Windows verkenner Fout

[MikeSchellaars]

Ik heb al paar dagen laast van Windows Verkenner fout , heb alles al geprobeert van mogelijkheiden die der zijn en kom er niet meer uit.

Wat heb ik al gebrijkt : malware , Hijack , herstel enz.

Mischien kunnen jullie wel iets vinden denk dat Baylon het probleem is maar die krijg ik er niet uit hij komt steeds terug .

Hier onder heb ik me HiJackThis Files mischien hebben jullie meer zicht der op wat der fout is.

Mvg

Mike

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 9:55:58, on 18-12-2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16457)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe

C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Users\Mike\AppData\Local\Pokki\v0.260.8.396\pokki.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\vsnp2uvc.exe

C:\Users\Mike\AppData\Local\Pokki\v0.260.8.396\pokki.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe

C:\Users\Mike\AppData\Local\Pokki\v0.260.8.396\pokki.exe

C:\Users\Mike\Downloads\HijackThis.exe

C:\Windows\SysWOW64\DllHost.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)

O4 - HKUS\S-1-5-21-2353280605-2388377470-476608550-1000\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (User 'UpdatusUser')

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\fshoster32.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 7455 bytes

[Mako]

Hallo Mike,

Welkom op PCH!

1. Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:
   O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
   O20 - AppInit_DLLs: c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll
   Klik op 'Fix checked' om de items te verwijderen.
   Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.
   
2. Download ComboFix van één van deze locaties:
   Link 1
   Link 2
   
   * BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op
   1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:
   Klik hier
   2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
   3. Dubbelklik op "Combofix.exe" om de tool te starten.
   4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.
   Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.
   5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
   

[MikeSchellaars]

Ok heb het verwijdert hier zijn de combofix files

ComboFix 12-12-19.01 - Mike 19-12-2012 13:15:11.2.8 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6049.4452 [GMT 1:00]

Gestart vanuit: c:\users\Mike\Downloads\ComboFix.exe

AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-11-19 to 2012-12-19 ))))))))))))))))))))))))))))))

.

.

2012-12-19 12:21 . 2012-12-19 12:21 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-12-19 12:21 . 2012-12-19 12:21 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-18 19:43 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76252772-5675-4F19-A8D8-08DDBE610245}\mpengine.dll

2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\users\Mike\AppData\Roaming\Malwarebytes

2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\programdata\Malwarebytes

2012-12-17 19:45 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-12 19:32 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll

2012-12-12 19:32 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-12-12 19:30 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll

2012-12-12 19:30 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll

2012-12-12 16:33 . 2012-12-12 16:33 -------- d-----w- c:\users\Mike\AppData\Local\Adobe

2012-12-12 16:32 . 2012-12-12 17:56 -------- d-----w- c:\program files (x86)\Common Files\Adobe

2012-12-04 19:58 . 2012-12-07 02:46 -------- d-----w- c:\programdata\Browser Manager

2012-12-04 12:20 . 2012-12-17 19:19 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy

2012-12-04 12:20 . 2012-12-12 17:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-12-04 12:15 . 2012-12-12 17:55 -------- d-----w- c:\program files (x86)\F-Secure

2012-12-04 12:11 . 2012-12-04 12:15 -------- d-----w- c:\programdata\F-Secure

2012-12-03 16:12 . 2012-12-03 16:12 -------- d-----w- c:\program files (x86)\MocaFlix

2012-12-03 16:12 . 2012-12-03 16:12 -------- d-----w- c:\programdata\Premium

2012-12-03 16:12 . 2012-12-18 10:46 -------- d-----w- c:\programdata\SaveAs

2012-12-03 16:11 . 2012-12-03 16:13 -------- d-----w- c:\programdata\InstallMate

2012-11-29 20:57 . 2012-12-04 09:21 -------- d-----w- c:\program files (x86)\GoforFiles

2012-11-29 20:57 . 2012-11-29 20:57 -------- d-----w- c:\users\Mike\AppData\Roaming\GoforFiles

2012-11-28 17:47 . 2012-12-10 10:55 -------- d-----w- c:\programdata\Tarma Installer

2012-11-28 17:47 . 2012-12-04 20:00 -------- d-----w- c:\program files (x86)\TornTV.com

2012-11-28 17:41 . 2012-11-28 17:42 -------- d-----w- c:\users\Mike\AppData\Local\DownTango

2012-11-28 17:41 . 2012-11-28 17:41 -------- d-----w- c:\program files (x86)\Red Sky

2012-11-21 11:58 . 2012-11-21 11:58 -------- d-----w- c:\program files (x86)\SystemRequirementsLab

2012-11-21 11:58 . 2012-11-21 11:58 -------- d-----w- c:\users\Mike\AppData\Roaming\SystemRequirementsLab

2012-11-19 18:42 . 2012-12-03 14:53 -------- d-----r- c:\users\Mike\Dropbox

2012-11-19 17:48 . 2012-12-17 18:46 -------- d-----w- c:\users\Mike\AppData\Roaming\Dropbox

2012-11-19 14:01 . 2012-11-19 14:01 -------- d-----w- C:\found.000

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-19 12:11 . 2012-09-03 04:16 45056 ----a-w- c:\windows\system32\acovcnt.exe

2012-12-13 15:58 . 2012-09-07 04:21 67413224 ----a-w- c:\windows\system32\MRT.exe

2012-11-09 08:39 . 2012-11-09 08:39 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-11-09 08:39 . 2012-11-08 09:09 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2012-11-09 08:39 . 2012-11-08 09:09 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-11-05 19:09 . 2012-11-05 19:09 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2012-10-16 08:38 . 2012-11-27 23:22 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38 . 2012-11-27 23:22 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39 . 2012-11-27 23:22 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-10-10 01:22 . 2012-10-10 01:22 80384 ----a-w- c:\windows\system32\igdde64.dll

2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc

2012-10-10 01:22 . 2012-10-10 01:22 216064 ----a-w- c:\windows\system32\iglhcp64.dll

2012-10-10 01:22 . 2012-10-10 01:22 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll

2012-10-10 01:22 . 2012-10-10 01:22 5903392 ----a-w- c:\windows\system32\GfxUI.exe

2012-10-10 01:22 . 2012-10-10 01:22 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrhun.lrc

2012-10-10 01:22 . 2012-10-10 01:22 3776512 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll

2012-10-10 01:22 . 2012-10-10 01:22 10673664 ----a-w- c:\windows\SysWow64\ig4icd32.dll

2012-10-10 01:22 . 2012-10-10 01:22 64512 ----a-w- c:\windows\SysWow64\igdde32.dll

2012-10-10 01:22 . 2012-10-10 01:22 501760 ----a-w- c:\windows\system32\igfxcmrt64.dll

2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrus.lrc

2012-10-10 01:22 . 2012-10-10 01:22 431104 ----a-w- c:\windows\system32\igfxrkor.lrc

2012-10-10 01:22 . 2012-10-10 01:22 410624 ----a-w- c:\windows\system32\igfxTMM.dll

2012-10-10 01:22 . 2011-07-12 03:29 12836864 ----a-w- c:\windows\system32\igd10umd64.dll

2012-10-10 01:22 . 2011-07-12 03:29 110592 ----a-w- c:\windows\system32\hccutils.dll

2012-10-10 01:22 . 2012-10-10 01:22 330240 ----a-w- c:\windows\SysWow64\igfxdv32.dll

2012-10-10 01:22 . 2011-07-12 03:29 12604416 ----a-w- c:\windows\system32\igdumd64.dll

2012-10-10 01:22 . 2012-10-10 01:22 441888 ----a-w- c:\windows\system32\igfxpers.exe

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc

2012-10-10 01:22 . 2012-10-10 01:22 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll

2012-10-10 01:22 . 2012-10-10 01:22 5343584 ----a-w- c:\windows\system32\drivers\igdkmd64.sys

2012-10-10 01:22 . 2012-10-10 01:22 448512 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll

2012-10-10 01:22 . 2012-10-10 01:22 441856 ----a-w- c:\windows\system32\igfxdev.dll

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrnld.lrc

2012-10-10 01:22 . 2012-10-10 01:22 399392 ----a-w- c:\windows\system32\hkcmd.exe

2012-10-10 01:22 . 2012-10-10 01:22 272928 ----a-w- c:\windows\system32\igvpkrng600.bin

2012-10-10 01:22 . 2012-10-10 01:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl

2012-10-10 01:22 . 2012-10-10 01:22 116224 ----a-w- c:\windows\system32\igfxCoIn_v2867.dll

2012-10-10 01:22 . 2011-07-12 03:29 63488 ----a-w- c:\windows\system32\igfxsrvc.dll

2012-10-10 01:22 . 2011-07-12 03:29 9007616 ----a-w- c:\windows\system32\igfxress.dll

2012-10-10 01:22 . 2012-10-10 01:22 604160 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll

2012-10-10 01:22 . 2012-10-10 01:22 4571136 ----a-w- c:\windows\system32\igfxcmjit64.dll

2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxresn.lrc

2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrom.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrsve.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrslv.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrnor.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrdan.lrc

2012-10-10 01:22 . 2012-10-10 01:22 277024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe

2012-10-10 01:22 . 2012-10-10 01:22 185376 ----a-w- c:\windows\system32\difx64.exe

2012-10-10 01:22 . 2012-10-10 01:22 173568 ----a-w- c:\windows\system32\gfxSrvc.dll

2012-10-10 01:22 . 2012-10-10 01:22 12887040 ----a-w- c:\windows\system32\ig4icd64.dll

2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrheb.lrc

2012-10-10 01:22 . 2012-10-10 01:22 429056 ----a-w- c:\windows\system32\igfxrcht.lrc

2012-10-10 01:22 . 2012-10-10 01:22 171040 ----a-w- c:\windows\system32\igfxtray.exe

2012-10-10 01:22 . 2011-07-12 03:29 11158528 ----a-w- c:\windows\SysWow64\igd10umd32.dll

2012-10-10 01:22 . 2012-10-10 01:22 509984 ----a-w- c:\windows\system32\igfxsrvc.exe

2012-10-10 01:22 . 2012-10-10 01:22 440320 ----a-w- c:\windows\system32\igfxrell.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrptg.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrplk.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrita.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrfin.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrtha.lrc

2012-10-10 01:22 . 2012-10-10 01:22 428544 ----a-w- c:\windows\system32\igfxrchs.lrc

2012-10-10 01:22 . 2012-10-10 01:22 286208 ----a-w- c:\windows\system32\igfxrenu.lrc

2012-10-10 01:22 . 2012-10-10 01:22 142336 ----a-w- c:\windows\system32\igfxdo.dll

2012-10-10 01:22 . 2012-10-10 01:22 963452 ----a-w- c:\windows\system32\igcodeckrng600.bin

2012-10-10 01:22 . 2012-10-10 01:22 482304 ----a-w- c:\windows\system32\igfx11cmrt64.dll

2012-10-10 01:22 . 2012-10-10 01:22 386048 ----a-w- c:\windows\system32\igfxpph.dll

2012-10-10 01:22 . 2012-10-10 01:22 524800 ----a-w- c:\windows\system32\iglhsip64.dll

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrsky.lrc

2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrara.lrc

2012-10-10 01:22 . 2012-10-10 01:22 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc

2012-10-10 01:22 . 2012-10-10 01:22 28672 ----a-w- c:\windows\system32\igfxexps.dll

2012-10-10 01:22 . 2012-10-10 01:22 252448 ----a-w- c:\windows\system32\igfxext.exe

2012-10-10 01:22 . 2011-07-12 03:29 11040256 ----a-w- c:\windows\SysWow64\igdumd32.dll

2012-10-10 01:22 . 2012-10-10 01:22 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll

2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxrfra.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrptb.lrc

2012-10-09 18:17 . 2012-11-15 05:11 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-10-09 18:17 . 2012-11-15 05:11 226816 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-10-09 17:40 . 2012-11-15 05:11 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-15 05:11 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll

2012-10-09 16:09 . 2012-09-03 08:37 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-09 16:09 . 2012-09-03 08:37 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-10-09 15:35 . 2012-09-03 04:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll

2012-10-09 15:35 . 2012-09-03 04:14 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll

2012-10-08 10:42 . 2012-10-08 10:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll

2012-10-08 10:42 . 2012-10-08 10:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-10-08 10:42 . 2012-10-08 10:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll

2012-10-08 10:42 . 2012-10-08 10:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll

2012-10-08 10:42 . 2012-10-08 10:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-10-08 10:42 . 2012-10-08 10:42 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2012-10-08 10:42 . 2012-10-08 10:42 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-10-08 10:42 . 2012-09-03 03:52 973672 ----a-w- c:\windows\system32\nvumdshimx.dll

2012-10-08 10:42 . 2012-10-08 10:42 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll

2012-10-08 10:42 . 2012-10-08 10:42 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2012-10-08 10:42 . 2012-10-08 10:42 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"midi2"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-05 1255736]

R3 X6va010;X6va010;c:\windows\SysWOW64\Drivers\X6va010 [x]

R4 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]

R4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]

R4 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]

R4 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe [2012-12-05 2403352]

R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]

R4 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]

R4 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312]

R4 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [2012-08-28 188760]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]

S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-11-05 30568]

S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]

S2 fshoster;F-Secure Dll Hoster;c:\program files (x86)\F-Secure\fshoster32.exe [2012-10-19 183864]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]

S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-05 711112]

S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]

S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]

S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]

S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-02-25 302592]

S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-02-25 81920]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2012-12-19 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-03 16:09]

.

2012-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2353280605-2388377470-476608550-1001Core.job

- c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 12:04]

.

2012-12-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2353280605-2388377470-476608550-1001UA.job

- c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 12:04]

.

2012-12-19 c:\windows\Tasks\SDMsgUpdate (TE).job

- c:\progra~2\SMARTD~1\Messages\SDNotify.exe [2012-09-18 18:22]

.

2012-12-19 c:\windows\Tasks\SpeedUpMyPC.job

- c:\program files (x86)\Uniblue\SpeedUpMyPC\sump.exe [2012-09-16 18:44]

.

2012-12-19 c:\windows\Tasks\spmonitor.job

- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2012-09-16 18:44]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]

@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"

[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]

2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]

@="{64174815-8D98-4CE6-8646-4C039977D808}"

[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]

2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]

"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]

"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384]

"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU]

"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]

"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]

"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]

"snp2uvc"="c:\windows\vsnp2uvc.exe" [2010-01-21 909824]

"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SYSTEM32\blank.htm

TCP: DhcpNameServer = 10.0.104.10 10.0.104.12 10.0.104.13

FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\

FF - prefs.js: browser.search.defaulturl - hxxp://websearch.mocaflix.com/?l=1&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://google.nl/

FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B9f8edb98-7e0f-4016-b856-92139e8692c6%7D&mid=&ds=&v=13.2.0.5〈=&pr=&d=2012-11-19%2012%3A32%3A51&sap=ku&q=

FF - ExtSQL: 2012-11-05 20:09; avg@toolbar; c:\programdata\AVG Secure Search\FireFoxExt\13.2.0.5

FF - ExtSQL: 2012-11-28 18:47; torntv@torntv.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\torntv@torntv.com.xpi

FF - ExtSQL: 2012-12-03 17:26; 50bcd2c768e4c@50bcd2c768e85.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\50bcd2c768e4c@50bcd2c768e85.com

FF - ExtSQL: 2012-12-04 20:58; plugin@yontoo.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\plugin@yontoo.com

FF - user.js: extensions.incredibar_i.newTab - false

FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyOixHaUC&loc=IB_TB&i=26&search=

FF - user.js: extensions.incredibar_i.id - 98be2cd90000000000005404a61f5d88

FF - user.js: extensions.incredibar_i.instlDay - 15599

FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1415:29

FF - user.js: extensions.incredibar_i.prtnrId - Incredibar

FF - user.js: extensions.incredibar_i.prdct - incredibar

FF - user.js: extensions.incredibar_i.aflt - orgnl

FF - user.js: extensions.incredibar_i.smplGrp - none

FF - user.js: extensions.incredibar_i.tlbrId - base

FF - user.js: extensions.incredibar_i.instlRef -

FF - user.js: extensions.incredibar_i.dfltLng -

FF - user.js: extensions.incredibar_i.excTlbr - false

FF - user.js: extensions.incredibar_i.ms_url_id -

FF - user.js: extensions.incredibar_i.upn2 - 6OyOixHaUC

FF - user.js: extensions.incredibar_i.upn2n - 92262116453516502

FF - user.js: extensions.incredibar_i.productid - 26

FF - user.js: extensions.incredibar_i.installerproductid - 26

FF - user.js: extensions.incredibar_i.did - 10671

FF - user.js: extensions.incredibar_i.ppd - 7777743

FF - user.js: extentions.y2layers.installId - f85293e5-0d7b-403f-9963-8849c7766698

FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,buzzdock,YontooNewOffers

FF - user.js: extensions.autoDisableScopes - 14

FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=98be2cd90000000000005404a61f5d88&q=

FF - user.js: extensions.BabylonToolbar.id - 98be2cd90000000000005404a61f5d88

FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}

FF - user.js: extensions.BabylonToolbar.instlDay - 15678

FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.4.9

FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.4.9

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.4.920:58

FF - user.js: extensions.BabylonToolbar.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar.tlbrId - base

FF - user.js: extensions.BabylonToolbar.instlRef - sst

FF - user.js: extensions.BabylonToolbar.dfltLng - en

FF - user.js: extensions.BabylonToolbar_i.excTlbr - false

FF - user.js: extensions.BabylonToolbar.excTlbr - false

FF - user.js: extensions.BabylonToolbar.admin - false

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109220&tt=4912_8

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar.autoRvrt - false

FF - user.js: extensions.BabylonToolbar.rvrt - false

FF - user.js: extensions.BabylonToolbar_i.newTab - false

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

AddRemove-1ClickDownload - c:\program files (x86)\TornTV.com\uninst.exe

AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fshoster]

"ImagePath"="\"c:\program files (x86)\F-Secure\fshoster32.exe\" -hosterid:0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va010]

"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va010"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\F-Secure\My Services Agent\Protected]

@Denied: ) (Everyone)

"AgentIdentifier"=""

"AuthorizationCode"=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-12-19 13:23:37

ComboFix-quarantined-files.txt 2012-12-19 12:23

ComboFix2.txt 2012-12-19 12:06

.

Pre-Run: 370.777.161.728 bytes beschikbaar

Post-Run: 370.476.658.688 bytes beschikbaar

.

- - End Of File - - F58A2417639174E43F791CC3CC85DC97

19 december 2012 aangepast door MikeSchellaars

[kweezie wabbit]

Download AdwCleaner by Xplode naar je bureaublad.

• Sluit alle openstaande vensters.
  
• Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
  
• Voor XP: Gewoon dubbelklikken op AdwCleaner.
  
• Klik vervolgens op Verwijderen.
  
• Klik bij AdwCleaner – Informatie op OK
  
• Klik bij AdwCleaner – Herstarten Noodzakelijk op OK
  

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht, samen met een nieuw logje van Combofix.

[MikeSchellaars]

ComboFix 12-12-19.01 - Mike 19-12-2012 14:59:58.3.8 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6049.4470 [GMT 1:00]

Gestart vanuit: c:\users\Mike\Downloads\ComboFix.exe

AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Mozilla Firefox\searchplugins\search.xml

c:\windows\msvcr71.dll

c:\windows\wininit.ini

.

Besmet exemplaar van c:\windows\SysWow64\userinit.exe werd aangetroffen en gedesinfecteerd

Hersteld exemplaar van - c:\windows\erdnt\cache86\userinit.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-11-19 to 2012-12-19 ))))))))))))))))))))))))))))))

.

.

2012-12-19 14:06 . 2012-12-19 14:06 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-12-19 14:06 . 2012-12-19 14:06 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-18 19:43 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76252772-5675-4F19-A8D8-08DDBE610245}\mpengine.dll

2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\users\Mike\AppData\Roaming\Malwarebytes

2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\programdata\Malwarebytes

2012-12-17 19:45 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-12 19:32 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll

2012-12-12 19:32 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-12-12 19:30 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll

2012-12-12 19:30 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll

2012-12-12 16:33 . 2012-12-12 16:33 -------- d-----w- c:\users\Mike\AppData\Local\Adobe

2012-12-12 16:32 . 2012-12-12 17:56 -------- d-----w- c:\program files (x86)\Common Files\Adobe

2012-12-04 12:20 . 2012-12-17 19:19 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy

2012-12-04 12:20 . 2012-12-12 17:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-12-04 12:15 . 2012-12-12 17:55 -------- d-----w- c:\program files (x86)\F-Secure

2012-12-04 12:11 . 2012-12-04 12:15 -------- d-----w- c:\programdata\F-Secure

2012-11-29 20:57 . 2012-12-04 09:21 -------- d-----w- c:\program files (x86)\GoforFiles

2012-11-29 20:57 . 2012-11-29 20:57 -------- d-----w- c:\users\Mike\AppData\Roaming\GoforFiles

2012-11-28 17:47 . 2012-12-04 20:00 -------- d-----w- c:\program files (x86)\TornTV.com

2012-11-28 17:41 . 2012-11-28 17:42 -------- d-----w- c:\users\Mike\AppData\Local\DownTango

2012-11-28 17:41 . 2012-11-28 17:41 -------- d-----w- c:\program files (x86)\Red Sky

2012-11-21 11:58 . 2012-11-21 11:58 -------- d-----w- c:\program files (x86)\SystemRequirementsLab

2012-11-21 11:58 . 2012-11-21 11:58 -------- d-----w- c:\users\Mike\AppData\Roaming\SystemRequirementsLab

2012-11-19 18:42 . 2012-12-03 14:53 -------- d-----r- c:\users\Mike\Dropbox

2012-11-19 17:48 . 2012-12-17 18:46 -------- d-----w- c:\users\Mike\AppData\Roaming\Dropbox

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-19 14:07 . 2012-09-03 04:16 45056 ----a-w- c:\windows\system32\acovcnt.exe

2012-12-13 15:58 . 2012-09-07 04:21 67413224 ----a-w- c:\windows\system32\MRT.exe

2012-11-09 08:39 . 2012-11-09 08:39 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-11-09 08:39 . 2012-11-08 09:09 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2012-11-09 08:39 . 2012-11-08 09:09 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-11-05 19:09 . 2012-11-05 19:09 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2012-10-16 08:38 . 2012-11-27 23:22 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38 . 2012-11-27 23:22 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39 . 2012-11-27 23:22 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-10-10 01:22 . 2012-10-10 01:22 80384 ----a-w- c:\windows\system32\igdde64.dll

2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc

2012-10-10 01:22 . 2012-10-10 01:22 216064 ----a-w- c:\windows\system32\iglhcp64.dll

2012-10-10 01:22 . 2012-10-10 01:22 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll

2012-10-10 01:22 . 2012-10-10 01:22 5903392 ----a-w- c:\windows\system32\GfxUI.exe

2012-10-10 01:22 . 2012-10-10 01:22 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrhun.lrc

2012-10-10 01:22 . 2012-10-10 01:22 3776512 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll

2012-10-10 01:22 . 2012-10-10 01:22 10673664 ----a-w- c:\windows\SysWow64\ig4icd32.dll

2012-10-10 01:22 . 2012-10-10 01:22 64512 ----a-w- c:\windows\SysWow64\igdde32.dll

2012-10-10 01:22 . 2012-10-10 01:22 501760 ----a-w- c:\windows\system32\igfxcmrt64.dll

2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrus.lrc

2012-10-10 01:22 . 2012-10-10 01:22 431104 ----a-w- c:\windows\system32\igfxrkor.lrc

2012-10-10 01:22 . 2012-10-10 01:22 410624 ----a-w- c:\windows\system32\igfxTMM.dll

2012-10-10 01:22 . 2011-07-12 03:29 12836864 ----a-w- c:\windows\system32\igd10umd64.dll

2012-10-10 01:22 . 2011-07-12 03:29 110592 ----a-w- c:\windows\system32\hccutils.dll

2012-10-10 01:22 . 2012-10-10 01:22 330240 ----a-w- c:\windows\SysWow64\igfxdv32.dll

2012-10-10 01:22 . 2011-07-12 03:29 12604416 ----a-w- c:\windows\system32\igdumd64.dll

2012-10-10 01:22 . 2012-10-10 01:22 441888 ----a-w- c:\windows\system32\igfxpers.exe

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc

2012-10-10 01:22 . 2012-10-10 01:22 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll

2012-10-10 01:22 . 2012-10-10 01:22 5343584 ----a-w- c:\windows\system32\drivers\igdkmd64.sys

2012-10-10 01:22 . 2012-10-10 01:22 448512 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll

2012-10-10 01:22 . 2012-10-10 01:22 441856 ----a-w- c:\windows\system32\igfxdev.dll

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrnld.lrc

2012-10-10 01:22 . 2012-10-10 01:22 399392 ----a-w- c:\windows\system32\hkcmd.exe

2012-10-10 01:22 . 2012-10-10 01:22 272928 ----a-w- c:\windows\system32\igvpkrng600.bin

2012-10-10 01:22 . 2012-10-10 01:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl

2012-10-10 01:22 . 2012-10-10 01:22 116224 ----a-w- c:\windows\system32\igfxCoIn_v2867.dll

2012-10-10 01:22 . 2011-07-12 03:29 63488 ----a-w- c:\windows\system32\igfxsrvc.dll

2012-10-10 01:22 . 2011-07-12 03:29 9007616 ----a-w- c:\windows\system32\igfxress.dll

2012-10-10 01:22 . 2012-10-10 01:22 604160 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll

2012-10-10 01:22 . 2012-10-10 01:22 4571136 ----a-w- c:\windows\system32\igfxcmjit64.dll

2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxresn.lrc

2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrom.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrsve.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrslv.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrnor.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrdan.lrc

2012-10-10 01:22 . 2012-10-10 01:22 277024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe

2012-10-10 01:22 . 2012-10-10 01:22 185376 ----a-w- c:\windows\system32\difx64.exe

2012-10-10 01:22 . 2012-10-10 01:22 173568 ----a-w- c:\windows\system32\gfxSrvc.dll

2012-10-10 01:22 . 2012-10-10 01:22 12887040 ----a-w- c:\windows\system32\ig4icd64.dll

2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrheb.lrc

2012-10-10 01:22 . 2012-10-10 01:22 429056 ----a-w- c:\windows\system32\igfxrcht.lrc

2012-10-10 01:22 . 2012-10-10 01:22 171040 ----a-w- c:\windows\system32\igfxtray.exe

2012-10-10 01:22 . 2011-07-12 03:29 11158528 ----a-w- c:\windows\SysWow64\igd10umd32.dll

2012-10-10 01:22 . 2012-10-10 01:22 509984 ----a-w- c:\windows\system32\igfxsrvc.exe

2012-10-10 01:22 . 2012-10-10 01:22 440320 ----a-w- c:\windows\system32\igfxrell.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrptg.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrplk.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrita.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrfin.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrtha.lrc

2012-10-10 01:22 . 2012-10-10 01:22 428544 ----a-w- c:\windows\system32\igfxrchs.lrc

2012-10-10 01:22 . 2012-10-10 01:22 286208 ----a-w- c:\windows\system32\igfxrenu.lrc

2012-10-10 01:22 . 2012-10-10 01:22 142336 ----a-w- c:\windows\system32\igfxdo.dll

2012-10-10 01:22 . 2012-10-10 01:22 963452 ----a-w- c:\windows\system32\igcodeckrng600.bin

2012-10-10 01:22 . 2012-10-10 01:22 482304 ----a-w- c:\windows\system32\igfx11cmrt64.dll

2012-10-10 01:22 . 2012-10-10 01:22 386048 ----a-w- c:\windows\system32\igfxpph.dll

2012-10-10 01:22 . 2012-10-10 01:22 524800 ----a-w- c:\windows\system32\iglhsip64.dll

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrsky.lrc

2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrara.lrc

2012-10-10 01:22 . 2012-10-10 01:22 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc

2012-10-10 01:22 . 2012-10-10 01:22 28672 ----a-w- c:\windows\system32\igfxexps.dll

2012-10-10 01:22 . 2012-10-10 01:22 252448 ----a-w- c:\windows\system32\igfxext.exe

2012-10-10 01:22 . 2011-07-12 03:29 11040256 ----a-w- c:\windows\SysWow64\igdumd32.dll

2012-10-10 01:22 . 2012-10-10 01:22 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll

2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxrfra.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrptb.lrc

2012-10-09 18:17 . 2012-11-15 05:11 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-10-09 18:17 . 2012-11-15 05:11 226816 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-10-09 17:40 . 2012-11-15 05:11 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-15 05:11 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll

2012-10-09 16:09 . 2012-09-03 08:37 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-09 16:09 . 2012-09-03 08:37 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-10-09 15:35 . 2012-09-03 04:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll

2012-10-09 15:35 . 2012-09-03 04:14 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll

2012-10-08 10:42 . 2012-10-08 10:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll

2012-10-08 10:42 . 2012-10-08 10:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-10-08 10:42 . 2012-10-08 10:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll

2012-10-08 10:42 . 2012-10-08 10:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll

2012-10-08 10:42 . 2012-10-08 10:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-10-08 10:42 . 2012-10-08 10:42 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2012-10-08 10:42 . 2012-10-08 10:42 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-10-08 10:42 . 2012-09-03 03:52 973672 ----a-w- c:\windows\system32\nvumdshimx.dll

2012-10-08 10:42 . 2012-10-08 10:42 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll

2012-10-08 10:42 . 2012-10-08 10:42 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2012-10-08 10:42 . 2012-10-08 10:42 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"midi2"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-05 1255736]

R3 X6va010;X6va010;c:\windows\SysWOW64\Drivers\X6va010 [x]

R4 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]

R4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]

R4 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]

R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]

R4 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]

R4 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]

S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-11-05 30568]

S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]

S2 fshoster;F-Secure Dll Hoster;c:\program files (x86)\F-Secure\fshoster32.exe [2012-10-19 183864]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]

S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-05 711112]

S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]

S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]

S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]

S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-02-25 302592]

S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-02-25 81920]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2012-12-19 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-03 16:09]

.

2012-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2353280605-2388377470-476608550-1001Core.job

- c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 12:04]

.

2012-12-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2353280605-2388377470-476608550-1001UA.job

- c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 12:04]

.

2012-12-19 c:\windows\Tasks\SDMsgUpdate (TE).job

- c:\progra~2\SMARTD~1\Messages\SDNotify.exe [2012-09-18 18:22]

.

2012-12-19 c:\windows\Tasks\SpeedUpMyPC.job

- c:\program files (x86)\Uniblue\SpeedUpMyPC\sump.exe [2012-09-16 18:44]

.

2012-12-19 c:\windows\Tasks\spmonitor.job

- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2012-09-16 18:44]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]

@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"

[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]

2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]

@="{64174815-8D98-4CE6-8646-4C039977D808}"

[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]

2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]

"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]

"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384]

"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU]

"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]

"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]

"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]

"snp2uvc"="c:\windows\vsnp2uvc.exe" [2010-01-21 909824]

"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SYSTEM32\blank.htm

TCP: DhcpNameServer = 10.0.104.10 10.0.104.12 10.0.104.13

FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://google.nl/

FF - ExtSQL: 2012-11-05 20:09; avg@toolbar; c:\programdata\AVG Secure Search\FireFoxExt\13.2.0.5

FF - ExtSQL: 2012-11-28 18:47; torntv@torntv.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\torntv@torntv.com.xpi

FF - ExtSQL: 2012-12-03 17:26; 50bcd2c768e4c@50bcd2c768e85.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\50bcd2c768e4c@50bcd2c768e85.com

FF - ExtSQL: 2012-12-04 20:58; plugin@yontoo.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\plugin@yontoo.com

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

AddRemove-1ClickDownload - c:\program files (x86)\TornTV.com\uninst.exe

AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fshoster]

"ImagePath"="\"c:\program files (x86)\F-Secure\fshoster32.exe\" -hosterid:0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va010]

"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va010"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\F-Secure\My Services Agent\Protected]

@Denied: ) (Everyone)

"AgentIdentifier"=""

"AuthorizationCode"=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe

c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe

c:\users\Mike\AppData\Local\Pokki\v0.260.8.396\pokki.exe

c:\users\Mike\AppData\Local\Pokki\v0.260.8.396\pokki.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

c:\users\Mike\AppData\Local\Pokki\v0.260.8.396\pokki.exe

c:\users\Mike\AppData\Local\Pokki\v0.260.8.396\pokki.exe

.

**************************************************************************

.

Voltooingstijd: 2012-12-19 15:11:16 - machine werd herstart

ComboFix-quarantined-files.txt 2012-12-19 14:11

ComboFix2.txt 2012-12-19 12:23

ComboFix3.txt 2012-12-19 12:06

.

Pre-Run: 370.554.982.400 bytes beschikbaar

Post-Run: 370.468.159.488 bytes beschikbaar

.

- - End Of File - - FEEAB525FA6E8237E985589FFB09CA08

# AdwCleaner v2.101 - Verslag gemaakt op 19/12/2012 om 14:55:24

# Geactualiseerd op 16/12/2012 door Xplode

# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Gebruiker : Mike - MIKE-PC

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Users\Mike\Downloads\adwcleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

Gestopt & Verwijdert : Browser Manager

Gestopt & Verwijdert : Web Assistant Updater

***** [Files / Mappen] *****

File Verwijdert : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

File Verwijdert : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

File Verwijdert : C:\user.js

File Verwijdert : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\bprotector_extensions.sqlite

File Verwijdert : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\bprotector_prefs.js

File Verwijdert : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\searchplugins\mngr.xml

Map Verwijdert : C:\Program Files (x86)\AVG Secure Search

Map Verwijdert : C:\Program Files (x86)\Conduit

Map Verwijdert : C:\Program Files (x86)\FilesFrog Update Checker

Map Verwijdert : C:\Program Files (x86)\MocaFlix

Map Verwijdert : C:\Program Files (x86)\Perion

Map Verwijdert : C:\Program Files\Web Assistant

Map Verwijdert : C:\ProgramData\Anti-phishing Domain Advisor

Map Verwijdert : C:\ProgramData\AVG Secure Search

Map Verwijdert : C:\ProgramData\blekko toolbars

Map Verwijdert : C:\ProgramData\Browser Manager

Map Verwijdert : C:\ProgramData\InstallMate

Map Verwijdert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs

Map Verwijdert : C:\ProgramData\Partner

Map Verwijdert : C:\ProgramData\Premium

Map Verwijdert : C:\ProgramData\SaveAs

Map Verwijdert : C:\ProgramData\Tarma Installer

Map Verwijdert : C:\Users\Mike\AppData\Local\AVG Secure Search

Map Verwijdert : C:\Users\Mike\AppData\Local\Conduit

Map Verwijdert : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Map Verwijdert : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn

Map Verwijdert : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc

Map Verwijdert : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohd****efph

Map Verwijdert : C:\Users\Mike\AppData\LocalLow\AVG Secure Search

Map Verwijdert : C:\Users\Mike\AppData\LocalLow\BabylonToolbar

Map Verwijdert : C:\Users\Mike\AppData\LocalLow\Conduit

Map Verwijdert : C:\Users\Mike\AppData\LocalLow\SaveAs

Map Verwijdert : C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker

Map Verwijdert : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\CT2849859

Map Verwijdert : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591}

Map Verwijdert : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\plugin@yontoo.com

Map Verwijdert : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\Smartbar

Verwijdert bij het opstarten : C:\Program Files (x86)\Common Files\AVG Secure Search

***** [Register] *****

Sleutel Verwijdert : HKCU\Software\AVG Secure Search

Sleutel Verwijdert : HKCU\Software\DataMngr_Toolbar

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}

Sleutel Verwijdert : HKCU\Software\Softonic

Sleutel Verwijdert : HKCU\Software\Somoto

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}

Sleutel Verwijdert : HKLM\Software\AVG Secure Search

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\b

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2849859

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Api

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Layers

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1

Sleutel Verwijdert : HKLM\Software\DataMngr

Sleutel Verwijdert : HKLM\Software\Iminent

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijdert : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Sleutel Verwijdert : HKLM\Software\Web Assistant

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohd****efph

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SP_8e4eb48d

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Sleutel Verwijdert : HKLM\SOFTWARE\Web Assistant

Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]

Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

Waarde Verwijdert : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]

Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Mozilla Firefox v17.0.1 (en-US)

Profielnaam : default

File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\prefs.js

C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\user.js ... Verwijdert !

Verwijdert : user_pref("CT2849859.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");

Verwijdert : user_pref("CT2849859.FirstTime", "true");

Verwijdert : user_pref("CT2849859.FirstTimeFF3", "true");

Verwijdert : user_pref("CT2849859.RevertSettingsEnabled", true);

Verwijdert : user_pref("CT2849859.UserID", "UN85796985077481378");

Verwijdert : user_pref("CT2849859.fixUrls", true);

Verwijdert : user_pref("CT2849859.isCheckedStartAsHidden", true);

Verwijdert : user_pref("CT2849859.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");

Verwijdert : user_pref("CT2849859.isFirstTimeToolbarLoading", "false");

Verwijdert : user_pref("CT2849859.isPerformedSmartBarTransition", "true");

Verwijdert : user_pref("CT2849859.migrateAppsAndComponents", true);

Verwijdert : user_pref("CT2849859.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]

Verwijdert : user_pref("CT2849859.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");

Verwijdert : user_pref("CT2849859.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");

Verwijdert : user_pref("CT2849859.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]

Verwijdert : user_pref("CT2849859.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]

Verwijdert : user_pref("CT2849859.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]

Verwijdert : user_pref("CT2849859.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]

Verwijdert : user_pref("CT2849859.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]

Verwijdert : user_pref("CT2849859.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]

Verwijdert : user_pref("CT2849859.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1353325013717");

Verwijdert : user_pref("CT2849859.serviceLayer_services_appsMetadata_lastUpdate", "1353324800329");

Verwijdert : user_pref("CT2849859.serviceLayer_services_clientErrorLog_lastUpdate", "1353333986162");

Verwijdert : user_pref("CT2849859.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1353324893521");

Verwijdert : user_pref("CT2849859.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1353324893626");

Verwijdert : user_pref("CT2849859.serviceLayer_services_searchAPI_lastUpdate", "1353324893714");

Verwijdert : user_pref("CT2849859.serviceLayer_services_serviceMap_lastUpdate", "1355904373395");

Verwijdert : user_pref("CT2849859.serviceLayer_services_toolbarContextMenu_lastUpdate", "1353324893495");

Verwijdert : user_pref("CT2849859.serviceLayer_services_toolbarSettings_lastUpdate", "1355920050081");

Verwijdert : user_pref("CT2849859.serviceLayer_services_translation_lastUpdate", "1355904376671");

Verwijdert : user_pref("CT2849859.settingsINI", true);

Verwijdert : user_pref("CT2849859.smartbar.CTID", "CT2849859");

Verwijdert : user_pref("CT2849859.smartbar.Uninstall", "0");

Verwijdert : user_pref("CT2849859.smartbar.isHidden", true);

Verwijdert : user_pref("CT2849859.smartbar.toolbarName", "BittorrentBar_NL ");

Verwijdert : user_pref("CT2849859.startPage", "userChanged");

Verwijdert : user_pref("CT2849859.toolbarBornServerTime", "19-11-2012");

Verwijdert : user_pref("CT2849859.toolbarCurrentServerTime", "19-11-2012");

Verwijdert : user_pref("CT2849859_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]

Verwijdert : user_pref("aol_toolbar.default.homepage.check", false);

Verwijdert : user_pref("aol_toolbar.default.search.check", false);

Verwijdert : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\13.2.0.5");

Verwijdert : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=109220&tt=4912_8&babsrc=NT_ss&mntr[...]

Verwijdert : user_pref("browser.search.defaultenginename", "WebSearch");

Verwijdert : user_pref("browser.search.defaultenginename,S", "WebSearch");

Verwijdert : user_pref("browser.search.defaultthis.engineName", "WebSearch");

Verwijdert : user_pref("browser.search.defaulturl", "hxxp://websearch.mocaflix.com/?l=1&q=");

Verwijdert : user_pref("browser.search.order.1", "WebSearch");

Verwijdert : user_pref("browser.search.order.1,S", "WebSearch");

Verwijdert : user_pref("browser.search.selectedEngine,S", "WebSearch");

Verwijdert : user_pref("extensions.50bcd2c768ef8.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]

Verwijdert : user_pref("extensions.BabylonToolbar.admin", false);

Verwijdert : user_pref("extensions.BabylonToolbar.aflt", "babsst");

Verwijdert : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");

Verwijdert : user_pref("extensions.BabylonToolbar.autoRvrt", "false");

Verwijdert : user_pref("extensions.BabylonToolbar.bbDpng", "10");

Verwijdert : user_pref("extensions.BabylonToolbar.cntry", "NL");

Verwijdert : user_pref("extensions.BabylonToolbar.dfltLng", "en");

Verwijdert : user_pref("extensions.BabylonToolbar.dpkLst", "");

Verwijdert : user_pref("extensions.BabylonToolbar.excTlbr", false);

Verwijdert : user_pref("extensions.BabylonToolbar.hdrMd5", "54DB6BA63E7B7D635D6C967693C89A8E");

Verwijdert : user_pref("extensions.BabylonToolbar.id", "98be2cd90000000000005404a61f5d88");

Verwijdert : user_pref("extensions.BabylonToolbar.instlDay", "15678");

Verwijdert : user_pref("extensions.BabylonToolbar.instlRef", "sst");

Verwijdert : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"59\",\"lastVrsn\":\"59\",\"vrsnLoad\[...]

Verwijdert : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 0);

Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);

Verwijdert : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

Verwijdert : user_pref("extensions.BabylonToolbar.rvrt", "false");

Verwijdert : user_pref("extensions.BabylonToolbar.sg", "azb");

Verwijdert : user_pref("extensions.BabylonToolbar.smplGrp", "azb");

Verwijdert : user_pref("extensions.BabylonToolbar.tlbrId", "base");

Verwijdert : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]

Verwijdert : user_pref("extensions.BabylonToolbar.vrsn", "1.8.4.9");

Verwijdert : user_pref("extensions.BabylonToolbar.vrsni", "1.8.4.9");

Verwijdert : user_pref("extensions.BabylonToolbar_i.babExt", "");

Verwijdert : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109220&tt=4912_8");

Verwijdert : user_pref("extensions.BabylonToolbar_i.excTlbr", false);

Verwijdert : user_pref("extensions.BabylonToolbar_i.newTab", false);

Verwijdert : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=109220&tt=4812_[...]

Verwijdert : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Verwijdert : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

Verwijdert : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.4.920:58:18");

Verwijdert : user_pref("extensions.incredibar.actvtyRptTime", "1354184343347");

Verwijdert : user_pref("extensions.incredibar.admin", false);

Verwijdert : user_pref("extensions.incredibar.aflt", "orgnl");

Verwijdert : user_pref("extensions.incredibar.afterInstallRpt", "sent");

Verwijdert : user_pref("extensions.incredibar.cntry", "NL");

Verwijdert : user_pref("extensions.incredibar.dfltlng", "EN");

Verwijdert : user_pref("extensions.incredibar.dfltsrch", "false");

Verwijdert : user_pref("extensions.incredibar.did", "10671");

Verwijdert : user_pref("extensions.incredibar.envrmnt", "production");

Verwijdert : user_pref("extensions.incredibar.excTlbr", false);

Verwijdert : user_pref("extensions.incredibar.hdrMd5", "51E3A2FAA72593ADA129E9358487B9F7");

Verwijdert : user_pref("extensions.incredibar.hmpg", false);

Verwijdert : user_pref("extensions.incredibar.hrdid", "98be2cd90000000000005404a61f5d88");

Verwijdert : user_pref("extensions.incredibar.id", "98be2cd90000000000005404a61f5d88");

Verwijdert : user_pref("extensions.incredibar.installerproductid", "26");

Verwijdert : user_pref("extensions.incredibar.instlday", "15599");

Verwijdert : user_pref("extensions.incredibar.instlref", "");

Verwijdert : user_pref("extensions.incredibar.isdcmntcmplt", "false");

Verwijdert : user_pref("extensions.incredibar.keywordurl", "");

Verwijdert : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1415:29:52");

Verwijdert : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");

Verwijdert : user_pref("extensions.incredibar.newtab", "false");

Verwijdert : user_pref("extensions.incredibar.newtaburl", "");

Verwijdert : user_pref("extensions.incredibar.noFFXTlbr", false);

Verwijdert : user_pref("extensions.incredibar.ppd", "7777743");

Verwijdert : user_pref("extensions.incredibar.prdct", "incredibar");

Verwijdert : user_pref("extensions.incredibar.productid", "26");

Verwijdert : user_pref("extensions.incredibar.prtnrid", "Incredibar");

Verwijdert : user_pref("extensions.incredibar.sg", "none");

Verwijdert : user_pref("extensions.incredibar.smplgrp", "none");

Verwijdert : user_pref("extensions.incredibar.srch", "");

Verwijdert : user_pref("extensions.incredibar.srchprvdr", "");

Verwijdert : user_pref("extensions.incredibar.tlbrid", "base");

Verwijdert : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6OyOixHaUC&loc=IB_T[...]

Verwijdert : user_pref("extensions.incredibar.upn2", "6OyOixHaUC");

Verwijdert : user_pref("extensions.incredibar.upn2n", "92262116453516502");

Verwijdert : user_pref("extensions.incredibar.vrsn", "1.5.11.14");

Verwijdert : user_pref("extensions.incredibar.vrsni", "1.5.11.14");

Verwijdert : user_pref("extensions.incredibar.vrsnts", "1.5.11.1415:29:52");

Verwijdert : user_pref("extensions.incredibar_i.aflt", "orgnl");

Verwijdert : user_pref("extensions.incredibar_i.dfltLng", "");

Verwijdert : user_pref("extensions.incredibar_i.did", "10671");

Verwijdert : user_pref("extensions.incredibar_i.excTlbr", false);

Verwijdert : user_pref("extensions.incredibar_i.id", "98be2cd90000000000005404a61f5d88");

Verwijdert : user_pref("extensions.incredibar_i.installerproductid", "26");

Verwijdert : user_pref("extensions.incredibar_i.instlDay", "15599");

Verwijdert : user_pref("extensions.incredibar_i.instlRef", "");

Verwijdert : user_pref("extensions.incredibar_i.ms_url_id", "");

Verwijdert : user_pref("extensions.incredibar_i.newTab", false);

Verwijdert : user_pref("extensions.incredibar_i.ppd", "7777743");

Verwijdert : user_pref("extensions.incredibar_i.prdct", "incredibar");

Verwijdert : user_pref("extensions.incredibar_i.productid", "26");

Verwijdert : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");

Verwijdert : user_pref("extensions.incredibar_i.smplGrp", "none");

Verwijdert : user_pref("extensions.incredibar_i.tlbrId", "base");

Verwijdert : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyOixHaUC&loc=IB[...]

Verwijdert : user_pref("extensions.incredibar_i.upn2", "6OyOixHaUC");

Verwijdert : user_pref("extensions.incredibar_i.upn2n", "92262116453516502");

Verwijdert : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");

Verwijdert : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1415:29:52");

Verwijdert : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");

Verwijdert : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7B9f8edb98-7e0f-4016-b856-92139e8692c6%[...]

Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "WebSearch");

Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "WebSearch");

Verwijdert : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://websearch.mocaflix.com/");

Verwijdert : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://websearch.mocaflix.com/?l=1&q=");

Verwijdert : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");

Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");

Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");

Verwijdert : user_pref("sweetim.toolbar.searchguard.enable", "false");

Verwijdert : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://isearch.avg.com/[...]

Verwijdert : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://isearch.avg.[...]

Verwijdert : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

-\\ Google Chrome v [Onmogelijk de versie te verkrijgen]

File : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[s1].txt - [26622 octets] - [19/12/2012 14:55:24]

########## EOF - C:\AdwCleaner[s1].txt - [26683 octets] ##########

[kape]

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\torntv@torntv.com .xpi

c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\50bcd2c768e4c@50b cd2c768e85.com

c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\plugin@yontoo.com

Folder::

c:\program files (x86)\TornTV.com

c:\programdata\AVG Secure Search\FireFoxExt\13.2.0.5

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

[MikeSchellaars]

ComboFix 12-12-19.01 - Mike 19-12-2012 18:19:36.4.8 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6049.4478 [GMT 1:00]

Gestart vanuit: c:\users\Mike\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Mike\Desktop\CFScript..txt

AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\50bcd2c768e4c@50b cd2c768e85.com"

"c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\plugin@yontoo.com"

"c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\torntv@torntv.com .xpi"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\TornTV.com

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-11-19 to 2012-12-19 ))))))))))))))))))))))))))))))

.

.

2012-12-19 17:27 . 2012-12-19 17:27 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-12-19 17:27 . 2012-12-19 17:27 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-18 19:43 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76252772-5675-4F19-A8D8-08DDBE610245}\mpengine.dll

2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\users\Mike\AppData\Roaming\Malwarebytes

2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-12-17 19:45 . 2012-12-17 19:45 -------- d-----w- c:\programdata\Malwarebytes

2012-12-17 19:45 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-12 19:32 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll

2012-12-12 19:32 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-12-12 19:30 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll

2012-12-12 19:30 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll

2012-12-12 16:33 . 2012-12-12 16:33 -------- d-----w- c:\users\Mike\AppData\Local\Adobe

2012-12-12 16:32 . 2012-12-12 17:56 -------- d-----w- c:\program files (x86)\Common Files\Adobe

2012-12-04 12:20 . 2012-12-17 19:19 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy

2012-12-04 12:20 . 2012-12-12 17:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-12-04 12:15 . 2012-12-12 17:55 -------- d-----w- c:\program files (x86)\F-Secure

2012-12-04 12:11 . 2012-12-04 12:15 -------- d-----w- c:\programdata\F-Secure

2012-11-29 20:57 . 2012-12-04 09:21 -------- d-----w- c:\program files (x86)\GoforFiles

2012-11-29 20:57 . 2012-11-29 20:57 -------- d-----w- c:\users\Mike\AppData\Roaming\GoforFiles

2012-11-28 17:41 . 2012-11-28 17:42 -------- d-----w- c:\users\Mike\AppData\Local\DownTango

2012-11-28 17:41 . 2012-11-28 17:41 -------- d-----w- c:\program files (x86)\Red Sky

2012-11-21 11:58 . 2012-11-21 11:58 -------- d-----w- c:\program files (x86)\SystemRequirementsLab

2012-11-21 11:58 . 2012-11-21 11:58 -------- d-----w- c:\users\Mike\AppData\Roaming\SystemRequirementsLab

2012-11-19 18:42 . 2012-12-03 14:53 -------- d-----r- c:\users\Mike\Dropbox

2012-11-19 17:48 . 2012-12-17 18:46 -------- d-----w- c:\users\Mike\AppData\Roaming\Dropbox

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-19 17:12 . 2012-09-03 04:16 45056 ----a-w- c:\windows\system32\acovcnt.exe

2012-12-13 15:58 . 2012-09-07 04:21 67413224 ----a-w- c:\windows\system32\MRT.exe

2012-11-09 08:39 . 2012-11-09 08:39 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-11-09 08:39 . 2012-11-08 09:09 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2012-11-09 08:39 . 2012-11-08 09:09 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-11-05 19:09 . 2012-11-05 19:09 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2012-10-16 08:38 . 2012-11-27 23:22 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38 . 2012-11-27 23:22 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39 . 2012-11-27 23:22 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-10-10 01:22 . 2012-10-10 01:22 80384 ----a-w- c:\windows\system32\igdde64.dll

2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc

2012-10-10 01:22 . 2012-10-10 01:22 216064 ----a-w- c:\windows\system32\iglhcp64.dll

2012-10-10 01:22 . 2012-10-10 01:22 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll

2012-10-10 01:22 . 2012-10-10 01:22 5903392 ----a-w- c:\windows\system32\GfxUI.exe

2012-10-10 01:22 . 2012-10-10 01:22 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrhun.lrc

2012-10-10 01:22 . 2012-10-10 01:22 3776512 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll

2012-10-10 01:22 . 2012-10-10 01:22 10673664 ----a-w- c:\windows\SysWow64\ig4icd32.dll

2012-10-10 01:22 . 2012-10-10 01:22 64512 ----a-w- c:\windows\SysWow64\igdde32.dll

2012-10-10 01:22 . 2012-10-10 01:22 501760 ----a-w- c:\windows\system32\igfxcmrt64.dll

2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrus.lrc

2012-10-10 01:22 . 2012-10-10 01:22 431104 ----a-w- c:\windows\system32\igfxrkor.lrc

2012-10-10 01:22 . 2012-10-10 01:22 410624 ----a-w- c:\windows\system32\igfxTMM.dll

2012-10-10 01:22 . 2011-07-12 03:29 12836864 ----a-w- c:\windows\system32\igd10umd64.dll

2012-10-10 01:22 . 2011-07-12 03:29 110592 ----a-w- c:\windows\system32\hccutils.dll

2012-10-10 01:22 . 2012-10-10 01:22 330240 ----a-w- c:\windows\SysWow64\igfxdv32.dll

2012-10-10 01:22 . 2011-07-12 03:29 12604416 ----a-w- c:\windows\system32\igdumd64.dll

2012-10-10 01:22 . 2012-10-10 01:22 441888 ----a-w- c:\windows\system32\igfxpers.exe

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc

2012-10-10 01:22 . 2012-10-10 01:22 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll

2012-10-10 01:22 . 2012-10-10 01:22 5343584 ----a-w- c:\windows\system32\drivers\igdkmd64.sys

2012-10-10 01:22 . 2012-10-10 01:22 448512 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll

2012-10-10 01:22 . 2012-10-10 01:22 441856 ----a-w- c:\windows\system32\igfxdev.dll

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrnld.lrc

2012-10-10 01:22 . 2012-10-10 01:22 399392 ----a-w- c:\windows\system32\hkcmd.exe

2012-10-10 01:22 . 2012-10-10 01:22 272928 ----a-w- c:\windows\system32\igvpkrng600.bin

2012-10-10 01:22 . 2012-10-10 01:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl

2012-10-10 01:22 . 2012-10-10 01:22 116224 ----a-w- c:\windows\system32\igfxCoIn_v2867.dll

2012-10-10 01:22 . 2011-07-12 03:29 63488 ----a-w- c:\windows\system32\igfxsrvc.dll

2012-10-10 01:22 . 2011-07-12 03:29 9007616 ----a-w- c:\windows\system32\igfxress.dll

2012-10-10 01:22 . 2012-10-10 01:22 604160 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll

2012-10-10 01:22 . 2012-10-10 01:22 4571136 ----a-w- c:\windows\system32\igfxcmjit64.dll

2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxresn.lrc

2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrom.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrsve.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrslv.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrnor.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrdan.lrc

2012-10-10 01:22 . 2012-10-10 01:22 277024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe

2012-10-10 01:22 . 2012-10-10 01:22 185376 ----a-w- c:\windows\system32\difx64.exe

2012-10-10 01:22 . 2012-10-10 01:22 173568 ----a-w- c:\windows\system32\gfxSrvc.dll

2012-10-10 01:22 . 2012-10-10 01:22 12887040 ----a-w- c:\windows\system32\ig4icd64.dll

2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrheb.lrc

2012-10-10 01:22 . 2012-10-10 01:22 429056 ----a-w- c:\windows\system32\igfxrcht.lrc

2012-10-10 01:22 . 2012-10-10 01:22 171040 ----a-w- c:\windows\system32\igfxtray.exe

2012-10-10 01:22 . 2011-07-12 03:29 11158528 ----a-w- c:\windows\SysWow64\igd10umd32.dll

2012-10-10 01:22 . 2012-10-10 01:22 509984 ----a-w- c:\windows\system32\igfxsrvc.exe

2012-10-10 01:22 . 2012-10-10 01:22 440320 ----a-w- c:\windows\system32\igfxrell.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrptg.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrplk.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrita.lrc

2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrfin.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrtha.lrc

2012-10-10 01:22 . 2012-10-10 01:22 428544 ----a-w- c:\windows\system32\igfxrchs.lrc

2012-10-10 01:22 . 2012-10-10 01:22 286208 ----a-w- c:\windows\system32\igfxrenu.lrc

2012-10-10 01:22 . 2012-10-10 01:22 142336 ----a-w- c:\windows\system32\igfxdo.dll

2012-10-10 01:22 . 2012-10-10 01:22 963452 ----a-w- c:\windows\system32\igcodeckrng600.bin

2012-10-10 01:22 . 2012-10-10 01:22 482304 ----a-w- c:\windows\system32\igfx11cmrt64.dll

2012-10-10 01:22 . 2012-10-10 01:22 386048 ----a-w- c:\windows\system32\igfxpph.dll

2012-10-10 01:22 . 2012-10-10 01:22 524800 ----a-w- c:\windows\system32\iglhsip64.dll

2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrsky.lrc

2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrara.lrc

2012-10-10 01:22 . 2012-10-10 01:22 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc

2012-10-10 01:22 . 2012-10-10 01:22 28672 ----a-w- c:\windows\system32\igfxexps.dll

2012-10-10 01:22 . 2012-10-10 01:22 252448 ----a-w- c:\windows\system32\igfxext.exe

2012-10-10 01:22 . 2011-07-12 03:29 11040256 ----a-w- c:\windows\SysWow64\igdumd32.dll

2012-10-10 01:22 . 2012-10-10 01:22 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll

2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxrfra.lrc

2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrptb.lrc

2012-10-09 18:17 . 2012-11-15 05:11 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-10-09 18:17 . 2012-11-15 05:11 226816 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-10-09 17:40 . 2012-11-15 05:11 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-15 05:11 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll

2012-10-09 16:09 . 2012-09-03 08:37 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-09 16:09 . 2012-09-03 08:37 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-10-09 15:35 . 2012-09-03 04:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll

2012-10-09 15:35 . 2012-09-03 04:14 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll

2012-10-08 10:42 . 2012-10-08 10:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll

2012-10-08 10:42 . 2012-10-08 10:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-10-08 10:42 . 2012-10-08 10:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll

2012-10-08 10:42 . 2012-10-08 10:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll

2012-10-08 10:42 . 2012-10-08 10:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-10-08 10:42 . 2012-10-08 10:42 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2012-10-08 10:42 . 2012-10-08 10:42 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-10-08 10:42 . 2012-09-03 03:52 973672 ----a-w- c:\windows\system32\nvumdshimx.dll

2012-10-08 10:42 . 2012-10-08 10:42 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll

2012-10-08 10:42 . 2012-10-08 10:42 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2012-10-08 10:42 . 2012-10-08 10:42 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"midi2"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-05 1255736]

R3 X6va010;X6va010;c:\windows\SysWOW64\Drivers\X6va010 [x]

R4 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]

R4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]

R4 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]

R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]

R4 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]

R4 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]

S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-11-05 30568]

S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]

S2 fshoster;F-Secure Dll Hoster;c:\program files (x86)\F-Secure\fshoster32.exe [2012-10-19 183864]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]

S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-05 711112]

S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]

S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]

S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]

S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-02-25 302592]

S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-02-25 81920]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2012-12-19 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-03 16:09]

.

2012-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2353280605-2388377470-476608550-1001Core.job

- c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 12:04]

.

2012-12-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2353280605-2388377470-476608550-1001UA.job

- c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 12:04]

.

2012-12-19 c:\windows\Tasks\SDMsgUpdate (TE).job

- c:\progra~2\SMARTD~1\Messages\SDNotify.exe [2012-09-18 18:22]

.

2012-12-19 c:\windows\Tasks\SpeedUpMyPC.job

- c:\program files (x86)\Uniblue\SpeedUpMyPC\sump.exe [2012-09-16 18:44]

.

2012-12-19 c:\windows\Tasks\spmonitor.job

- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2012-09-16 18:44]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]

@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"

[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]

2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]

@="{64174815-8D98-4CE6-8646-4C039977D808}"

[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]

2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]

"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]

"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384]

"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU]

"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]

"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]

"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]

"snp2uvc"="c:\windows\vsnp2uvc.exe" [2010-01-21 909824]

"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SYSTEM32\blank.htm

TCP: DhcpNameServer = 192.168.2.254 192.168.50.1

FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://google.nl/

FF - ExtSQL: 2012-11-28 18:47; torntv@torntv.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\torntv@torntv.com.xpi

FF - ExtSQL: 2012-12-03 17:26; 50bcd2c768e4c@50bcd2c768e85.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\uh9lo7mw.default\extensions\50bcd2c768e4c@50bcd2c768e85.com

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

AddRemove-1ClickDownload - c:\program files (x86)\TornTV.com\uninst.exe

AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fshoster]

"ImagePath"="\"c:\program files (x86)\F-Secure\fshoster32.exe\" -hosterid:0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va010]

"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va010"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\F-Secure\My Services Agent\Protected]

@Denied: ) (Everyone)

"AgentIdentifier"=""

"AuthorizationCode"=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-12-19 18:29:04

ComboFix-quarantined-files.txt 2012-12-19 17:29

ComboFix2.txt 2012-12-19 14:11

ComboFix3.txt 2012-12-19 12:23

ComboFix4.txt 2012-12-19 12:06

.

Pre-Run: 369.450.672.128 bytes beschikbaar

Post-Run: 369.762.684.928 bytes beschikbaar

.

- - End Of File - - 254CD0B14720F000F711AF637B81F8D9

[kape]

En heb je nu nog merkbare problemen ?

[MikeSchellaars]

nog steeds het zelfde

[Kurtt]

Bekijk ook even deze handleiding met betrekking tot de foutmelding.

http://www.pc-helpforum.be/f279/foutmelding-windows-verkenner-reageert-niet-meer-54908/ (klik erop!)