Ga naar inhoud

Aanbevolen berichten

Geplaatst:

ComboFix 12-12-20.02 - Ludo 20-12-2012 23:09:53.2.4 - x86

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.3070.1820 [GMT 1:00]

Gestart vanuit: c:\users\Ludo\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Ludo\Desktop\CFScript

AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}

AV: McAfee VirusScan Enterprise *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}

SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

* Aanwezig AV is actief

.

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1

c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\GEARDIFx.exe

c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DIFxAPI.dll

c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DifXInst32.exe

c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DIFxInstallLog.txt

c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\GEARAspi.dll

c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\GEARAspiWDM.inf

c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\gearaspiwdmx86.cat

c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\x86\GEARAspiWDM.sys

c:\programdata\blekko toolbars

c:\programdata\blekko toolbars\toolbar.txt

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-11-21 to 2012-12-21 ))))))))))))))))))))))))))))))

.

.

2012-12-21 00:04 . 2012-12-21 00:04 -------- d-----w- c:\users\Ludo\AppData\Local\temp

2012-12-21 00:04 . 2012-12-21 00:04 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-12-21 00:04 . 2012-12-21 00:04 -------- d-----w- c:\users\Lieve\AppData\Local\temp

2012-12-21 00:04 . 2012-12-21 00:04 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp

2012-12-21 00:04 . 2012-12-21 00:04 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-20 21:35 . 2012-12-20 21:35 -------- d-----w- c:\program files\Leadtek

2012-12-20 21:25 . 2012-12-20 21:25 -------- d-----w- c:\programdata\PDF Architect

2012-12-20 13:24 . 2012-12-20 13:24 -------- d-----w- c:\program files\iPod

2012-12-20 13:24 . 2012-12-20 13:25 -------- d-----w- c:\program files\iTunes

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll

2012-12-20 13:19 . 2012-12-20 13:20 -------- d-----w- c:\program files\QuickTime

2012-12-20 13:17 . 2012-12-20 13:17 -------- d-----w- c:\program files\Bonjour

2012-12-17 19:08 . 2012-12-17 19:08 388096 ----a-r- c:\users\Ludo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-12-17 09:17 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX

2012-12-17 09:17 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL

2012-12-17 09:17 . 2012-12-17 09:18 -------- d-----w- c:\program files\PDFCreator

2012-12-14 18:01 . 2012-12-14 18:01 -------- d-----w- c:\programdata\Ad-Aware Antivirus

2012-12-14 17:58 . 2012-12-14 17:58 -------- d-----w- c:\programdata\Lavasoft

2012-12-14 17:58 . 2012-12-20 21:03 -------- d-----w- c:\program files\Ad-Aware Antivirus

2012-12-14 17:57 . 2012-12-14 17:57 44424 ----a-w- c:\windows\system32\sbbd.exe

2012-12-14 17:57 . 2012-12-14 17:57 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys

2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\program files\adawaretb

2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\program files\Toolbar Cleaner

2012-12-14 17:56 . 2012-12-15 21:34 -------- d-----w- c:\users\Ludo\AppData\Roaming\Ad-Aware Antivirus

2012-12-13 01:12 . 2012-12-13 01:13 -------- d-----w- c:\users\Ludo\AppData\Roaming\PDF Architect

2012-12-12 11:43 . 2012-11-22 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys

2012-12-10 23:39 . 2012-12-10 23:39 -------- d-----w- c:\users\Ludo\AppData\Roaming\APP_NAME_NON_STRING

2012-12-10 23:38 . 2012-10-28 17:32 88576 ----a-w- c:\windows\system32\pdfcmon.dll

2012-12-10 08:28 . 2012-12-10 08:28 122880 --sha-r- c:\windows\system32\C_1149W.dll

2012-12-07 08:03 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A799F2D-49BD-408D-B9FD-B7922F014CC0}\mpengine.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-15 21:38 . 2012-07-17 23:59 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-15 21:38 . 2012-07-17 23:19 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts

2012-10-16 07:39 . 2012-11-28 00:48 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-10-10 20:15 . 2012-10-10 20:15 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-10-10 20:15 . 2012-10-10 20:15 2574696 ----a-w- c:\windows\system32\nvcuvid.dll

2012-10-10 20:14 . 2012-10-10 20:14 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll

2012-10-10 20:14 . 2009-07-13 22:09 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll

2012-10-10 20:14 . 2012-10-10 20:14 17559912 ----a-w- c:\windows\system32\nvcompiler.dll

2012-10-10 20:14 . 2009-07-14 23:54 2428776 ----a-w- c:\windows\system32\nvapi.dll

2012-10-10 20:14 . 2012-10-10 20:14 7697768 ----a-w- c:\windows\system32\nvcuda.dll

2012-10-10 20:14 . 2012-10-10 20:14 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-10-10 20:14 . 2012-10-10 20:14 19906920 ----a-w- c:\windows\system32\nvoglv32.dll

2012-10-10 20:14 . 2011-08-13 22:43 1009512 ----a-w- c:\windows\system32\nvdispco32.dll

2012-10-10 20:14 . 2012-10-10 20:14 6127464 ----a-w- c:\windows\system32\nvopencl.dll

2012-10-10 20:14 . 2012-10-10 20:14 15309160 ----a-w- c:\windows\system32\nvd3dum.dll

2012-10-09 17:40 . 2012-11-14 12:21 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-14 12:21 193536 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-10-03 16:58 . 2012-11-14 12:21 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-10-03 16:42 . 2012-11-14 12:21 52224 ----a-w- c:\windows\system32\nlaapi.dll

2012-10-03 16:42 . 2012-11-14 12:21 242176 ----a-w- c:\windows\system32\nlasvc.dll

2012-10-03 16:42 . 2012-11-14 12:21 175104 ----a-w- c:\windows\system32\netcorehc.dll

2012-10-03 16:42 . 2012-11-14 12:21 18944 ----a-w- c:\windows\system32\netevent.dll

2012-10-03 16:42 . 2012-11-14 12:21 156672 ----a-w- c:\windows\system32\ncsi.dll

2012-10-03 16:40 . 2012-11-14 12:21 499712 ----a-w- c:\windows\system32\iphlpsvc.dll

2012-10-03 15:21 . 2012-11-14 12:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2012-10-02 19:29 . 2010-10-16 11:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe

2012-10-02 19:29 . 2011-08-12 08:58 2557288 ----a-w- c:\windows\system32\nvsvcr.dll

2012-10-02 19:29 . 2010-10-16 11:42 108392 ----a-w- c:\windows\system32\nvmctray.dll

2012-10-02 19:29 . 2009-07-14 11:29 62312 ----a-w- c:\windows\system32\nvshext.dll

2012-10-02 19:29 . 2010-10-16 11:42 2853224 ----a-w- c:\windows\system32\nvsvc.dll

2012-10-02 19:28 . 2010-10-16 11:42 3965288 ----a-w- c:\windows\system32\nvcpl.dll

2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\system32\nvStreaming.exe

2012-09-25 22:47 . 2012-11-14 12:21 78336 ----a-w- c:\windows\system32\synceng.dll

2012-09-24 21:16 . 2012-10-25 06:31 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

1999-06-25 07:55 . 2008-05-09 14:22 149504 ----a-w- c:\program files\UNWISE.EXE

2012-12-05 22:52 . 2012-12-05 22:52 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-28 39408]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-08-28 247768]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]

"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-06-04 2056192]

"Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-10-03 161336]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2011-01-12 161088]

"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2011-09-14 215360]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]

.

c:\users\Ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]

"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2010-06-22 202088]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer3"=wdmaud.drv

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk]

backup=c:\windows\pss\PDFCreator.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^Ludo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk]

backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]

2007-04-03 16:50 1603152 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]

2007-05-14 16:01 644696 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCUTRAYICON]

2007-06-27 09:18 215256 ----a-w- c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]

2010-11-20 12:17 144384 ----a-w- c:\windows\ehome\ehtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui]

2011-05-13 14:27 884584 ----a-w- c:\program files\Windows Live\Family Safety\fsui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]

2007-10-08 22:19 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2012-12-12 12:57 152544 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2011-05-13 15:03 4283256 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NMSSupport]

2007-06-27 09:14 439512 ----a-w- c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

2012-10-02 19:28 3965288 ----a-w- c:\windows\System32\nvcpl.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

2012-10-02 19:29 108392 ----a-w- c:\windows\System32\nvmctray.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]

2012-10-02 19:29 2853224 ----a-w- c:\windows\System32\nvsvc.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]

2007-02-04 11:02 79400 ----a-w- c:\program files\ScanSoft\OmniPageSE4\OpWareSE4.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

2007-11-14 14:50 4706304 ----a-w- c:\windows\RtHDVCpl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]

2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]

2007-02-09 13:54 16896 ----a-w- c:\program files\GoogleEULA\EULALauncher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService]

2007-10-19 16:42 155648 ----a-w- c:\program files\HomeCinema\TV Enhance\TVEService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]

2010-11-20 12:20 859648 ----a-w- c:\windows\System32\OobeFldr.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

2009-07-14 01:14 65024 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe]

2006-09-20 07:35 20480 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\WrtMon.exe

.

R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]

R1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [x]

R1 MpKsl03370312;MpKsl03370312;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D65724E6-01F8-4B8A-BA77-189E6F21FD85}\MpKsl03370312.sys [x]

R1 MpKsl035317aa;MpKsl035317aa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8D4B61E3-255E-4C75-AC01-B88E4320087E}\MpKsl035317aa.sys [x]

R1 MpKsl0b7e66dc;MpKsl0b7e66dc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{27996703-9CDD-4146-B5F9-9DA9E80A824C}\MpKsl0b7e66dc.sys [x]

R1 MpKsl1b904031;MpKsl1b904031;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKsl1b904031.sys [x]

R1 MpKsl2d35253d;MpKsl2d35253d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2A3AB075-532A-4AB9-BA58-BDB9C9535599}\MpKsl2d35253d.sys [x]

R1 MpKsl52d2512a;MpKsl52d2512a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKsl52d2512a.sys [x]

R1 MpKsl75a794c6;MpKsl75a794c6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{94810CF2-A2C3-40AA-9318-2A6BD12F9F80}\MpKsl75a794c6.sys [x]

R1 MpKsl75b08b33;MpKsl75b08b33;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D65724E6-01F8-4B8A-BA77-189E6F21FD85}\MpKsl75b08b33.sys [x]

R1 MpKsl8cf43cdb;MpKsl8cf43cdb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F5A7877-AF4D-4AD7-808A-8C9581650AEC}\MpKsl8cf43cdb.sys [x]

R1 MpKslc93cedb2;MpKslc93cedb2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKslc93cedb2.sys [x]

R1 MpKsle580181c;MpKsle580181c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3B3F112D-17D8-4E3E-BCE5-9B1A6F11ADCE}\MpKsle580181c.sys [x]

R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]

R2 gupdate1c9f90f25e0dfb8;Google Updateservice (gupdate1c9f90f25e0dfb8);c:\program files\Google\Update\GoogleUpdate.exe [x]

R2 MSR Service;Virtual Disk Service Manager;c:\program files\Clarus\Samsung SecretZone\MSSvc.exe [x]

R2 NMSCore;Intel® NMSCore;c:\program files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [x]

R2 QualityManager;Intel® Quality Manager;c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [x]

R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [x]

R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [x]

R3 DHTRACE;Intel® DHTrace Controller;c:\program files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [x]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]

R3 netr28u;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr28u.sys [x]

R3 OXSDIDRV_x32;Oxford Semi eSATA Filter (x32);c:\windows\system32\DRIVERS\OXSDIDRV_x32.sys [x]

R3 OXUDIDRV;OXUDIDRV;c:\windows\system32\Drivers\OXUDIDRV_X32.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [x]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]

S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [x]

S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]

S2 nmsunidr;UniDriver for NMS;c:\windows\system32\DRIVERS\nmsunidr.sys [x]

S2 PDFProFiltSrv;PDFProFiltSrv;c:\program files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x]

S2 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [x]

S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [x]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - FSUSBEXDISK

*Deregistered* - mfeavfk01

*Deregistered* - pavboot

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

GPSvcGroup REG_MULTI_SZ GPSvc

.

Inhoud van de 'Gedeelde Taken' map

.

2012-12-20 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-18 21:55]

.

2012-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:12]

.

2012-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:12]

.

2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2105529871-2663039784-3143822886-1001Core.job

- c:\users\Ludo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 09:52]

.

2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2105529871-2663039784-3143822886-1001UA.job

- c:\users\Ludo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 09:52]

.

2012-12-21 c:\windows\Tasks\USNLZSJ.job

- c:\windows\system32\C_1149W.dll [2012-12-10 08:28]

.

.

------- Bijkomende Scan -------

.

uStart Page = about:blank

mSearch Bar = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000

IE: Inhoud van geselecteerde koppelingen toevoegen aan bestaand PDF-bestand - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML

IE: Koppelingsinhoud toevoegen aan bestaand PDF-bestand - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML

IE: Openen in PDF Professional 6 - c:\program files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm

IE: Openen met Nuance PDF Converter 6.0 - c:\program files\Nuance\PDF Professional 6\cnvres_dut.dll /100

IE: PDF-bestand maken - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML

IE: PDF-bestand maken van koppelingsinhoud - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML

IE: PDF-bestanden maken van geselecteerde koppelingen - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML

IE: Toevoegen aan bestaand PDF-bestand - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML

Trusted Zone: dexia.be

Trusted Zone: dexia.be\directnet

Trusted Zone: exact.nl

Trusted Zone: exactonline.be

Trusted Zone: exactonline.be\start

Trusted Zone: fortuneo.be\www

TCP: DhcpNameServer = 192.168.2.254

FF - ProfilePath - c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=F9A8E3AD7E1C78DC700BC3508F36C877

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

FF - ExtSQL: 2012-10-29 18:42; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF - ExtSQL: 2012-10-30 03:09; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack

.

- - - - ORPHANS VERWIJDERD - - - -

.

HKCU-Run-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync]

"DisplayName"="Microsoft ActiveSync"

"Name"="ActiveSync"

"Order"=dword:00000001

"Param1"="ActiveSync"

"State"=dword:00000013

"Type"="wellknown"

.

[HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings]

"Name"="IESettings"

"Order"=dword:00000004

"State"=dword:00000003

"Type"="IESettings"

.

[HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles]

"Name"="MediaFiles"

"Order"=dword:00000003

"State"=dword:00000003

"Type"="MediaFiles"

.

[HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW]

"Name"="NPW"

"Order"=dword:00000002

"Param1"="NPW"

"State"=dword:00000003

"Type"="wellknown"

.

[HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook]

"DisplayName"="Microsoft Outlook"

"Name"="Outlook"

"Order"=dword:00000000

"Param1"="Outlook"

"State"=dword:00000020

"Type"="wellknown"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-12-21 01:10:39

ComboFix-quarantined-files.txt 2012-12-21 00:10

ComboFix2.txt 2012-12-19 20:47

.

Pre-Run: 84 641 366 016 bytes beschikbaar

Post-Run: 84 702 863 360 bytes beschikbaar

.

- - End Of File - - DE4EBCF9C327227E2FDE4AF5227AE229

  • Reacties 31
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Geplaatst:

Download AdwCleaner by Xplode naar je bureaublad.

A3qkP9RCEAAOZhQ.jpg

  • Sluit alle openstaande vensters.
  • Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
  • Voor XP: Gewoon dubbelklikken op AdwCleaner.
  • Klik vervolgens op Verwijderen.
  • Klik bij AdwCleaner – Informatie op OK
  • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht.

Geplaatst:

ComboFix 12-12-20.02 - Ludo 21-12-2012 11:11:37.3.4 - x86

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.3070.1856 [GMT 1:00]

Gestart vanuit: c:\users\Ludo\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Ludo\Desktop\CFScript

AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}

AV: McAfee VirusScan Enterprise *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}

SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-11-21 to 2012-12-21 ))))))))))))))))))))))))))))))

.

.

2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\Lieve\AppData\Local\temp

2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp

2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-21 07:46 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll

2012-12-21 07:46 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-21 00:04 . 2012-12-21 10:26 -------- d-----w- c:\users\Ludo\AppData\Local\temp

2012-12-20 21:35 . 2012-12-20 21:35 -------- d-----w- c:\program files\Leadtek

2012-12-20 21:25 . 2012-12-20 21:25 -------- d-----w- c:\programdata\PDF Architect

2012-12-20 13:24 . 2012-12-20 13:24 -------- d-----w- c:\program files\iPod

2012-12-20 13:24 . 2012-12-20 13:25 -------- d-----w- c:\program files\iTunes

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll

2012-12-20 13:19 . 2012-12-20 13:20 -------- d-----w- c:\program files\QuickTime

2012-12-20 13:17 . 2012-12-20 13:17 -------- d-----w- c:\program files\Bonjour

2012-12-17 19:08 . 2012-12-17 19:08 388096 ----a-r- c:\users\Ludo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-12-17 09:17 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX

2012-12-17 09:17 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL

2012-12-17 09:17 . 2012-12-17 09:18 -------- d-----w- c:\program files\PDFCreator

2012-12-14 18:01 . 2012-12-14 18:01 -------- d-----w- c:\programdata\Ad-Aware Antivirus

2012-12-14 17:58 . 2012-12-14 17:58 -------- d-----w- c:\programdata\Lavasoft

2012-12-14 17:58 . 2012-12-20 21:03 -------- d-----w- c:\program files\Ad-Aware Antivirus

2012-12-14 17:57 . 2012-12-14 17:57 44424 ----a-w- c:\windows\system32\sbbd.exe

2012-12-14 17:57 . 2012-12-14 17:57 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys

2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\program files\adawaretb

2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\program files\Toolbar Cleaner

2012-12-14 17:56 . 2012-12-15 21:34 -------- d-----w- c:\users\Ludo\AppData\Roaming\Ad-Aware Antivirus

2012-12-13 01:12 . 2012-12-13 01:13 -------- d-----w- c:\users\Ludo\AppData\Roaming\PDF Architect

2012-12-12 11:43 . 2012-11-22 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys

2012-12-10 23:39 . 2012-12-10 23:39 -------- d-----w- c:\users\Ludo\AppData\Roaming\APP_NAME_NON_STRING

2012-12-10 23:38 . 2012-10-28 17:32 88576 ----a-w- c:\windows\system32\pdfcmon.dll

2012-12-10 08:28 . 2012-12-10 08:28 122880 --sha-r- c:\windows\system32\C_1149W.dll

2012-12-07 08:03 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A799F2D-49BD-408D-B9FD-B7922F014CC0}\mpengine.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-15 21:38 . 2012-07-17 23:59 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-15 21:38 . 2012-07-17 23:19 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts

2012-10-16 07:39 . 2012-11-28 00:48 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-10-10 20:15 . 2012-10-10 20:15 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-10-10 20:15 . 2012-10-10 20:15 2574696 ----a-w- c:\windows\system32\nvcuvid.dll

2012-10-10 20:14 . 2012-10-10 20:14 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll

2012-10-10 20:14 . 2009-07-13 22:09 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll

2012-10-10 20:14 . 2012-10-10 20:14 17559912 ----a-w- c:\windows\system32\nvcompiler.dll

2012-10-10 20:14 . 2009-07-14 23:54 2428776 ----a-w- c:\windows\system32\nvapi.dll

2012-10-10 20:14 . 2012-10-10 20:14 7697768 ----a-w- c:\windows\system32\nvcuda.dll

2012-10-10 20:14 . 2012-10-10 20:14 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-10-10 20:14 . 2012-10-10 20:14 19906920 ----a-w- c:\windows\system32\nvoglv32.dll

2012-10-10 20:14 . 2011-08-13 22:43 1009512 ----a-w- c:\windows\system32\nvdispco32.dll

2012-10-10 20:14 . 2012-10-10 20:14 6127464 ----a-w- c:\windows\system32\nvopencl.dll

2012-10-10 20:14 . 2012-10-10 20:14 15309160 ----a-w- c:\windows\system32\nvd3dum.dll

2012-10-09 17:40 . 2012-11-14 12:21 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-14 12:21 193536 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-10-03 16:58 . 2012-11-14 12:21 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-10-03 16:42 . 2012-11-14 12:21 52224 ----a-w- c:\windows\system32\nlaapi.dll

2012-10-03 16:42 . 2012-11-14 12:21 242176 ----a-w- c:\windows\system32\nlasvc.dll

2012-10-03 16:42 . 2012-11-14 12:21 175104 ----a-w- c:\windows\system32\netcorehc.dll

2012-10-03 16:42 . 2012-11-14 12:21 18944 ----a-w- c:\windows\system32\netevent.dll

2012-10-03 16:42 . 2012-11-14 12:21 156672 ----a-w- c:\windows\system32\ncsi.dll

2012-10-03 16:40 . 2012-11-14 12:21 499712 ----a-w- c:\windows\system32\iphlpsvc.dll

2012-10-03 15:21 . 2012-11-14 12:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2012-10-02 19:29 . 2010-10-16 11:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe

2012-10-02 19:29 . 2011-08-12 08:58 2557288 ----a-w- c:\windows\system32\nvsvcr.dll

2012-10-02 19:29 . 2010-10-16 11:42 108392 ----a-w- c:\windows\system32\nvmctray.dll

2012-10-02 19:29 . 2009-07-14 11:29 62312 ----a-w- c:\windows\system32\nvshext.dll

2012-10-02 19:29 . 2010-10-16 11:42 2853224 ----a-w- c:\windows\system32\nvsvc.dll

2012-10-02 19:28 . 2010-10-16 11:42 3965288 ----a-w- c:\windows\system32\nvcpl.dll

2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\system32\nvStreaming.exe

2012-09-25 22:47 . 2012-11-14 12:21 78336 ----a-w- c:\windows\system32\synceng.dll

2012-09-24 21:16 . 2012-10-25 06:31 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

1999-06-25 07:55 . 2008-05-09 14:22 149504 ----a-w- c:\program files\UNWISE.EXE

2012-11-29 08:26 . 2012-12-05 22:52 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-28 39408]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-08-28 247768]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-06-04 2056192]

"Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-10-03 161336]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2011-01-12 161088]

"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2011-09-14 215360]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]

.

c:\users\Ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled

OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer3"=wdmaud.drv

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk]

backup=c:\windows\pss\PDFCreator.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^Ludo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk]

backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]

2007-04-03 16:50 1603152 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]

2007-05-14 16:01 644696 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCUTRAYICON]

2007-06-27 09:18 215256 ----a-w- c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]

2010-11-20 12:17 144384 ----a-w- c:\windows\ehome\ehtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui]

2011-05-13 14:27 884584 ----a-w- c:\program files\Windows Live\Family Safety\fsui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]

2007-10-08 22:19 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2012-12-12 12:57 152544 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2011-05-13 15:03 4283256 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NMSSupport]

2007-06-27 09:14 439512 ----a-w- c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

2012-10-02 19:28 3965288 ----a-w- c:\windows\System32\nvcpl.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

2012-10-02 19:29 108392 ----a-w- c:\windows\System32\nvmctray.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]

2012-10-02 19:29 2853224 ----a-w- c:\windows\System32\nvsvc.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]

2007-02-04 11:02 79400 ----a-w- c:\program files\ScanSoft\OmniPageSE4\OpWareSE4.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

2007-11-14 14:50 4706304 ----a-w- c:\windows\RtHDVCpl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]

2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]

2007-02-09 13:54 16896 ----a-w- c:\program files\GoogleEULA\EULALauncher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService]

2007-10-19 16:42 155648 ----a-w- c:\program files\HomeCinema\TV Enhance\TVEService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]

2010-11-20 12:20 859648 ----a-w- c:\windows\System32\OobeFldr.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

2009-07-14 01:14 65024 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe]

2006-09-20 07:35 20480 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\WrtMon.exe

.

R2 gupdate1c9f90f25e0dfb8;Google Updateservice (gupdate1c9f90f25e0dfb8);c:\program files\Google\Update\GoogleUpdate.exe [x]

R2 MSR Service;Virtual Disk Service Manager;c:\program files\Clarus\Samsung SecretZone\MSSvc.exe [x]

R2 NMSCore;Intel® NMSCore;c:\program files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [x]

R2 QualityManager;Intel® Quality Manager;c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [x]

R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [x]

R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [x]

R3 DHTRACE;Intel® DHTrace Controller;c:\program files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [x]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]

R3 netr28u;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr28u.sys [x]

R3 OXSDIDRV_x32;Oxford Semi eSATA Filter (x32);c:\windows\system32\DRIVERS\OXSDIDRV_x32.sys [x]

R3 OXUDIDRV;OXUDIDRV;c:\windows\system32\Drivers\OXUDIDRV_X32.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [x]

R4 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]

R4 MpKsl03370312;MpKsl03370312;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D65724E6-01F8-4B8A-BA77-189E6F21FD85}\MpKsl03370312.sys [x]

R4 MpKsl035317aa;MpKsl035317aa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8D4B61E3-255E-4C75-AC01-B88E4320087E}\MpKsl035317aa.sys [x]

R4 MpKsl0b7e66dc;MpKsl0b7e66dc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{27996703-9CDD-4146-B5F9-9DA9E80A824C}\MpKsl0b7e66dc.sys [x]

R4 MpKsl1b904031;MpKsl1b904031;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKsl1b904031.sys [x]

R4 MpKsl2d35253d;MpKsl2d35253d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2A3AB075-532A-4AB9-BA58-BDB9C9535599}\MpKsl2d35253d.sys [x]

R4 MpKsl52d2512a;MpKsl52d2512a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKsl52d2512a.sys [x]

R4 MpKsl75a794c6;MpKsl75a794c6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{94810CF2-A2C3-40AA-9318-2A6BD12F9F80}\MpKsl75a794c6.sys [x]

R4 MpKsl75b08b33;MpKsl75b08b33;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D65724E6-01F8-4B8A-BA77-189E6F21FD85}\MpKsl75b08b33.sys [x]

R4 MpKsl8cf43cdb;MpKsl8cf43cdb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F5A7877-AF4D-4AD7-808A-8C9581650AEC}\MpKsl8cf43cdb.sys [x]

R4 MpKslc93cedb2;MpKslc93cedb2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKslc93cedb2.sys [x]

R4 MpKsle580181c;MpKsle580181c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3B3F112D-17D8-4E3E-BCE5-9B1A6F11ADCE}\MpKsle580181c.sys [x]

R4 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]

R4 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R4 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R4 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [x]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]

S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [x]

S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]

S2 nmsunidr;UniDriver for NMS;c:\windows\system32\DRIVERS\nmsunidr.sys [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x]

S2 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [x]

S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [x]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - mfeavfk01

*Deregistered* - pavboot

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

GPSvcGroup REG_MULTI_SZ GPSvc

.

Inhoud van de 'Gedeelde Taken' map

.

2012-12-20 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-18 21:55]

.

2012-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:12]

.

2012-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:12]

.

2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2105529871-2663039784-3143822886-1001Core.job

- c:\users\Ludo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 09:52]

.

2012-12-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2105529871-2663039784-3143822886-1001UA.job

- c:\users\Ludo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 09:52]

.

2012-12-21 c:\windows\Tasks\USNLZSJ.job

- c:\windows\system32\C_1149W.dll [2012-12-10 08:28]

.

.

------- Bijkomende Scan -------

.

uStart Page = about:blank

mSearch Bar = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000

Trusted Zone: dexia.be

Trusted Zone: dexia.be\directnet

Trusted Zone: exact.nl

Trusted Zone: exactonline.be

Trusted Zone: exactonline.be\start

Trusted Zone: fortuneo.be\www

TCP: DhcpNameServer = 192.168.2.254

FF - ProfilePath - c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=F9A8E3AD7E1C78DC700BC3508F36C877

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

FF - ExtSQL: 2012-10-29 18:42; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF - ExtSQL: 2012-10-30 03:09; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack

.

- - - - ORPHANS VERWIJDERD - - - -

.

HKCU-Run-ISUSPM - c:\programdata\FLEXnet\Connect\11\ISUSPM.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync]

"DisplayName"="Microsoft ActiveSync"

"Name"="ActiveSync"

"Order"=dword:00000001

"Param1"="ActiveSync"

"State"=dword:00000013

"Type"="wellknown"

.

[HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings]

"Name"="IESettings"

"Order"=dword:00000004

"State"=dword:00000003

"Type"="IESettings"

.

[HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles]

"Name"="MediaFiles"

"Order"=dword:00000003

"State"=dword:00000003

"Type"="MediaFiles"

.

[HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW]

"Name"="NPW"

"Order"=dword:00000002

"Param1"="NPW"

"State"=dword:00000003

"Type"="wellknown"

.

[HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook]

"DisplayName"="Microsoft Outlook"

"Name"="Outlook"

"Order"=dword:00000000

"Param1"="Outlook"

"State"=dword:00000020

"Type"="wellknown"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-12-21 11:31:08

ComboFix-quarantined-files.txt 2012-12-21 10:31

ComboFix2.txt 2012-12-21 00:10

ComboFix3.txt 2012-12-19 20:47

.

Pre-Run: 85 380 571 136 bytes beschikbaar

Post-Run: 85 327 106 048 bytes beschikbaar

.

- - End Of File - - D7803692BBDA61DEDE1CE46C00286CA2

- - - Updated - - -

ComboFix 12-12-20.02 - Ludo 21-12-2012 11:11:37.3.4 - x86

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.3070.1856 [GMT 1:00]

Gestart vanuit: c:\users\Ludo\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Ludo\Desktop\CFScript

AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}

AV: McAfee VirusScan Enterprise *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}

SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-11-21 to 2012-12-21 ))))))))))))))))))))))))))))))

.

.

2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\Lieve\AppData\Local\temp

2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp

2012-12-21 10:26 . 2012-12-21 10:26 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-21 07:46 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll

2012-12-21 07:46 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-21 00:04 . 2012-12-21 10:26 -------- d-----w- c:\users\Ludo\AppData\Local\temp

2012-12-20 21:35 . 2012-12-20 21:35 -------- d-----w- c:\program files\Leadtek

2012-12-20 21:25 . 2012-12-20 21:25 -------- d-----w- c:\programdata\PDF Architect

2012-12-20 13:24 . 2012-12-20 13:24 -------- d-----w- c:\program files\iPod

2012-12-20 13:24 . 2012-12-20 13:25 -------- d-----w- c:\program files\iTunes

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll

2012-12-20 13:20 . 2012-12-20 13:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll

2012-12-20 13:19 . 2012-12-20 13:20 -------- d-----w- c:\program files\QuickTime

2012-12-20 13:17 . 2012-12-20 13:17 -------- d-----w- c:\program files\Bonjour

2012-12-17 19:08 . 2012-12-17 19:08 388096 ----a-r- c:\users\Ludo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-12-17 09:17 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX

2012-12-17 09:17 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL

2012-12-17 09:17 . 2012-12-17 09:18 -------- d-----w- c:\program files\PDFCreator

2012-12-14 18:01 . 2012-12-14 18:01 -------- d-----w- c:\programdata\Ad-Aware Antivirus

2012-12-14 17:58 . 2012-12-14 17:58 -------- d-----w- c:\programdata\Lavasoft

2012-12-14 17:58 . 2012-12-20 21:03 -------- d-----w- c:\program files\Ad-Aware Antivirus

2012-12-14 17:57 . 2012-12-14 17:57 44424 ----a-w- c:\windows\system32\sbbd.exe

2012-12-14 17:57 . 2012-12-14 17:57 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys

2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\program files\adawaretb

2012-12-14 17:57 . 2012-12-14 17:57 -------- d-----w- c:\program files\Toolbar Cleaner

2012-12-14 17:56 . 2012-12-15 21:34 -------- d-----w- c:\users\Ludo\AppData\Roaming\Ad-Aware Antivirus

2012-12-13 01:12 . 2012-12-13 01:13 -------- d-----w- c:\users\Ludo\AppData\Roaming\PDF Architect

2012-12-12 11:43 . 2012-11-22 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys

2012-12-10 23:39 . 2012-12-10 23:39 -------- d-----w- c:\users\Ludo\AppData\Roaming\APP_NAME_NON_STRING

2012-12-10 23:38 . 2012-10-28 17:32 88576 ----a-w- c:\windows\system32\pdfcmon.dll

2012-12-10 08:28 . 2012-12-10 08:28 122880 --sha-r- c:\windows\system32\C_1149W.dll

2012-12-07 08:03 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A799F2D-49BD-408D-B9FD-B7922F014CC0}\mpengine.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-15 21:38 . 2012-07-17 23:59 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-15 21:38 . 2012-07-17 23:19 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts

2012-10-16 07:39 . 2012-11-28 00:48 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-10-10 20:15 . 2012-10-10 20:15 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-10-10 20:15 . 2012-10-10 20:15 2574696 ----a-w- c:\windows\system32\nvcuvid.dll

2012-10-10 20:14 . 2012-10-10 20:14 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll

2012-10-10 20:14 . 2009-07-13 22:09 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll

2012-10-10 20:14 . 2012-10-10 20:14 17559912 ----a-w- c:\windows\system32\nvcompiler.dll

2012-10-10 20:14 . 2009-07-14 23:54 2428776 ----a-w- c:\windows\system32\nvapi.dll

2012-10-10 20:14 . 2012-10-10 20:14 7697768 ----a-w- c:\windows\system32\nvcuda.dll

2012-10-10 20:14 . 2012-10-10 20:14 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-10-10 20:14 . 2012-10-10 20:14 19906920 ----a-w- c:\windows\system32\nvoglv32.dll

2012-10-10 20:14 . 2011-08-13 22:43 1009512 ----a-w- c:\windows\system32\nvdispco32.dll

2012-10-10 20:14 . 2012-10-10 20:14 6127464 ----a-w- c:\windows\system32\nvopencl.dll

2012-10-10 20:14 . 2012-10-10 20:14 15309160 ----a-w- c:\windows\system32\nvd3dum.dll

2012-10-09 17:40 . 2012-11-14 12:21 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-14 12:21 193536 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-10-03 16:58 . 2012-11-14 12:21 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-10-03 16:42 . 2012-11-14 12:21 52224 ----a-w- c:\windows\system32\nlaapi.dll

2012-10-03 16:42 . 2012-11-14 12:21 242176 ----a-w- c:\windows\system32\nlasvc.dll

2012-10-03 16:42 . 2012-11-14 12:21 175104 ----a-w- c:\windows\system32\netcorehc.dll

2012-10-03 16:42 . 2012-11-14 12:21 18944 ----a-w- c:\windows\system32\netevent.dll

2012-10-03 16:42 . 2012-11-14 12:21 156672 ----a-w- c:\windows\system32\ncsi.dll

2012-10-03 16:40 . 2012-11-14 12:21 499712 ----a-w- c:\windows\system32\iphlpsvc.dll

2012-10-03 15:21 . 2012-11-14 12:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2012-10-02 19:29 . 2010-10-16 11:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe

2012-10-02 19:29 . 2011-08-12 08:58 2557288 ----a-w- c:\windows\system32\nvsvcr.dll

2012-10-02 19:29 . 2010-10-16 11:42 108392 ----a-w- c:\windows\system32\nvmctray.dll

2012-10-02 19:29 . 2009-07-14 11:29 62312 ----a-w- c:\windows\system32\nvshext.dll

2012-10-02 19:29 . 2010-10-16 11:42 2853224 ----a-w- c:\windows\system32\nvsvc.dll

2012-10-02 19:28 . 2010-10-16 11:42 3965288 ----a-w- c:\windows\system32\nvcpl.dll

2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\system32\nvStreaming.exe

2012-09-25 22:47 . 2012-11-14 12:21 78336 ----a-w- c:\windows\system32\synceng.dll

2012-09-24 21:16 . 2012-10-25 06:31 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

1999-06-25 07:55 . 2008-05-09 14:22 149504 ----a-w- c:\program files\UNWISE.EXE

2012-11-29 08:26 . 2012-12-05 22:52 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-28 39408]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-08-28 247768]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-06-04 2056192]

"Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-10-03 161336]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2011-01-12 161088]

"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2011-09-14 215360]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]

.

c:\users\Ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled

OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer3"=wdmaud.drv

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk]

backup=c:\windows\pss\PDFCreator.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^Ludo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk]

backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]

2007-04-03 16:50 1603152 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]

2007-05-14 16:01 644696 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCUTRAYICON]

2007-06-27 09:18 215256 ----a-w- c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]

2010-11-20 12:17 144384 ----a-w- c:\windows\ehome\ehtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui]

2011-05-13 14:27 884584 ----a-w- c:\program files\Windows Live\Family Safety\fsui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]

2007-10-08 22:19 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2012-12-12 12:57 152544 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2011-05-13 15:03 4283256 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NMSSupport]

2007-06-27 09:14 439512 ----a-w- c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

2012-10-02 19:28 3965288 ----a-w- c:\windows\System32\nvcpl.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

2012-10-02 19:29 108392 ----a-w- c:\windows\System32\nvmctray.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]

2012-10-02 19:29 2853224 ----a-w- c:\windows\System32\nvsvc.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]

2007-02-04 11:02 79400 ----a-w- c:\program files\ScanSoft\OmniPageSE4\OpWareSE4.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

2007-11-14 14:50 4706304 ----a-w- c:\windows\RtHDVCpl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]

2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]

2007-02-09 13:54 16896 ----a-w- c:\program files\GoogleEULA\EULALauncher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService]

2007-10-19 16:42 155648 ----a-w- c:\program files\HomeCinema\TV Enhance\TVEService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]

2010-11-20 12:20 859648 ----a-w- c:\windows\System32\OobeFldr.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

2009-07-14 01:14 65024 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe]

2006-09-20 07:35 20480 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\WrtMon.exe

.

R2 gupdate1c9f90f25e0dfb8;Google Updateservice (gupdate1c9f90f25e0dfb8);c:\program files\Google\Update\GoogleUpdate.exe [x]

R2 MSR Service;Virtual Disk Service Manager;c:\program files\Clarus\Samsung SecretZone\MSSvc.exe [x]

R2 NMSCore;Intel® NMSCore;c:\program files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [x]

R2 QualityManager;Intel® Quality Manager;c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [x]

R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [x]

R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [x]

R3 DHTRACE;Intel® DHTrace Controller;c:\program files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [x]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]

R3 netr28u;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr28u.sys [x]

R3 OXSDIDRV_x32;Oxford Semi eSATA Filter (x32);c:\windows\system32\DRIVERS\OXSDIDRV_x32.sys [x]

R3 OXUDIDRV;OXUDIDRV;c:\windows\system32\Drivers\OXUDIDRV_X32.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [x]

R4 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]

R4 MpKsl03370312;MpKsl03370312;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D65724E6-01F8-4B8A-BA77-189E6F21FD85}\MpKsl03370312.sys [x]

R4 MpKsl035317aa;MpKsl035317aa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8D4B61E3-255E-4C75-AC01-B88E4320087E}\MpKsl035317aa.sys [x]

R4 MpKsl0b7e66dc;MpKsl0b7e66dc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{27996703-9CDD-4146-B5F9-9DA9E80A824C}\MpKsl0b7e66dc.sys [x]

R4 MpKsl1b904031;MpKsl1b904031;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKsl1b904031.sys [x]

R4 MpKsl2d35253d;MpKsl2d35253d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2A3AB075-532A-4AB9-BA58-BDB9C9535599}\MpKsl2d35253d.sys [x]

R4 MpKsl52d2512a;MpKsl52d2512a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKsl52d2512a.sys [x]

R4 MpKsl75a794c6;MpKsl75a794c6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{94810CF2-A2C3-40AA-9318-2A6BD12F9F80}\MpKsl75a794c6.sys [x]

R4 MpKsl75b08b33;MpKsl75b08b33;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D65724E6-01F8-4B8A-BA77-189E6F21FD85}\MpKsl75b08b33.sys [x]

R4 MpKsl8cf43cdb;MpKsl8cf43cdb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F5A7877-AF4D-4AD7-808A-8C9581650AEC}\MpKsl8cf43cdb.sys [x]

R4 MpKslc93cedb2;MpKslc93cedb2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{421A61CA-153C-4A30-9B04-42FC3756D02A}\MpKslc93cedb2.sys [x]

R4 MpKsle580181c;MpKsle580181c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3B3F112D-17D8-4E3E-BCE5-9B1A6F11ADCE}\MpKsle580181c.sys [x]

R4 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]

R4 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R4 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R4 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [x]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]

S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [x]

S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]

S2 nmsunidr;UniDriver for NMS;c:\windows\system32\DRIVERS\nmsunidr.sys [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x]

S2 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [x]

S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [x]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - mfeavfk01

*Deregistered* - pavboot

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

GPSvcGroup REG_MULTI_SZ GPSvc

.

Inhoud van de 'Gedeelde Taken' map

.

2012-12-20 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-18 21:55]

.

2012-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:12]

.

2012-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:12]

.

2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2105529871-2663039784-3143822886-1001Core.job

- c:\users\Ludo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 09:52]

.

2012-12-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2105529871-2663039784-3143822886-1001UA.job

- c:\users\Ludo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 09:52]

.

2012-12-21 c:\windows\Tasks\USNLZSJ.job

- c:\windows\system32\C_1149W.dll [2012-12-10 08:28]

.

.

------- Bijkomende Scan -------

.

uStart Page = about:blank

mSearch Bar = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000

Trusted Zone: dexia.be

Trusted Zone: dexia.be\directnet

Trusted Zone: exact.nl

Trusted Zone: exactonline.be

Trusted Zone: exactonline.be\start

Trusted Zone: fortuneo.be\www

TCP: DhcpNameServer = 192.168.2.254

FF - ProfilePath - c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=F9A8E3AD7E1C78DC700BC3508F36C877

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

FF - ExtSQL: 2012-10-29 18:42; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF - ExtSQL: 2012-10-30 03:09; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack

.

- - - - ORPHANS VERWIJDERD - - - -

.

HKCU-Run-ISUSPM - c:\programdata\FLEXnet\Connect\11\ISUSPM.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync]

"DisplayName"="Microsoft ActiveSync"

"Name"="ActiveSync"

"Order"=dword:00000001

"Param1"="ActiveSync"

"State"=dword:00000013

"Type"="wellknown"

.

[HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings]

"Name"="IESettings"

"Order"=dword:00000004

"State"=dword:00000003

"Type"="IESettings"

.

[HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles]

"Name"="MediaFiles"

"Order"=dword:00000003

"State"=dword:00000003

"Type"="MediaFiles"

.

[HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW]

"Name"="NPW"

"Order"=dword:00000002

"Param1"="NPW"

"State"=dword:00000003

"Type"="wellknown"

.

[HKEY_USERS\S-1-5-21-2105529871-2663039784-3143822886-1001\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook]

"DisplayName"="Microsoft Outlook"

"Name"="Outlook"

"Order"=dword:00000000

"Param1"="Outlook"

"State"=dword:00000020

"Type"="wellknown"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-12-21 11:31:08

ComboFix-quarantined-files.txt 2012-12-21 10:31

ComboFix2.txt 2012-12-21 00:10

ComboFix3.txt 2012-12-19 20:47

.

Pre-Run: 85 380 571 136 bytes beschikbaar

Post-Run: 85 327 106 048 bytes beschikbaar

.

- - End Of File - - D7803692BBDA61DEDE1CE46C00286CA2

- - - Updated - - -

Oeps, had uw nieuw bericht nog niet gezien!

Aangezien ik gisteren ComboFix had laten draaien zonder mijn virusscanner uit te schakelen, heb ik het opnieuw gedaan.

Sorry!

Zal nu ADWCleaner uitvoeren zoals u aangaf.

Bedankt voor de hulp totnogtoe.

Tot straks.

Geplaatst:

# AdwCleaner v2.101 - Verslag gemaakt op 21/12/2012 om 11:48:55

# Geactualiseerd op 16/12/2012 door Xplode

# Besturingssysteem : Windows 7 Ultimate Service Pack 1 (32 bits)

# Gebruiker : Ludo - PC_VAN_LUDO

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Users\Ludo\Desktop\adwcleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

Map Verwijdert : C:\Program Files\Ask.com

Map Verwijdert : C:\ProgramData\Trymedia

Map Verwijdert : C:\Users\Ludo\AppData\Local\AskToolbar

Map Verwijdert : C:\Users\Ludo\AppData\LocalLow\boost_interprocess

Map Verwijdert : C:\Users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\Conduit

Map Verwijdert : C:\Users\Ludo\AppData\Roaming\OpenCandy

Map Verwijdert : C:\Users\Ludo\AppData\Roaming\pdfforge

***** [Register] *****

Sleutel Verwijdert : HKCU\Software\Conduit

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Sleutel Verwijdert : HKCU\Software\Softonic

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\b

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escrtBtn.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap

Sleutel Verwijdert : HKLM\Software\Conduit

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

***** [browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Mozilla Firefox v17.0.1 (nl)

Profielnaam : default

File : C:\Users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\prefs.js

C:\Users\Ludo\AppData\Roaming\Mozilla\Firefox\Profiles\qn8j0uwz.default\user.js ... Verwijdert !

Verwijdert : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");

Verwijdert : user_pref("CT2438727.CTID", "CT2438727");

Verwijdert : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0");

Verwijdert : user_pref("CT2438727.CurrentServerDate", "11-8-2010");

Verwijdert : user_pref("CT2438727.DialogsAlignMode", "LTR");

Verwijdert : user_pref("CT2438727.DownloadReferralCookieData", "");

Verwijdert : user_pref("CT2438727.FirstServerDate", "26-6-2010");

Verwijdert : user_pref("CT2438727.FirstTime", true);

Verwijdert : user_pref("CT2438727.FirstTimeFF3", true);

Verwijdert : user_pref("CT2438727.FirstTimeSettingsDone", true);

Verwijdert : user_pref("CT2438727.GroupingInvalidateCache", false);

Verwijdert : user_pref("CT2438727.GroupingLastCheckTime", "0");

Verwijdert : user_pref("CT2438727.GroupingLastServerUpdateTime", "0");

Verwijdert : user_pref("CT2438727.GroupingServerCheckInterval", 1440);

Verwijdert : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");

Verwijdert : user_pref("CT2438727.Initialize", true);

Verwijdert : user_pref("CT2438727.InitializeCommonPrefs", true);

Verwijdert : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3);

Verwijdert : user_pref("CT2438727.InstalledDate", "Fri Jun 25 2010 23:27:10 GMT+0200 (Romance (zomertijd))");

Verwijdert : user_pref("CT2438727.InvalidateCache", false);

Verwijdert : user_pref("CT2438727.IsGrouping", false);

Verwijdert : user_pref("CT2438727.IsMulticommunity", false);

Verwijdert : user_pref("CT2438727.IsOpenThankYouPage", true);

Verwijdert : user_pref("CT2438727.IsOpenUninstallPage", true);

Verwijdert : user_pref("CT2438727.LanguagePackLastCheckTime", "Wed Aug 11 2010 08:36:08 GMT+0200 (Romance (zomert[...]

Verwijdert : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);

Verwijdert : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]

Verwijdert : user_pref("CT2438727.LastLogin_2.5.8.6", "Tue Jul 20 2010 19:20:57 GMT+0200 (Romance (zomertijd))");

Verwijdert : user_pref("CT2438727.LastLogin_2.7.1.3", "Wed Aug 11 2010 20:36:08 GMT+0200 (Romance (zomertijd))");

Verwijdert : user_pref("CT2438727.LatestVersion", "2.7.1.3");

Verwijdert : user_pref("CT2438727.Locale", "en");

Verwijdert : user_pref("CT2438727.LoginCache", 4);

Verwijdert : user_pref("CT2438727.MCDetectTooltipHeight", "83");

Verwijdert : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

Verwijdert : user_pref("CT2438727.MCDetectTooltipWidth", "295");

Verwijdert : user_pref("CT2438727.RadioLastCheckTime", "0");

Verwijdert : user_pref("CT2438727.RadioLastUpdateIPServer", "0");

Verwijdert : user_pref("CT2438727.RadioLastUpdateServer", "0");

Verwijdert : user_pref("CT2438727.SHRINK_TOOLBAR", 1);

Verwijdert : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]

Verwijdert : user_pref("CT2438727.SearchFromAddressBarIsInit", true);

Verwijdert : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]

Verwijdert : user_pref("CT2438727.SearchInNewTabEnabled", true);

Verwijdert : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);

Verwijdert : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Wed Aug 11 2010 21:18:09 GMT+0200 (Romance (zome[...]

Verwijdert : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]

Verwijdert : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]

Verwijdert : user_pref("CT2438727.SettingsCheckIntervalMin", 120);

Verwijdert : user_pref("CT2438727.SettingsLastCheckTime", "Wed Aug 11 2010 19:43:46 GMT+0200 (Romance (zomertijd)[...]

Verwijdert : user_pref("CT2438727.SettingsLastUpdate", "1280964427");

Verwijdert : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);

Verwijdert : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Tue Aug 10 2010 20:02:56 GMT+0200 (Romance (zo[...]

Verwijdert : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1278548974");

Verwijdert : user_pref("CT2438727.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]

Verwijdert : user_pref("CT2438727.UserID", "UN28179037069844472");

Verwijdert : user_pref("CT2438727.ValidationData_Toolbar", 2);

Verwijdert : user_pref("CT2438727.alertChannelId", "832836");

Verwijdert : user_pref("CT2438727.clientLogIsEnabled", false);

Verwijdert : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]

Verwijdert : user_pref("CT2438727.myStuffEnabled", true);

Verwijdert : user_pref("CT2438727.myStuffPublihserMinWidth", 400);

Verwijdert : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]

Verwijdert : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);

Verwijdert : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]

Verwijdert : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]

Verwijdert : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]

Verwijdert : user_pref("CommunityToolbar.ToolbarsList", "CT2438727");

Verwijdert : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727");

Verwijdert : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);

Verwijdert : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Aug 11 2010 21:43:46 GMT+0200 (Roman[...]

Verwijdert : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");

Verwijdert : user_pref("CommunityToolbar.alert.locale", "en");

Verwijdert : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

Verwijdert : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Aug 11 2010 21:18:09 GMT+0200 (Romance ([...]

Verwijdert : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1276093853");

Verwijdert : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);

Verwijdert : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");

Verwijdert : user_pref("CommunityToolbar.alert.showTrayIcon", false);

Verwijdert : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

Verwijdert : user_pref("CommunityToolbar.alert.userId", "{45b12261-5635-47f4-b643-fbc3ec92785f}");

Verwijdert : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");

Verwijdert : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");

Verwijdert : user_pref("browser.search.order.1", "Search the web (Babylon)");

Verwijdert : user_pref("extensions.BabylonToolbar.admin", false);

Verwijdert : user_pref("extensions.BabylonToolbar.aflt", "babsst");

Verwijdert : user_pref("extensions.BabylonToolbar.babExt", "");

Verwijdert : user_pref("extensions.BabylonToolbar.babTrack", "affID=107763");

Verwijdert : user_pref("extensions.BabylonToolbar.bbDpng", 2);

Verwijdert : user_pref("extensions.BabylonToolbar.dfltSrch", false);

Verwijdert : user_pref("extensions.BabylonToolbar.hmpg", false);

Verwijdert : user_pref("extensions.BabylonToolbar.id", "ce50de3d000000000000001167000000");

Verwijdert : user_pref("extensions.BabylonToolbar.instlDay", "15309");

Verwijdert : user_pref("extensions.BabylonToolbar.instlRef", "sst");

Verwijdert : user_pref("extensions.BabylonToolbar.lastDP", 2);

Verwijdert : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1723:45:22");

Verwijdert : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "8.0");

Verwijdert : user_pref("extensions.BabylonToolbar.newTab", true);

Verwijdert : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");

Verwijdert : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);

Verwijdert : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

Verwijdert : user_pref("extensions.BabylonToolbar.propectorlck", 61342229);

Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 1);

Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);

Verwijdert : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

Verwijdert : user_pref("extensions.BabylonToolbar.ptch_0717", true);

Verwijdert : user_pref("extensions.BabylonToolbar.smplGrp", "none");

Verwijdert : user_pref("extensions.BabylonToolbar.srcExt", "ss");

Verwijdert : user_pref("extensions.BabylonToolbar.tlbrId", "base");

Verwijdert : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");

Verwijdert : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1723:45:22");

Verwijdert : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Ludo\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[s1].txt - [11598 octets] - [21/12/2012 11:48:55]

########## EOF - C:\AdwCleaner[s1].txt - [11659 octets] ##########

- - - Updated - - -

Probleem nog niet opgelost.

In IE9 wordt ik in google omgeleid naar:

http://worddictionary.com.au/?utm_source=aip&utm_medium=optional&utm_term=optional&utm_content=optional&utm_campaign=CampaignName

Geplaatst:

Je hoeft de bestanden niet door te mailen; ik had enkel de naam van de bestanden nodig om te controleren of de procedure mvps hosts uit bericht nr 4 correct was uitgevoerd.

De procedure is correct uitgevoerd.

Kan je IE herstellen naar de standaardwaarden?

- Open Internet explorer.

- Druk op de Alt toets op je toetsenbord. Er verschijnt een menu.

- Ga naar het menu Extra en kies Internetopties.

- Op de tab Geavanceerd klik je onderaan op de knop Opnieuw instellen...

- Klik nogmaals op Opnieuw instellen.

- Klik op Sluiten en herstart internet explorer.

Opmerking:

Bovenstaande procedure kan ook volautomatisch gebeuren, door dit programma te downloaden en uit te voeren: reset IE naar standaardinstellingen (klik erop).

Meer info over het opnieuw instellen van IE, vindt u hier.

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.