Ga naar inhoud

Pop ups van Ad.Server & Ad.Doubleclick


Aanbevolen berichten

Goede middag,

Ik heb sinds kort Google Chrome geinstalleerd en heb de indruk dat sindsdien de problemen met de zeer vervelende en irritante pop-ups zijn ontstaan. Omdat ik veel dezelfde vragen op dit forum zie, zou het fantastisch zijn als jullie mij kunnen helpen. Ik heb al een log gemaakt via Hijackthis. Alvast bedankt ik ben jullie nu al eeuwig dankbaar!

Link naar reactie
Delen op andere sites

Hoi Ziggendl,

welkom op PCH.

Je topic werd verplaatst naar Bestrijding spyware, virussen, zo word je sneller geholpen door een malware-specialist.

Kan je het onderstaande uitvoeren ?...

1. Download HijackThis. (klik er op)

Klik op HijackThis.msi en de download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere pc en het bestand met een usb stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden.

Sla deze op in een nieuwe map op de C schijf (bvb C:\hijackthis) en start hijackthis dan vanaf deze map.

De logjes kan je dan ook in die map terugvinden.


2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)


3. Na het plaatsen van je logje wordt dit door een expert (Kape of Kweezie Wabbit) nagekeken en begeleidt hij jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

Link naar reactie
Delen op andere sites

Goede middag, bedankt! Hieronder volgt de log:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:48:32, on 21-10-2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\BullGuard Ltd\BullGuard\files32\spamfilter\LittleHook.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Users\Michaël\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michaël\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michaël\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michaël\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michaël\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michaël\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michaël\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [Google Update] "C:\Users\Michaël\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\Files32\Antiphishing\IE\BGAntiphishingIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab

O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - foto afdrukken online - HEMA

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: BgGamingMonitor.dll

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe

O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe

O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FlipShare Service - Unknown owner - C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: HPWMISVC - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: lxbl_device - - C:\Windows\system32\lxblcoms.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 12277 bytes

Ik zie de reacties graag tegemoet, alvast bedankt!

Link naar reactie
Delen op andere sites

Hier zijn niet echt sporen van malware in te vinden. Even dieper kijken: download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

Bedankt, het heeft even geduurd, maar hieronder de log van Combofix:

ComboFix 12-10-21.01 - Noor 21-10-2012 15:00:45.1.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.1979.649 [GMT 2:00]

Gestart vanuit: c:\users\Michaël\Desktop\ComboFix.exe

AV: BullGuard Antivirus *Disabled/Outdated* {C3CCAC61-52F7-A056-1860-6406566E2578}

FW: BullGuard Firewall *Disabled* {FBF72D44-1898-A10E-333F-CD33A8BD6203}

SP: BullGuard Antispyware *Disabled/Outdated* {78AD4D85-74CD-AFD8-22D0-5F742DE96FC5}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\BrowserCompanion

c:\program files (x86)\BrowserCompanion\blabbers-ch.crx

c:\program files (x86)\BrowserCompanion\logo.ico

c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll_1

c:\program files (x86)\ssnScreenshot1000.exe

c:\programdata\0D90EDE14A.sys

c:\users\Noor\AppData\Roaming\Noiz

c:\users\Noor\AppData\Roaming\Noiz\lyho.pia

c:\windows\SysWow64\System32\MASetupCleaner.exe

c:\windows\SysWow64\System32\muzapp.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-09-21 to 2012-10-21 ))))))))))))))))))))))))))))))

.

.

2012-10-21 13:11 . 2012-10-21 13:11 -------- d-----w- c:\users\Noor\AppData\Local\temp

2012-10-21 13:11 . 2012-10-21 13:11 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-10-11 13:51 . 2012-10-11 13:51 -------- d-----w- c:\users\Michaël\AppData\Local\Downloaded Installations

2012-10-11 13:47 . 2012-10-11 13:59 -------- d-----w- c:\users\Michaël\AppData\Local\Research In Motion

2012-10-11 13:47 . 2012-10-11 13:49 -------- d-----w- c:\users\Michaël\AppData\Roaming\Research In Motion

2012-10-11 13:37 . 2011-07-20 11:58 44032 ----a-w- c:\windows\system32\drivers\RimSerial_AMD64.sys

2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\program files (x86)\Third_party

2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\programdata\Research In Motion

2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\program files (x86)\DesktopHelperModules

2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\program files (x86)\DeviceData

2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\program files (x86)\InstallerUtils

2012-10-11 13:36 . 2012-10-11 13:39 -------- d-----w- c:\program files (x86)\nl

2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\program files (x86)\Modules

2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\program files (x86)\Common Files\XCPCSync.OEM

2012-10-11 13:36 . 2012-10-11 13:36 -------- d-----w- c:\program files (x86)\Codecs

2012-10-11 13:20 . 2012-10-11 13:20 -------- d-----w- c:\program files (x86)\Research In Motion Limited

2012-10-11 13:20 . 2012-10-11 13:54 -------- d-----w- c:\program files (x86)\Common Files\Research In Motion

2012-10-10 07:50 . 2012-08-20 18:38 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-10-10 07:49 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll

2012-10-10 07:49 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll

2012-10-10 07:49 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll

2012-10-10 07:49 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll

2012-10-10 07:49 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll

2012-10-10 07:49 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll

2012-10-10 07:49 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll

2012-10-10 07:49 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

2012-10-04 15:00 . 2012-10-04 15:09 -------- d-----w- C:\SnelStart

2012-10-04 14:30 . 2012-10-04 14:30 -------- d-----w- c:\users\Michaël\AppData\Local\Hewlett-Packard

2012-10-04 14:26 . 2012-10-04 14:26 -------- d-----w- c:\users\Michaël\AppData\Roaming\Hewlett-Packard

2012-10-04 11:11 . 2012-10-04 11:11 -------- d-----w- c:\program files (x86)\UBL

2012-10-04 11:05 . 2012-10-04 11:05 -------- d-----w- c:\program files (x86)\EPSON

2012-10-04 11:03 . 2005-02-02 10:05 8704 ----a-w- c:\windows\system32\E_GCINST.DLL

2012-10-04 11:03 . 2005-06-08 23:02 119808 ----a-w- c:\windows\system32\E_ILMACE.DLL

2012-10-04 11:03 . 2005-04-10 23:01 86528 ----a-w- c:\windows\system32\E_IBCBACE.DLL

2012-10-04 11:03 . 2012-10-04 11:03 -------- d-----w- c:\programdata\EPSON

2012-10-04 09:55 . 2012-10-04 09:56 -------- d-----w- c:\users\Michaël\AppData\Local\Google

2012-10-04 09:54 . 2012-10-04 09:54 -------- d-----w- c:\users\Michaël\AppData\Local\Apps

2012-10-04 09:54 . 2012-10-04 09:55 -------- d-----w- c:\users\Michaël\AppData\Local\Deployment

2012-10-04 09:41 . 2012-10-05 11:50 -------- d-----w- c:\users\Michaël\AppData\Roaming\Adobe

2012-09-26 07:12 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2012-09-24 09:35 . 2012-09-24 09:35 -------- d-----w- c:\users\Noor\Scans

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-11 07:31 . 2011-07-14 16:32 65309168 ----a-w- c:\windows\system32\MRT.exe

2012-09-17 09:31 . 2012-09-17 09:31 55464 ----a-w- c:\program files (x86)\UseInNet.VbRun.dll

2012-09-17 09:31 . 2012-09-17 09:31 17064 ----a-w- c:\program files (x86)\UseInNet.Vba.dll

2012-09-17 09:31 . 2012-09-17 09:31 22192 ----a-w- c:\program files (x86)\UseInNet.StdOle2.dll

2012-09-17 09:31 . 2012-09-17 09:31 19120 ----a-w- c:\program files (x86)\UseInNet.StdFormat.dll

2012-09-17 09:31 . 2012-09-17 09:31 43192 ----a-w- c:\program files (x86)\UseInNet.ssNetwerk1000.dll

2012-09-17 09:31 . 2012-09-17 09:31 92344 ----a-w- c:\program files (x86)\UseInNet.ssMethods1000.dll

2012-09-17 09:31 . 2012-09-17 09:31 100544 ----a-w- c:\program files (x86)\UseInNet.ssDbToegang1000.dll

2012-09-17 09:31 . 2012-09-17 09:31 260288 ----a-w- c:\program files (x86)\UseInNet.SnelStartGateWay.dll

2012-09-17 09:31 . 2012-09-17 09:31 39088 ----a-w- c:\program files (x86)\UseInNet.Scripting.dll

2012-09-17 09:31 . 2012-09-17 09:31 190632 ----a-w- c:\program files (x86)\UseInNet.msXml4.dll

2012-09-17 09:31 . 2012-09-17 09:31 39088 ----a-w- c:\program files (x86)\UseInNet.msmapi32.dll

2012-09-17 09:30 . 2012-09-17 09:30 10416 ----a-w- c:\program files (x86)\UseInNet.MsDataSrc.dll

2012-09-17 09:30 . 2012-09-17 09:30 108712 ----a-w- c:\program files (x86)\UseInNet.AdoDb.dll

2012-09-17 09:30 . 2012-09-17 09:30 481440 ----a-w- c:\program files (x86)\ssBackup6.exe

2012-09-17 09:30 . 2012-09-17 09:30 33968 ----a-w- c:\program files (x86)\SnelStartCompress.dll

2012-09-17 09:30 . 2012-09-17 09:30 34976 ----a-w- c:\program files (x86)\LayCSupp.dll

2012-09-17 09:30 . 2012-09-17 09:30 30880 ----a-w- c:\program files (x86)\ssnZip1000.dll

2012-09-17 09:30 . 2012-09-17 09:30 1238712 ----a-w- c:\program files (x86)\ssnSoapCommunicatie1000.dll

2012-09-17 09:30 . 2012-09-17 09:30 357544 ----a-w- c:\program files (x86)\ssnPeriode1000.dll

2012-09-17 09:30 . 2012-09-17 09:30 323752 ----a-w- c:\program files (x86)\ssnMethods1000.dll

2012-09-17 09:30 . 2012-09-17 09:30 658088 ----a-w- c:\program files (x86)\ssnFolder1000.dll

2012-09-17 09:30 . 2012-09-17 09:30 46256 ----a-w- c:\program files (x86)\ssnFileReeks1000.dll

2012-09-17 09:30 . 2012-09-17 09:30 18080 ----a-w- c:\program files (x86)\ssnFase1000.dll

2012-09-17 09:30 . 2012-09-17 09:30 146600 ----a-w- c:\program files (x86)\ssnControls1000.dll

2012-09-17 09:30 . 2012-09-17 09:30 112816 ----a-w- c:\program files (x86)\ssnBankieren1000.dll

2012-09-17 09:30 . 2012-09-17 09:30 183464 ----a-w- c:\program files (x86)\ssnBackup1000.dll

2012-09-17 09:30 . 2012-09-17 09:30 276648 ----a-w- c:\program files (x86)\ssVkProces1000.dll

2012-09-17 09:30 . 2012-09-17 09:30 1112232 ----a-w- c:\program files (x86)\ssVerkoop1000.dll

2012-09-17 09:29 . 2012-09-17 09:29 440472 ----a-w- c:\program files (x86)\ssTool7.dll

2012-09-17 09:29 . 2012-09-17 09:29 567464 ----a-w- c:\program files (x86)\ssTelebank1000.ocx

2012-09-17 09:29 . 2012-09-17 09:29 67760 ----a-w- c:\program files (x86)\ssSyntaxAnalys1000.dll

2012-09-17 09:29 . 2012-09-17 09:29 186536 ----a-w- c:\program files (x86)\ssSessie1000.dll

2012-09-17 09:29 . 2012-09-17 09:29 108712 ----a-w- c:\program files (x86)\ssRechten1000.dll

2012-09-17 09:29 . 2012-09-17 09:29 170144 ----a-w- c:\program files (x86)\ssPrx1000.dll

2012-09-17 09:29 . 2012-09-17 09:29 252072 ----a-w- c:\program files (x86)\ssPrinter1000.dll

2012-09-17 09:29 . 2012-09-17 09:29 80032 ----a-w- c:\program files (x86)\ssOrder1000.dll

2012-09-17 09:29 . 2012-09-17 09:29 121000 ----a-w- c:\program files (x86)\ssNetwerk1000.dll

2012-09-17 09:29 . 2012-09-17 09:29 30896 ----a-w- c:\program files (x86)\ssNetInterface1000.dll

2012-09-17 09:29 . 2012-09-17 09:29 342184 ----a-w- c:\program files (x86)\ssMethods1000.dll

2012-09-17 09:29 . 2012-09-17 09:29 121000 ----a-w- c:\program files (x86)\ssManager1000.dll

2012-09-17 09:29 . 2012-09-17 09:29 63664 ----a-w- c:\program files (x86)\ssLijstControl1000.dll

2012-09-17 09:29 . 2012-09-17 09:29 333984 ----a-w- c:\program files (x86)\ssLijst1000.dll

2012-09-17 09:29 . 2012-09-17 09:29 739496 ----a-w- c:\program files (x86)\ssLayoutUI1000.dll

2012-09-17 09:29 . 2012-09-17 09:29 1403048 ----a-w- c:\program files (x86)\ssLayout1000.ocx

2012-09-17 09:28 . 2012-09-17 09:28 465056 ----a-w- c:\program files (x86)\ssKaart1000.ocx

2012-09-17 09:28 . 2012-09-17 09:28 444584 ----a-w- c:\program files (x86)\ssInkoop1000.dll

2012-09-17 09:28 . 2012-09-17 09:28 252072 ----a-w- c:\program files (x86)\ssImport1000.dll

2012-09-17 09:28 . 2012-09-17 09:28 174248 ----a-w- c:\program files (x86)\ssIkProces1000.dll

2012-09-17 09:28 . 2012-09-17 09:28 657648 ----a-w- c:\program files (x86)\ssGarage1000.dll

2012-09-17 09:28 . 2012-09-17 09:28 178344 ----a-w- c:\program files (x86)\ssFuncDLL1000.dll

2012-09-17 09:28 . 2012-09-17 09:28 276656 ----a-w- c:\program files (x86)\ssExporteren1000.ocx

2012-09-17 09:28 . 2012-09-17 09:28 39080 ----a-w- c:\program files (x86)\ssDialog1000.dll

2012-09-17 09:28 . 2012-09-17 09:28 518312 ----a-w- c:\program files (x86)\ssDeclares1000.dll

2012-09-17 09:28 . 2012-09-17 09:28 59568 ----a-w- c:\program files (x86)\ssDdeVerbinding1000.dll

2012-09-17 09:28 . 2012-09-17 09:28 874664 ----a-w- c:\program files (x86)\ssDbVersie1000.dll

2012-09-17 09:28 . 2012-09-17 09:28 510120 ----a-w- c:\program files (x86)\ssDbToegang1000.dll

2012-09-17 09:28 . 2012-09-17 09:28 59560 ----a-w- c:\program files (x86)\ssDbSchema1000.dll

2012-09-17 09:28 . 2012-09-17 09:28 104624 ----a-w- c:\program files (x86)\ssDbRecordTree1000.dll

2012-09-17 09:28 . 2012-09-17 09:28 1489064 ----a-w- c:\program files (x86)\ssControls1000.ocx

2012-09-17 09:27 . 2012-09-17 09:27 51376 ----a-w- c:\program files (x86)\ssCommunicatie1000.dll

2012-09-17 09:27 . 2012-09-17 09:27 436384 ----a-w- c:\program files (x86)\ssBtw1000.dll

2012-09-17 09:27 . 2012-09-17 09:27 686240 ----a-w- c:\program files (x86)\ssBoek1000.dll

2012-09-17 09:27 . 2012-09-17 09:27 690336 ----a-w- c:\program files (x86)\ssBasis1000.dll

2012-09-17 09:27 . 2012-09-17 09:27 239776 ----a-w- c:\program files (x86)\ssBapi1000.dll

2012-09-17 09:27 . 2012-09-17 09:27 469160 ----a-w- c:\program files (x86)\ssArtikel1000.dll

2012-09-17 09:27 . 2012-09-17 09:27 141496 ----a-w- c:\program files (x86)\UseInNet.ssDeclares1000.dll

2012-09-17 09:27 . 2012-09-17 09:27 399536 ----a-w- c:\program files (x86)\SnelStartGateWay.dll

2012-09-17 09:27 . 2012-09-17 09:27 7043232 ----a-w- c:\program files (x86)\SnelStart.exe

2012-09-17 09:12 . 2012-09-17 09:12 33792 ----a-w- c:\program files (x86)\ssnSerialCommunication1000.dll

2012-09-04 11:04 . 2012-09-04 11:04 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-09-04 11:04 . 2012-09-04 11:05 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-09-04 11:04 . 2010-07-15 04:45 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-08-27 23:49 . 2012-09-04 06:31 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{90E79E5C-E9A6-45C1-9D39-1B33EB3B60C9}\mpengine.dll

2012-08-22 18:12 . 2012-09-12 10:10 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-08-22 18:12 . 2012-09-12 10:10 950128 ----a-w- c:\windows\system32\drivers\ndis.sys

2012-08-22 18:12 . 2012-09-12 10:10 376688 ----a-w- c:\windows\system32\drivers\netio.sys

2012-08-22 18:12 . 2012-09-12 10:10 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-08-20 17:38 . 2012-10-10 07:51 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-08-20 17:01 . 2012-08-20 17:01 111064 ----a-w- c:\windows\system32\BgGamingMonitor.dll

2012-08-20 17:01 . 2012-08-20 17:01 100216 ----a-w- c:\windows\SysWow64\BgGamingMonitor.dll

2012-08-02 17:58 . 2012-09-12 10:10 574464 ----a-w- c:\windows\system32\d3d10level9.dll

2012-08-02 16:57 . 2012-09-12 10:10 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll

2012-08-02 14:12 . 2012-08-02 14:12 63840 ----a-w- c:\windows\system32\BGLsp.dll

2012-08-02 14:12 . 2012-08-02 14:12 54624 ----a-w- c:\windows\SysWow64\BGLsp.dll

2012-07-11 10:49 . 2012-07-11 10:49 50264 ----a-w- c:\program files (x86)\Rim.Desktop.HttpServerSetup.exe

2012-07-11 10:49 . 2012-07-11 10:49 26712 ----a-w- c:\program files (x86)\Rim.Desktop.HttpServerSetup.FirewallInterop.dll

2012-07-11 10:49 . 2012-07-11 10:49 21080 ----a-w- c:\program files (x86)\Rim.Transcoder.exe

2012-07-11 10:48 . 2012-07-11 10:48 752216 ----a-w- c:\program files (x86)\Rim.DesktopHelper.exe

2012-07-11 10:48 . 2012-07-11 10:48 58456 ----a-w- c:\program files (x86)\Rim.Desktop.Services.Native.dll

2012-07-11 10:48 . 2012-07-11 10:48 56408 ----a-w- c:\program files (x86)\Rim.Desktop.Services.Tasks.dll

2012-07-11 10:48 . 2012-07-11 10:48 52312 ----a-w- c:\program files (x86)\System.Windows.Interactivity.dll

2012-07-11 10:48 . 2012-07-11 10:48 31832 ----a-w- c:\program files (x86)\Rim.Desktop.Services.Logging.dll

2012-07-11 10:48 . 2012-07-11 10:48 27224 ----a-w- c:\program files (x86)\Rim.Desktop.Services.WindowState.dll

2012-07-11 10:48 . 2012-07-11 10:48 2167384 ----a-w- c:\program files (x86)\Rim.Desktop.Themes.dll

2012-07-11 10:48 . 2012-07-11 10:48 188504 ----a-w- c:\program files (x86)\zlibwapi.dll

2012-07-11 10:48 . 2012-07-11 10:48 13912 ----a-w- c:\program files (x86)\Rim.DesktopHelper.common.dll

2012-07-11 10:48 . 2012-07-11 10:48 933464 ----a-w- c:\program files (x86)\Rim.Desktop.AutoUpdate.exe

2012-07-11 10:48 . 2012-07-11 10:48 93272 ----a-w- c:\program files (x86)\Rim.Common.Utilities.dll

2012-07-11 10:48 . 2012-07-11 10:48 770648 ----a-w- c:\program files (x86)\MailServerMAPIProxy64.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-09 1712184]

"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]

"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-06-29 602168]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"HideFastUserSwitching"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"EnableShellExecuteHooks"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\windows\System32\BgGamingMonitor.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-01-03 157160]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-01-03 16872]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-01-03 177128]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-09 1255736]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S1 AFW;Agnitum Firewall Driver;c:\windows\system32\DRIVERS\afw.sys [2012-07-03 38528]

S1 BdSpy;BdSpy;c:\windows\system32\DRIVERS\BdSpy.sys [2012-07-03 66272]

S1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\DRIVERS\NSKernel.sys [2012-07-03 256072]

S1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\DRIVERS\NSNetmon.sys [2012-07-03 25160]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]

S2 BsBackup;BullGuard backup service;c:\windows\System32\SvcHost.exe [2009-07-14 27136]

S2 BsBhvScan;BullGuard Behavioural Detection;c:\program files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2012-08-20 368480]

S2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe [2009-07-14 27136]

S2 BsFire;BullGuard firewall service;c:\windows\System32\SvcHost.exe [2009-07-14 27136]

S2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe [2009-07-14 27136]

S2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe [2009-07-14 27136]

S2 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2012-08-20 201056]

S2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2012-08-20 379744]

S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]

S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]

S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]

S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-06-29 27192]

S2 lxbl_device;lxbl_device;c:\windows\system32\lxblcoms.exe [2007-04-20 566704]

S2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-04-19 315392]

S3 afwcore;afwcore;c:\windows\system32\DRIVERS\afwcore.sys [2012-07-03 445568]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-23 347680]

S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-02-05 1093152]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2010-05-19 08:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-407698090-1951942328-2400364001-1001Core.job

- c:\users\Noor\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-04 12:41]

.

2012-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-407698090-1951942328-2400364001-1001UA.job

- c:\users\Noor\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-04 12:41]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-05-26 6245408]

"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]

"BullGuard"="c:\program files\BullGuard Ltd\BullGuard\bullguard.exe" [2012-09-11 1863008]

"EPSON Stylus DX3800 Series"="c:\windows\system32\spool\DRIVERS\x64\3\E_FATIACE.EXE" [2005-02-08 98304]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\BgGamingMonitor.dll

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/

uLocal Page = c:\windows\system32\blank.htm

mStart Page = about:blank

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

LSP: c:\windows\system32\BGLsp.dll

TCP: DhcpNameServer = 192.168.2.254

DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab

.

- - - - ORPHANS VERWIJDERD - - - -

.

URLSearchHooks-{1c94aa0d-7416-4289-b2ba-834282060870} - (no file)

URLSearchHooks-{296aa17d-c89e-4242-a5a4-44bfe76914a2} - (no file)

Wow6432Node-HKCU-Run-KiesPDLR - c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

Wow6432Node-HKCU-Run-Corel Photo Downloader - c:\program files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe

WebBrowser-{1C94AA0D-7416-4289-B2BA-834282060870} - (no file)

WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)

WebBrowser-{296AA17D-C89E-4242-A5A4-44BFE76914A2} - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-10-21 15:17:04

ComboFix-quarantined-files.txt 2012-10-21 13:17

.

Pre-Run: 77.724.774.400 bytes beschikbaar

Post-Run: 77.981.110.272 bytes beschikbaar

.

- - End Of File - - 14D79CB02F37BF0199834BF35AA2563A

Link naar reactie
Delen op andere sites

Problemen van de baan, dan is het tijd voor de “grote schoonmaak” : verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten.

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht/Programma’s en bestanden zoeken en typ daar: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten). In Windows 7

  • via Start -> Configuratiescherm -> Systeem & Beveiliging -> Systeem -> Systeembeveiliging -> schakel nu systeemherstel uit door de gewenste schijf te selecteren en op "configureren" te klikken.
  • Klik nu op "verwijderen" om alle herstelpunten te verwijderen.
  • Klik op "Toepassen" en "OK".
  • Ga nu terug naar “Systeembeveiliging” en maak meteen een nieuw herstelpunt, zodat je niet hoeft te wachten op een automatisch herstelpunt van het systeem.
  • Kies voor “Maken”. Geef het herstelpunt een eigen naam en klik op “Maken”.
  • Herstart nu de PC.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.