect\FFPDFArchitectExt FF - user.js: extensions.BabylonToolbar_i.id - ce50de3d000000000000001167000000 FF - user.js: extensions.BabylonToolbar_i.hardId - ce50de3d000000000000001167000000 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15309 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1723:45 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=107763 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - (no file) WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) MSConfigStartUp-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe MSConfigStartUp-GrooveMonitor - c:\program files\Microsoft Office\Office12\GrooveMonitor.exe MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre1.6.0_06\bin\jusched.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync] "DisplayName"="Microsoft ActiveSync" "Name"="ActiveSync" "Order"=dword:00000001 "Param1"="ActiveSync" "State"=dword:00000013 "Type"="wellknown" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings] "Name"="IESettings" "Order"=dword:00000004 "State"=dword:00000003 "Type"="IESettings" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles] "Name"="MediaFiles" "Order"=dword:00000003 "State"=dword:00000003 "Type"="MediaFiles" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW] "Name"="NPW" "Order"=dword:00000002 "Param1"="NPW" "State"=dword:00000003 "Type"="wellknown" . [HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook] "DisplayName"="Microsoft Outlook" "Name"="Outlook" "Order"=dword:00000000 "Param1"="Outlook" "State"=dword:00000020 "Type"="wellknown" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(1740) c:\users\Ludo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll c:\program files\Stardock\Fences\FencesMenu.dll c:\program files\stardock\fences\DesktopDock.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\NVIDIA Corporation\Display\nvxdsync.exe c:\windows\system32\nvvsvc.exe c:\windows\system32\rundll32.exe c:\windows\system32\taskhost.exe c:\program files\Core Temp\Core Temp.exe c:\program files\Intel\IntelDH\CCU\AlertService.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe c:\program files\McAfee\Common Framework\FrameworkService.exe c:\program files\McAfee\VirusScan Enterprise\VsTskMgr.exe c:\program files\McAfee\VirusScan Enterprise\mfeann.exe c:\windows\system32\conhost.exe c:\program files\McAfee\Common Framework\naPrdMgr.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Common Files\McAfee\SystemCore\mcshield.exe c:\windows\System32\WUDFHost.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe c:\windows\system32\DllHost.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Voltooingstijd: 2012-12-19 21:47:58 - machine werd herstart ComboFix-quarantined-files.txt 2012-12-19 20:47 . Pre-Run: 81 787 064 320 bytes beschikbaar Post-Run: 81 789 259 776 bytes beschikbaar . - - End Of File - - 0CBBDA728BD22DC8FE392D6014D764CC Bij Firefox doet het probleem zich momenteel niet meer voor. Bij IE9 is het probleem wel nog aanwezig. Met dank voor uw verdere hulp. - - - Updated - - - Bij Firefox doet het probleem zich opnieuw voor...
  15. Lodewijk16
    Ook naar volgende webpagina's wordt ik nog altijd omgeleid: English Dictionary - WordDictionary.co.uk http://freesearchquick.com/search.php?q=floralux&sid=152876&sa=54&p=1&s=36164&qt=1355865069&q=floralux&rf=http%3A%2F%2Fwww.google.be Google music.pinempire.com http://avatraffic.com/check.php?t=49828b58eb64f0f8977c7d8a0b1a23f5&sid=349 http://www.****splayground.com/ Normaal is dit niet meer...
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.