Ga naar inhoud

Nginx-meldingen


Aanbevolen berichten

  • Reacties 38
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Ah. Misschien is dit hem, in de map van ComboFix op de C-schijf. Hier is ie dan:

ComboFix 12-07-21.01 - Erik 23-07-2012 14:03:55.3.2 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.4092.2748 [GMT 2:00]

Gestart vanuit: C:\Users\Erik\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchquWebSearch.xml

C:\Program Files (x86)\Uninstall.exe

C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\searchplugins\SearchquWebSearch.xml

C:\Windows\iun6002.exe

(((((((((((((((((((( Bestanden Gemaakt van 2012-06-23 to 2012-07-23 ))))))))))))))))))))))))))))))

2012-07-23 12:13:24 . 2012-07-23 12:13:24 -------- d-----w- C:\Users\Public\AppData\Local\temp

2012-07-23 12:13:24 . 2012-07-23 12:13:24 -------- d-----w- C:\Users\Default\AppData\Local\temp

2012-07-23 12:13:24 . 2012-07-23 12:13:24 -------- d-----w- C:\Users\Administrator\AppData\Local\temp

2012-07-22 08:23:22 . 2012-07-22 08:23:22 388096 ----a-r- C:\Users\Erik\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-07-22 08:23:22 . 2012-07-22 08:23:22 -------- d-----w- C:\Program Files (x86)\Trend Micro

2012-07-16 08:45:31 . 2012-07-16 08:45:31 -------- d-----w- C:\Program Files (x86)\Oracle

2012-07-14 08:30:24 . 2012-07-14 08:30:24 -------- d-----w- C:\Users\Erik\AppData\Local\AVG Secure Search

2012-07-14 08:29:51 . 2012-07-14 08:30:05 -------- d-----w- C:\ProgramData\AVG Secure Search

2012-07-14 08:29:49 . 2012-07-16 08:22:24 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search

2012-07-14 08:29:49 . 2012-07-14 08:30:04 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

2012-07-14 08:28:52 . 2012-07-14 08:28:52 -------- d-----w- C:\Windows\SysWow64\drivers\AVG

2012-07-14 08:28:15 . 2012-07-23 09:08:50 -------- d-----w- C:\Windows\system32\drivers\AVG

2012-07-14 08:09:01 . 2012-07-14 08:09:02 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi

2012-07-11 17:42:01 . 2012-06-12 03:02:52 3147264 ----a-w- C:\Windows\system32\win32k.sys

2012-07-11 06:46:58 . 2012-06-06 05:50:50 2003968 ----a-w- C:\Windows\system32\msxml6.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-07-11 17:38:47 . 2010-02-15 09:11:00 59701280 ----a-w- C:\Windows\system32\MRT.exe

2012-07-05 20:06:30 . 2012-06-01 14:57:32 772544 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-07-05 20:06:20 . 2010-04-30 06:48:26 687544 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-07-03 11:46:44 . 2012-06-13 14:40:57 24904 ----a-w- C:\Windows\system32\drivers\mbam.sys

2012-06-23 07:27:30 . 2012-06-23 07:27:45 19736 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-06-02 22:19:46 . 2012-06-23 08:27:59 38424 ----a-w- C:\Windows\system32\wups.dll

2012-06-02 22:19:43 . 2012-06-23 08:28:20 2428952 ----a-w- C:\Windows\system32\wuaueng.dll

2012-06-02 22:19:42 . 2012-06-23 08:28:21 57880 ----a-w- C:\Windows\system32\wuauclt.exe

2012-06-02 22:19:42 . 2012-06-23 08:28:21 44056 ----a-w- C:\Windows\system32\wups2.dll

2012-06-02 22:19:23 . 2012-06-23 08:27:59 701976 ----a-w- C:\Windows\system32\wuapi.dll

2012-06-02 22:15:31 . 2012-06-23 08:28:20 2622464 ----a-w- C:\Windows\system32\wucltux.dll

2012-06-02 22:15:08 . 2012-06-23 08:27:59 99840 ----a-w- C:\Windows\system32\wudriver.dll

2012-06-02 13:19:42 . 2012-06-23 08:27:43 186752 ----a-w- C:\Windows\system32\wuwebv.dll

2012-06-02 13:15:12 . 2012-06-23 08:27:43 36864 ----a-w- C:\Windows\system32\wuapp.exe

2012-05-08 17:02:23 . 2012-06-08 14:59:48 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{39AAABF1-2C9B-49D1-A41B-9E05587D2894}\mpengine.dll

2012-05-04 10:52:22 . 2012-06-13 13:16:57 5505392 ----a-w- C:\Windows\system32\ntoskrnl.exe

2012-05-04 10:08:16 . 2012-06-13 13:16:55 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-04 10:08:15 . 2012-06-13 13:16:56 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-05-02 05:32:43 . 2012-06-13 13:16:50 208896 ----a-w- C:\Windows\system32\profsvc.dll

2012-04-28 03:50:40 . 2012-06-13 13:16:29 204800 ----a-w- C:\Windows\system32\drivers\rdpwd.sys

2012-04-26 05:34:38 . 2012-06-13 13:17:05 76288 ----a-w- C:\Windows\system32\rdpwsx.dll

2012-04-26 05:34:37 . 2012-06-13 13:17:05 149504 ----a-w- C:\Windows\system32\rdpcorekmts.dll

2012-04-26 05:28:32 . 2012-06-13 13:17:03 9216 ----a-w- C:\Windows\system32\rdrmemptylst.exe

2010-06-15 01:54:36 . 2010-06-15 01:54:36 153008 ----a-w- C:\Program Files (x86)\fraps64.dll

2010-06-15 01:54:34 . 2010-06-15 01:54:34 206768 ----a-w- C:\Program Files (x86)\fraps32.dll

2010-06-15 01:54:32 . 2010-06-15 01:54:32 74672 ----a-w- C:\Program Files (x86)\fraps64.dat

2010-06-15 01:54:22 . 2010-06-15 01:54:22 2320304 ----a-w- C:\Program Files (x86)\fraps.exe

2010-06-15 01:46:32 . 2010-06-15 01:46:32 163840 ----a-w- C:\Program Files (x86)\frapslcd.dll

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

2012-04-11 20:08:22 87440 ----a-w- C:\Program Files (x86)\adawaretb\adawareDx.dll

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-07-14 08:29:49 2074208 ----a-w- C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "C:\Program Files (x86)\adawaretb\adawareDx.dll" [2012-04-11 20:08:22 87440]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-14 08:29:49 2074208]

[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 12:25:58 2363392]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-07-14 01:39:41 1475072]

"HPADVISOR"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 14:26:44 1685048]

"RGSC"="C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 13:35:36 305064]

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-17 09:48:58 39408]

"Steam"="C:\Program Files (x86)\Steam\steam.exe" [2011-08-02 08:34:14 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 21:17:16 98304]

"HPCam_Menu"="c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-19 21:16:16 222504]

"QlbCtrl.exe"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 12:19:48 323640]

"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 16:10:28 35696]

"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" [2009-09-02 11:00:00 60464]

"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 13:50:04 54576]

"WirelessAssistant"="C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 11:47:08 500792]

"VirtualCloneDrive"="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 13:33:08 89456]

"Ad-Aware Browsing Protection"="C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 09:09:36 198032]

"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 10:29:26 1996200]

"AVG_TRAY"="C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 03:12:34 2587008]

"vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe" [2012-07-14 08:29:49 1107552]

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 09:07:54 252296]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\

Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

R0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [2010-02-22 10:15:59 868848]

R1 SBRE;SBRE;C:\Windows\system32\drivers\SBREdrv.sys [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576]

R2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 09:55:54 135664]

R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-05-03 06:31:10 158856]

R3 dump_wmimmc;dump_wmimmc;C:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys [x]

R3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 09:55:54 135664]

R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-21 03:39:22 140712]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 20:35:28 5434368]

R3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des [x]

R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 21:01:11 292864]

R3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 21:01:11 1485312]

R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 21:01:11 740864]

R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-15 14:38:12 1255736]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys [2009-06-10 20:35:33 389120]

S0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys [2012-04-19 02:50:26 28480]

S0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 02:46:48 36944]

S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys [2012-02-22 03:25:32 289872]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 11:32:14 47696]

S1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys [2012-03-19 03:17:26 383808]

S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 00:07:22 59904]

S2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 21:42:58 89600]

S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [2009-08-05 04:44:56 203264]

S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 15:25:54 5160568]

S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 02:53:38 193288]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 10:29:24 2369960]

S2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe [2009-07-08 12:49:02 30520]

S2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-07-14 08:29:50 935008]

S3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 11:31:58 124496]

S3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 11:32:04 29776]

S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 12:21:32 227896]

S3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 18:17:00 70656]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 06:52:30 215040]

S3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys [2009-03-09 05:49:08 36408]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 00:07:28 17920]

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-08-20 12:24:06 451872 ----a-w- C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe

Inhoud van de 'Gedeelde Taken' map

2012-07-23 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 09:56:01 . 2010-08-17 09:55:54]

2012-07-23 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 09:56:01 . 2010-08-17 09:55:54]

2012-07-21 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3138168355-341146757-651766743-1001Core.job

- C:\Users\Erik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-23 13:52:52 . 2012-03-28 11:52:50]

2012-07-23 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3138168355-341146757-651766743-1001UA.job

- C:\Users\Erik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-23 13:52:52 . 2012-03-28 11:52:50]

2012-07-16 C:\Windows\Tasks\HPCeeScheduleForErik.job

- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22:28 . 2009-10-07 03:22:28]

--------- X64 Entries -----------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [2009-07-22 01:33:32 450048]

"SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 08:48:50 610872]

"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-11-27 23:02:16 171520]

------- Bijkomende Scan -------

uStart Page = hxxp://www.lauwerscollege.nl/

uLocal Page = C:\Windows\system32\blank.htm

mLocal Page = C:\Windows\SysWOW64\blank.htm

IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll

FF - ProfilePath - C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2865317&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_1&u=AFBB9A88CC87736C2EF0A64FD4E5DFBC

FF - prefs.js: keyword.URL - hxxp://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p=

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

- - - - ORPHANS VERWIJDERD - - - -

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

HKLM-Run-SynTPEnh - C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-Adobe Shockwave Player - C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-EasyBits Magic Desktop - C:\Windows\system32\ezMDUninstall.exe

AddRemove-Fraps - C:\Program Files (x86)\uninstall.exe

AddRemove-SAMSUNG CDMA Modem - C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe

AddRemove-SAMSUNG Mobile USB Modem - C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe

AddRemove-SAMSUNG Mobile USB Modem 1.0 - C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe

Link naar reactie
Delen op andere sites

Heb je de AdAware als virusscanner ingesteld (naast je andere scanner AVG) ? Dan zouden die beiden wel eens voor vertraging kunnen zorgen door elkaar tegen te werken. Best maar één actieve scanner installeren en de andere verwijderen.

Link naar reactie
Delen op andere sites

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

C:\Program Files (x86)\adawaretb

C:\ProgramData\Ad-Aware Browsing Protection

Registry::

[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"=-

[-HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Ad-Aware Browsing Protection"=-

Firefox::

FF - ProfilePath - C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\

FF - prefs.js: browser.search.defaulturl -

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites

Blijkbaar ging ComboFix nog door. Hij heeft weer een log geproduceerd, dus mijn vorige post is overbodig. Hierbij de log:

ComboFix 12-07-21.01 - Erik 23-07-2012 18:57:21.4.2 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.4092.2548 [GMT 2:00]

Gestart vanuit: c:\users\Erik\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Erik\Desktop\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\adawaretb

c:\program files (x86)\adawaretb\adawareDx.dll

c:\program files (x86)\adawaretb\adawaretb.dll

c:\program files (x86)\adawaretb\adawaretb.xml

c:\program files (x86)\adawaretb\chrome\content\custom.js

c:\program files (x86)\adawaretb\chrome\content\lib\about.xml

c:\program files (x86)\adawaretb\chrome\content\lib\dtxpanel.xul

c:\program files (x86)\adawaretb\chrome\content\lib\dtxpaneltransparent.xul

c:\program files (x86)\adawaretb\chrome\content\lib\dtxpanelwin.xul

c:\program files (x86)\adawaretb\chrome\content\lib\dtxprefwin.xul

c:\program files (x86)\adawaretb\chrome\content\lib\dtxtransparentwin.xul

c:\program files (x86)\adawaretb\chrome\content\lib\dtxwin.xul

c:\program files (x86)\adawaretb\chrome\content\lib\emailnotifierproviders.xml

c:\program files (x86)\adawaretb\chrome\content\lib\external.js

c:\program files (x86)\adawaretb\chrome\content\lib\neterror.xhtml

c:\program files (x86)\adawaretb\chrome\content\lib\rsspreview.html

c:\program files (x86)\adawaretb\chrome\content\lib\rsswin.xml

c:\program files (x86)\adawaretb\chrome\content\lib\rsswin.xsl

c:\program files (x86)\adawaretb\chrome\content\modules\datastore.jsm

c:\program files (x86)\adawaretb\chrome\content\modules\nsDragAndDrop.js

c:\program files (x86)\adawaretb\chrome\content\newtab\images\bullet.gif

c:\program files (x86)\adawaretb\chrome\content\newtab\images\field_bg.gif

c:\program files (x86)\adawaretb\chrome\content\newtab\images\powered_by_yahoo.gif

c:\program files (x86)\adawaretb\chrome\content\newtab\newtab.html

c:\program files (x86)\adawaretb\chrome\content\preferences.xml

c:\program files (x86)\adawaretb\chrome\content\toolbar.htm

c:\program files (x86)\adawaretb\chrome\content\toolbar.xul

c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\ClearBrowserDataDialog.xml

c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\tb_icon.png

c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\widget.js

c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.BrowserDataCleaner\widget.xml

c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.ToolbarCleaner\tb_icon.png

c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.ToolbarCleaner\widget.js

c:\program files (x86)\adawaretb\chrome\content\widgets\net.vmn.www.ToolbarCleaner\widget.xml

c:\program files (x86)\adawaretb\chrome\data\search\engines.xml

c:\program files (x86)\adawaretb\chrome\data\search\search.xsl

c:\program files (x86)\adawaretb\chrome\locale\lib\de.js

c:\program files (x86)\adawaretb\chrome\locale\lib\en.js

c:\program files (x86)\adawaretb\chrome\locale\lib\es.js

c:\program files (x86)\adawaretb\chrome\locale\lib\fr.js

c:\program files (x86)\adawaretb\chrome\locale\lib\it.js

c:\program files (x86)\adawaretb\chrome\locale\toolbar\de.js

c:\program files (x86)\adawaretb\chrome\locale\toolbar\en.js

c:\program files (x86)\adawaretb\chrome\locale\toolbar\es.js

c:\program files (x86)\adawaretb\chrome\locale\toolbar\fr.js

c:\program files (x86)\adawaretb\chrome\locale\toolbar\it.js

c:\program files (x86)\adawaretb\chrome\skin\blekko16.png

c:\program files (x86)\adawaretb\chrome\skin\bluelite.gif

c:\program files (x86)\adawaretb\chrome\skin\bluesky.gif

c:\program files (x86)\adawaretb\chrome\skin\btn-safe-de.png

c:\program files (x86)\adawaretb\chrome\skin\btn-safe-en.png

c:\program files (x86)\adawaretb\chrome\skin\btn-safe-es.png

c:\program files (x86)\adawaretb\chrome\skin\btn-safe-fr.png

c:\program files (x86)\adawaretb\chrome\skin\btn-safe-it.png

c:\program files (x86)\adawaretb\chrome\skin\btn-safe.png

c:\program files (x86)\adawaretb\chrome\skin\btn-search-de.png

c:\program files (x86)\adawaretb\chrome\skin\btn-search-en.png

c:\program files (x86)\adawaretb\chrome\skin\btn-search-es.png

c:\program files (x86)\adawaretb\chrome\skin\btn-search-fr.png

c:\program files (x86)\adawaretb\chrome\skin\btn-search-it.png

c:\program files (x86)\adawaretb\chrome\skin\btn-settings-over.png

c:\program files (x86)\adawaretb\chrome\skin\btn-settings.png

c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe-de.png

c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe-en.png

c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe-es.png

c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe-fr.png

c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe-it.png

c:\program files (x86)\adawaretb\chrome\skin\btn-unsafe.png

c:\program files (x86)\adawaretb\chrome\skin\custom.css

c:\program files (x86)\adawaretb\chrome\skin\dictionary.png

c:\program files (x86)\adawaretb\chrome\skin\downloadcom.png

c:\program files (x86)\adawaretb\chrome\skin\facebook.png

c:\program files (x86)\adawaretb\chrome\skin\games.png

c:\program files (x86)\adawaretb\chrome\skin\grey.gif

c:\program files (x86)\adawaretb\chrome\skin\ico-cleaner.png

c:\program files (x86)\adawaretb\chrome\skin\ico-clear.png

c:\program files (x86)\adawaretb\chrome\skin\images.png

c:\program files (x86)\adawaretb\chrome\skin\lib\add.png

c:\program files (x86)\adawaretb\chrome\skin\lib\aol.png

c:\program files (x86)\adawaretb\chrome\skin\lib\arrow-dn.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\arrow-right-disabled.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\arrow-right.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\arrow-up.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btn-end.png

c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btn-mdl.png

c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btn-mdl_ff.png

c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btn-start.png

c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btnover-end.png

c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btnover-mdl.png

c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btnover-mdl_ff.png

c:\program files (x86)\adawaretb\chrome\skin\lib\bg-btnover-start.png

c:\program files (x86)\adawaretb\chrome\skin\lib\blank.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\btnback-down-vista.png

c:\program files (x86)\adawaretb\chrome\skin\lib\btnback-vista.png

c:\program files (x86)\adawaretb\chrome\skin\lib\btnleft-down-vista.png

c:\program files (x86)\adawaretb\chrome\skin\lib\btnleft-vista.png

c:\program files (x86)\adawaretb\chrome\skin\lib\btnright-down-vista.png

c:\program files (x86)\adawaretb\chrome\skin\lib\btnright-vista.png

c:\program files (x86)\adawaretb\chrome\skin\lib\button-splitter-down-vista.png

c:\program files (x86)\adawaretb\chrome\skin\lib\button-splitter-vista.png

c:\program files (x86)\adawaretb\chrome\skin\lib\checkmark.png

c:\program files (x86)\adawaretb\chrome\skin\lib\chevron.png

c:\program files (x86)\adawaretb\chrome\skin\lib\collapse.png

c:\program files (x86)\adawaretb\chrome\skin\lib\comcast.png

c:\program files (x86)\adawaretb\chrome\skin\lib\dtx.css

c:\program files (x86)\adawaretb\chrome\skin\lib\edit-back-hot.png

c:\program files (x86)\adawaretb\chrome\skin\lib\edit-back.png

c:\program files (x86)\adawaretb\chrome\skin\lib\expand.png

c:\program files (x86)\adawaretb\chrome\skin\lib\found.png

c:\program files (x86)\adawaretb\chrome\skin\lib\gmail.png

c:\program files (x86)\adawaretb\chrome\skin\lib\highlight.png

c:\program files (x86)\adawaretb\chrome\skin\lib\highlight_blue.png

c:\program files (x86)\adawaretb\chrome\skin\lib\highlight_cyan.png

c:\program files (x86)\adawaretb\chrome\skin\lib\highlight_lime.png

c:\program files (x86)\adawaretb\chrome\skin\lib\highlight_magenta.png

c:\program files (x86)\adawaretb\chrome\skin\lib\highlight_yellow.png

c:\program files (x86)\adawaretb\chrome\skin\lib\hotmail.png

c:\program files (x86)\adawaretb\chrome\skin\lib\imap.png

c:\program files (x86)\adawaretb\chrome\skin\lib\lastsearch-thumb-back.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\loadingMid.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\lock.png

c:\program files (x86)\adawaretb\chrome\skin\lib\mailcom.png

c:\program files (x86)\adawaretb\chrome\skin\lib\menu_bg-basic.png

c:\program files (x86)\adawaretb\chrome\skin\lib\menu_separator_bar.png

c:\program files (x86)\adawaretb\chrome\skin\lib\menuitem-splitter.png

c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemback-down-vista.png

c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemback-vista.png

c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemleft-down-vista.png

c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemleft-vista.png

c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemright-down-vista.png

c:\program files (x86)\adawaretb\chrome\skin\lib\menuitemright-vista.png

c:\program files (x86)\adawaretb\chrome\skin\lib\modify.png

c:\program files (x86)\adawaretb\chrome\skin\lib\move.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\movetarget.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\css\popupAbout.css

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\css\popupWidgets.css

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\css\dialog.css

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\bg.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\btn-wide-close-over.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\btn-wide-close.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\default.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\transparent.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\win-btm-left.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\win-btm-mdl.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\win-btm-right-resize.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\images\win-btm-right.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\main.html

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\default\scripts\defscript.js

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\arrow-sml-drop.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\arrow-sml.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\arrowr-bluew5.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\bg-aboutbox.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\bg-btnover.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\bg-pnl520x390.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-addtoolbar-left.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-addtoolbar-right.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-close-grey.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-close-greyover.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-drag.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-mdl-over.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-mdl.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-next-over.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-next.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-previous-over.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-previous.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-right-over.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\btn-search-pnlbtm.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\gamethumb-on.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ico-calendar.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ico-download.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\ico-tags.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\icon-Add.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\icon-Info.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\menul-bgon.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\menul-bgover.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\panel-botm-noscroll.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scroll-bg-206.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scroll-bg.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scroll-topwin.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollb-disable.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollb-down.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollb-over.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollb.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollt-disable.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollt-down.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollt-over.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\scrollt.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\searchbox-pnlbtm.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\star_x_grey.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\star_x_orange.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\throbber.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\TRUSTe_about.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\view-detailed-on.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\view-detailed-over.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\view-thumb-on.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\view-thumb-over.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\widgets-square-16px.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\images\widgets-square-24px.png

c:\program files (x86)\adawaretb\chrome\skin\lib\panels\popupWidgets.html

c:\program files (x86)\adawaretb\chrome\skin\lib\pop.png

c:\program files (x86)\adawaretb\chrome\skin\lib\radio.png

c:\program files (x86)\adawaretb\chrome\skin\lib\reload.png

c:\program files (x86)\adawaretb\chrome\skin\lib\remove.png

c:\program files (x86)\adawaretb\chrome\skin\lib\rename.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\resize-box.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\rss.png

c:\program files (x86)\adawaretb\chrome\skin\lib\rsschannelback.png

c:\program files (x86)\adawaretb\chrome\skin\lib\RSSLogo.png

c:\program files (x86)\adawaretb\chrome\skin\lib\rsstabdivider.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\scroll-left.png

c:\program files (x86)\adawaretb\chrome\skin\lib\scroll-right.png

c:\program files (x86)\adawaretb\chrome\skin\lib\search-go.png

c:\program files (x86)\adawaretb\chrome\skin\lib\search.png

c:\program files (x86)\adawaretb\chrome\skin\lib\text-ellipsis.xml

c:\program files (x86)\adawaretb\chrome\skin\lib\throbber.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\toolbarsplitter.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\transparent_1px.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_02.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_03.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_04.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_06.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_07.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_08.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_09.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_10.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_11.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_12.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_13.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_14.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_15.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_16.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_18.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_19.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_20.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\border_21.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\btn-close-grey.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\btn-close-greyover.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\close-hot.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\close-normal.png

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\loadingMid.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\paneltemplate.html

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\proxy.html

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\template.html

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\template.xml

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\templateFF.html

c:\program files (x86)\adawaretb\chrome\skin\lib\uwa\throbber.gif

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\icons\cond999.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\icons\icons.xml

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\icons\na-s.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\icons\na.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\icons\weather.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\add.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\box-check.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\ico-check.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\options-weather.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\over-blue.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\over-orange.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\popupWeather.css

c:\program files (x86)\adawaretb\chrome\skin\lib\weatherbutton\panels\popupWeather.html

c:\program files (x86)\adawaretb\chrome\skin\lib\yahoo.png

c:\program files (x86)\adawaretb\chrome\skin\lichen.gif

c:\program files (x86)\adawaretb\chrome\skin\logo-about.png

c:\program files (x86)\adawaretb\chrome\skin\logo.png

c:\program files (x86)\adawaretb\chrome\skin\modify-save.png

c:\program files (x86)\adawaretb\chrome\skin\modify.png

c:\program files (x86)\adawaretb\chrome\skin\music.png

c:\program files (x86)\adawaretb\chrome\skin\news.png

c:\program files (x86)\adawaretb\chrome\skin\options\options-main.png

c:\program files (x86)\adawaretb\chrome\skin\options\options-search.png

c:\program files (x86)\adawaretb\chrome\skin\options\options-weather.png

c:\program files (x86)\adawaretb\chrome\skin\options\options-widgets.png

c:\program files (x86)\adawaretb\chrome\skin\orange.gif

c:\program files (x86)\adawaretb\chrome\skin\search-background.png

c:\program files (x86)\adawaretb\chrome\skin\shopping.png

c:\program files (x86)\adawaretb\chrome\skin\skin-bluelite.png

c:\program files (x86)\adawaretb\chrome\skin\skin-bluesky.png

c:\program files (x86)\adawaretb\chrome\skin\skin-grey.png

c:\program files (x86)\adawaretb\chrome\skin\skin-lichen.png

c:\program files (x86)\adawaretb\chrome\skin\skin-orange.png

c:\program files (x86)\adawaretb\chrome\skin\skin-yellow.png

c:\program files (x86)\adawaretb\chrome\skin\technorati.png

c:\program files (x86)\adawaretb\chrome\skin\throbber.gif

c:\program files (x86)\adawaretb\chrome\skin\toolbarsplitter.png

c:\program files (x86)\adawaretb\chrome\skin\web.png

c:\program files (x86)\adawaretb\chrome\skin\wikipedia.png

c:\program files (x86)\adawaretb\chrome\skin\yellow.gif

c:\program files (x86)\adawaretb\chrome\skin\youtube.png

c:\program files (x86)\adawaretb\components\windowmediator.js

c:\program files (x86)\adawaretb\dtUser.exe

c:\program files (x86)\adawaretb\ieUtils.exe

c:\program files (x86)\adawaretb\install.ico

c:\program files (x86)\adawaretb\manifest.xml

c:\program files (x86)\adawaretb\search.ico

c:\program files (x86)\adawaretb\uninstall.exe

c:\programdata\Ad-Aware Browsing Protection

c:\programdata\Ad-Aware Browsing Protection\adawarebp.dll

c:\programdata\Ad-Aware Browsing Protection\adawarebp.dll.nsm7F13.tmp

c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe

c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe.nsm7F13.tmp

c:\programdata\Ad-Aware Browsing Protection\guid.dat

c:\programdata\Ad-Aware Browsing Protection\uninstall.exe

c:\programdata\Ad-Aware Browsing Protection\uninstall.exe.nsm7F13.tmp

.

---- Voorgaande Run -------

.

c:\program files (x86)\Mozilla Firefox\searchplugins\SearchquWebSearch.xml

c:\program files (x86)\Uninstall.exe

c:\users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\searchplugins\SearchquWebSearch.xml

c:\windows\iun6002.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-06-23 to 2012-07-23 ))))))))))))))))))))))))))))))

.

.

2012-07-23 17:58 . 2012-07-23 17:58 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-07-23 17:58 . 2012-07-23 17:58 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-07-23 17:58 . 2012-07-23 17:58 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2012-07-22 08:23 . 2012-07-22 08:23 388096 ----a-r- c:\users\Erik\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-07-22 08:23 . 2012-07-22 08:23 -------- d-----w- c:\program files (x86)\Trend Micro

2012-07-16 08:45 . 2012-07-16 08:45 -------- d-----w- c:\program files (x86)\Oracle

2012-07-14 08:30 . 2012-07-14 08:30 -------- d-----w- c:\users\Erik\AppData\Local\AVG Secure Search

2012-07-14 08:29 . 2012-07-14 08:30 -------- d-----w- c:\programdata\AVG Secure Search

2012-07-14 08:29 . 2012-07-16 08:22 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search

2012-07-14 08:29 . 2012-07-14 08:30 -------- d-----w- c:\program files (x86)\AVG Secure Search

2012-07-14 08:28 . 2012-07-14 08:28 -------- d-----w- c:\windows\SysWow64\drivers\AVG

2012-07-14 08:28 . 2012-07-23 15:28 -------- d-----w- c:\windows\system32\drivers\AVG

2012-07-14 08:09 . 2012-07-14 08:09 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi

2012-07-11 17:42 . 2012-06-12 03:02 3147264 ----a-w- c:\windows\system32\win32k.sys

2012-07-11 06:46 . 2012-06-06 05:50 2003968 ----a-w- c:\windows\system32\msxml6.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-11 17:38 . 2010-02-15 09:11 59701280 ----a-w- c:\windows\system32\MRT.exe

2012-07-05 20:06 . 2012-06-01 14:57 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-07-05 20:06 . 2010-04-30 06:48 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-07-03 11:46 . 2012-06-13 14:40 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-23 07:27 . 2012-06-23 07:27 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-06-02 22:19 . 2012-06-23 08:27 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-23 08:28 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-23 08:28 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-23 08:28 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-23 08:27 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-23 08:28 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-23 08:27 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-06-23 08:27 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:15 . 2012-06-23 08:27 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-05-08 17:02 . 2012-06-08 14:59 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{39AAABF1-2C9B-49D1-A41B-9E05587D2894}\mpengine.dll

2012-05-04 10:52 . 2012-06-13 13:16 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 10:08 . 2012-06-13 13:16 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-05-04 10:08 . 2012-06-13 13:16 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-05-02 05:32 . 2012-06-13 13:16 208896 ----a-w- c:\windows\system32\profsvc.dll

2012-04-28 03:50 . 2012-06-13 13:16 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-04-26 05:34 . 2012-06-13 13:17 76288 ----a-w- c:\windows\system32\rdpwsx.dll

2012-04-26 05:34 . 2012-06-13 13:17 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-04-26 05:28 . 2012-06-13 13:17 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

2010-06-15 01:54 . 2010-06-15 01:54 153008 ----a-w- c:\program files (x86)\fraps64.dll

2010-06-15 01:54 . 2010-06-15 01:54 206768 ----a-w- c:\program files (x86)\fraps32.dll

2010-06-15 01:54 . 2010-06-15 01:54 74672 ----a-w- c:\program files (x86)\fraps64.dat

2010-06-15 01:54 . 2010-06-15 01:54 2320304 ----a-w- c:\program files (x86)\fraps.exe

2010-06-15 01:46 . 2010-06-15 01:46 163840 ----a-w- c:\program files (x86)\frapslcd.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-07-23_12.15.45 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-07-14 04:54 . 2012-07-22 08:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2012-07-23 12:15 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2012-07-22 08:12 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-07-23 12:15 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-07-22 08:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-07-23 12:15 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2012-07-23 17:59 . 2012-07-23 17:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-07-23 12:15 . 2012-07-23 12:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-07-23 12:15 . 2012-07-23 12:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-07-23 17:59 . 2012-07-23 17:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2009-07-14 05:01 . 2012-07-23 12:13 401944 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-07-23 17:58 401944 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2010-02-04 23:23 . 2012-07-23 17:58 9398515 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3138168355-341146757-651766743-1001-8192.dat

- 2010-02-04 23:23 . 2012-07-23 12:13 9398515 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3138168355-341146757-651766743-1001-8192.dat

+ 2009-07-14 02:34 . 2012-07-23 12:30 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat

- 2009-07-14 02:34 . 2012-07-23 09:17 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-07-14 08:29 2074208 ----a-w- c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-14 2074208]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]

"RGSC"="c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-17 39408]

"Steam"="c:\program files (x86)\Steam\steam.exe" [2011-08-02 1242448]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304]

"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]

"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 323640]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-09-02 60464]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 500792]

"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]

"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-07-14 1107552]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-22 868848]

R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 135664]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-05-03 158856]

R3 dump_wmimmc;dump_wmimmc;c:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 135664]

R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]

R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1255736]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-05 203264]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520]

S2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-07-14 935008]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]

S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]

S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 215040]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-03-09 36408]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

.

.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 09:55]

.

2012-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 09:55]

.

2012-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3138168355-341146757-651766743-1001Core.job

- c:\users\Erik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-23 11:52]

.

2012-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3138168355-341146757-651766743-1001UA.job

- c:\users\Erik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-23 11:52]

.

2012-07-16 c:\windows\Tasks\HPCeeScheduleForErik.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048]

"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 610872]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-27 171520]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.lauwerscollege.nl/

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll

FF - ProfilePath - c:\users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\973o5s3e.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_1&u=AFBB9A88CC87736C2EF0A64FD4E5DFBC

FF - prefs.js: keyword.URL - hxxp://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p=

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

AddRemove-Ad-Aware Browsing Protection - c:\programdata\Ad-Aware Browsing Protection\uninstall.exe

AddRemove-adawaretb - c:\program files (x86)\adawaretb\uninstall.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-3138168355-341146757-651766743-1001\Software\SecuROM\License information*]

"datasecu"=hex:d8,95,bd,fa,31,76,95,54,d0,a8,ec,40,dc,49,2b,0e,4d,fc,7a,9d,92,

61,4e,fd,b1,9e,7f,a6,ed,70,98,cb,25,d1,74,46,27,2c,5f,a7,2c,3a,dc,6d,6d,78,\

"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe

c:\program files (x86)\CyberLink\Shared files\RichVideo.exe

c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

.

**************************************************************************

.

Voltooingstijd: 2012-07-23 20:06:19 - machine werd herstart

ComboFix-quarantined-files.txt 2012-07-23 18:06

ComboFix2.txt 2012-06-14 14:16

.

Pre-Run: 150.341.365.760 bytes beschikbaar

Post-Run: 150.271.287.296 bytes beschikbaar

.

- - End Of File - - 0AA7C11B4ABE695AB23FD3A7D064FD7B

Erik

Link naar reactie
Delen op andere sites

Na het herstarten van de pc kreeg ik een melding van Windows, dat RGSClauncher.exe (ofzo, weet de precieze naam niet meer) een fout had, en dat ik op ok moest klikken om de toepassing te beeindigen. Heb op ok geklikt, en niets meer van gehoord. RGSClauncher.exe hoort volgens mij bij de Rockstar Games Social Club, dus dat lijkt me geen probleem.

Erik

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.