Internet valt heel vaak weg.

[smettn]

Hallo,

Ik heb al maanden problemen met internet.

Het valt zonder reden uit.. En in het beste geval na paar seconden terug aan, soms pas na een kwartier ( tijdens het maken van dit bericht viel internet 4x uit )

bv:

(die balkjes zijn downloadsnelheid maar dat wisten jullie wss al )

Krijg ik ook redelijk vaak.. wel niet altijd

Heb draadloos internet, meerbepaald die 'brol' die je meekrijgt als je belgacom TV hebt..

Als draadloze ontvanger heb ik zo'n ASUS WLAN stick 802.11G ( al 6 jaar oud of zo.. )

Thuis hebben we 2 laptops, een iPad, nog een gewone pc en belgacom tv. Allemaal zonder enige problemen, behalve mijn pc dus.

PC is vrij recent ( 1 maand oud ) dus normaal ligt het daar niet aan. Met mijn vorige pc had ik juist hetzelfde probleem.

Thanks in advance & prettig eindejaar

Grtz, Thomas

[smettn]

Alvast een HiJjackThis gedaan

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:00:38, on 1/01/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16455)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={344DE650-C01E-494B-94E1-7503AF968C7F}&mid=cd259b0d7e7047d08178d1568033f2c0-163d936407735f60b12ac8c9ab6868ed1af88526〈=nl&ds=is015&pr=sa&d=2012-12-17 18:46:04&v=13.2.0.4&sap=hp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: uTorrentBar_NL - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [DriverMax] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -agent

O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -RESTART

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F8D1126C80F9311A03F66B81B56B8A9C] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-1065886021-3104463657-3308724018-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-1065886021-3104463657-3308724018-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\WINDOWS\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10427 bytes

[kweezie wabbit]

Klik met de rechter muisknop op de icoon van Hijackthis en kies dan voor “Run as administrator" of "Uitvoeren als administrator".

Selecteer “Do a system scan only”.

Vink alleen de items aan die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={344DE650-C01E-494B-94E1-7503AF968C7F}&mid=cd259b0d7e7047d08178d1568033f2c0-163d936407735f60b12ac8c9ab6868ed1af88526〈=nl&ds=is015&pr=sa&d=2012-12-17 18:46:04&v=13.2.0.4&sap=hp

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll

O2 - BHO: uTorrentBar_NL - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll

O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll

Klik op 'Fix checked' om de items te verwijderen.

Download MBAM (Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma te installeren.

Bij de installatie van MBAM wordt er gevraagd of je de "evaluatieversie" wil gebruiken...

Op deze vraag dien je te antwoorden met "afwijzen".

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken.

Daarna zal het vragen om de computer opnieuw op te starten... Dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.

[smettn]

logje van MBAM:

Malwarebytes Anti-Malware 1.70.0.1100

Malwarebytes : Free anti-malware download

Databaseversie: v2013.01.02.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

WINDOWS :: WINDOWS-PC [administrator]

2/01/2013 18:26:58

mbam-log-2013-01-02 (18-26-58).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 225299

Verstreken tijd: 2 minuut/minuten, 21 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

--

nieuwe HijackThis:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:34:41, on 2/01/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16455)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={344DE650-C01E-494B-94E1-7503AF968C7F}&mid=cd259b0d7e7047d08178d1568033f2c0-163d936407735f60b12ac8c9ab6868ed1af88526〈=nl&ds=is015&pr=sa&d=2012-12-17 18:46:04&v=13.2.0.5&sap=hp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [DriverMax] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -agent

O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -RESTART

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F8D1126C80F9311A03F66B81B56B8A9C] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-1065886021-3104463657-3308724018-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-1065886021-3104463657-3308724018-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\WINDOWS\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9346 bytes

Grtz

[kweezie wabbit]

Download AdwCleaner by Xplode naar je bureaublad.

• Sluit alle openstaande vensters.
  
• Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
  
• Voor XP: Gewoon dubbelklikken op AdwCleaner.
  
• Klik vervolgens op Verwijderen.
  
• Klik bij AdwCleaner – Informatie op OK
  
• Klik bij AdwCleaner – Herstarten Noodzakelijk op OK
  

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht.

[smettn]

# AdwCleaner v2.104 - Verslag gemaakt op 03/01/2013 om 14:06:13

# Geactualiseerd op 29/12/2012 door Xplode

# Besturingssysteem : Windows 7 Professional Service Pack 1 (64 bits)

# Gebruiker : WINDOWS - WINDOWS-PC

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Users\WINDOWS\Downloads\adwcleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

Map Verwijdert : C:\Program Files (x86)\AVG Secure Search

Map Verwijdert : C:\Program Files (x86)\Conduit

Map Verwijdert : C:\Program Files (x86)\uTorrentBar_NL

Map Verwijdert : C:\ProgramData\AVG Secure Search

Map Verwijdert : C:\Users\WINDOWS\AppData\Local\AVG Secure Search

Map Verwijdert : C:\Users\WINDOWS\AppData\Local\Conduit

Map Verwijdert : C:\Users\WINDOWS\AppData\LocalLow\AVG Secure Search

Map Verwijdert : C:\Users\WINDOWS\AppData\LocalLow\Conduit

Map Verwijdert : C:\Users\WINDOWS\AppData\LocalLow\uTorrentBar_NL

Verwijdert bij het opstarten : C:\Program Files (x86)\Common Files\AVG Secure Search

***** [Register] *****

Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit

Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar

Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\uTorrentBar_NL

Sleutel Verwijdert : HKCU\Software\AppDataLow\Toolbar

Sleutel Verwijdert : HKCU\Software\AVG Secure Search

Sleutel Verwijdert : HKCU\Software\Conduit

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{87775FDB-6972-41F9-AE51-8326E38CB206}

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Sleutel Verwijdert : HKLM\Software\AVG Secure Search

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\S

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2865317

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Sleutel Verwijdert : HKLM\Software\Conduit

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E87EA0C-D5FA-4BD8-A9E1-C341F4B798F8}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijdert : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Sleutel Verwijdert : HKLM\Software\uTorrentBar_NL

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3E87EA0C-D5FA-4BD8-A9E1-C341F4B798F8}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08059736-5183-47C9-A74E-E4956AD1ABD6}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CD6BB5B-F199-4486-8CB6-8DACB66A05CA}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_NL Toolbar

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{87775FDB-6972-41F9-AE51-8326E38CB206}]

Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [browsers] *****

-\\ Internet Explorer v9.0.8112.16455

Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.avg.com/?cid={344DE650-C01E-494B-94E1-7503AF968C7F}&mid=cd259b0d7e7047d08178d1568033f2c0-163d936407735f60b12ac8c9ab6868ed1af88526〈=nl&ds=is015&pr=sa&d=2012-12-17 18:46:04&v=13.2.0.5&sap=hp --> hxxp://www.google.com

-\\ Google Chrome v23.0.1271.97

File : C:\Users\WINDOWS\AppData\Local\Google\Chrome\User Data\Default\Preferences

Verwijdert [l.8] : homepage = "hxxp://isearch.avg.com/?cid={344DE650-C01E-494B-94E1-7503AF968C7F}&mid=cd259b0d7e[...]

Verwijdert [l.12] : urls_to_restore_on_startup = [ "hxxp://isearch.avg.com/?cid={344DE650-C01E-494B-94E1-7503A[...]

Verwijdert [l.1891] : homepage = "hxxp://isearch.avg.com/?cid={344DE650-C01E-494B-94E1-7503AF968C7F}&mid=cd259b0d7e704[...]

Verwijdert [l.2278] : urls_to_restore_on_startup = [ "hxxp://isearch.avg.com/?cid={344DE650-C01E-494B-94E1-7503AF96[...]

*************************

AdwCleaner[s1].txt - [6983 octets] - [03/01/2013 14:06:13]

########## EOF - C:\AdwCleaner[s1].txt - [7043 octets] ##########

grtz

[kweezie wabbit]

Hoe staat het nu met de internetverbinding?

[smettn]

Internet is tot nu toe nog niet uitgevallen, wel wat 'lagg' gehad tijdens online gamen ( van de hoge latency )

[kweezie wabbit]

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

[smettn]

ComboFix 13-01-04.01 - WINDOWS 04/01/2013 10:57:56.1.4 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.32.1043.18.4095.2706 [GMT 1:00]

Gestart vanuit: c:\users\WINDOWS\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

D:\install.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-12-04 to 2013-01-04 ))))))))))))))))))))))))))))))

.

.

2013-01-02 17:26 . 2013-01-02 17:26 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\Malwarebytes

2013-01-02 17:25 . 2013-01-02 17:25 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-01-02 17:25 . 2013-01-02 17:25 -------- d-----w- c:\programdata\Malwarebytes

2013-01-02 17:25 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-01-02 17:25 . 2013-01-02 17:25 -------- d-----w- c:\users\WINDOWS\AppData\Local\Programs

2013-01-01 16:58 . 2013-01-01 16:58 388096 ----a-r- c:\users\WINDOWS\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-01-01 16:58 . 2013-01-01 16:58 -------- d-----w- c:\program files (x86)\Trend Micro

2012-12-19 15:42 . 2012-12-19 15:42 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\DVDVideoSoft

2012-12-19 15:42 . 2012-12-19 15:42 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft

2012-12-19 15:42 . 2012-12-19 15:42 -------- d-----w- c:\program files (x86)\DVDVideoSoft

2012-12-17 17:49 . 2011-10-05 09:55 729152 ----a-w- c:\windows\system32\drivers\netr7364.sys

2012-12-17 17:46 . 2012-12-17 17:46 -------- d-----w- c:\users\WINDOWS\AppData\Local\Innovative Solutions

2012-12-17 17:46 . 2012-12-17 17:46 -------- d-----w- c:\program files (x86)\Innovative Solutions

2012-12-17 17:46 . 2012-12-17 17:45 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2012-12-17 17:46 . 2013-01-03 13:06 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search

2012-12-17 17:45 . 2012-12-17 17:45 -------- d--h--w- c:\programdata\Common Files

2012-12-11 18:47 . 2012-12-12 06:21 -------- d-----w- c:\program files (x86)\Diablo III

2012-12-11 18:47 . 2012-12-11 18:47 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment

2012-12-11 18:47 . 2012-12-11 18:47 -------- d-----w- c:\programdata\Blizzard Entertainment

2012-12-11 18:33 . 2012-12-11 18:34 -------- d-----w- c:\programdata\Battle.net

2012-12-11 15:41 . 2012-12-11 15:41 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\bizarre creations

2012-12-11 15:28 . 2012-12-11 15:28 -------- d-----w- c:\program files (x86)\InstallShield Installation Information

2012-12-11 15:23 . 2012-12-11 15:23 -------- d-----w- c:\program files (x86)\Activision

2012-12-11 14:30 . 2012-12-11 14:30 -------- d-----w- c:\program files (x86)\Electronic Arts

2012-12-11 14:29 . 2012-12-11 14:29 -------- d-----w- c:\programdata\Solidshield

2012-12-11 14:24 . 2012-12-11 14:24 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2012-12-11 14:24 . 2012-12-11 14:24 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite

2012-12-10 16:50 . 2012-12-10 16:50 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\OnLive App

2012-12-10 16:50 . 2012-12-10 16:50 -------- d-----w- c:\program files (x86)\OnLive

2012-12-10 16:03 . 2013-01-04 09:45 -------- d-----w- c:\program files (x86)\Steam

2012-12-10 16:03 . 2012-12-23 15:29 -------- d-----w- c:\program files (x86)\Common Files\Steam

2012-12-10 14:03 . 2012-12-10 14:03 -------- d-----w- c:\program files (x86)\VideoLAN

2012-12-10 13:49 . 2012-12-10 13:49 -------- d-----w- c:\program files (x86)\SystemRequirementsLab

2012-12-10 13:47 . 2012-12-10 13:47 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\SystemRequirementsLab

2012-12-10 13:47 . 2012-12-10 13:47 -------- d-----w- c:\windows\Sun

2012-12-10 13:47 . 2012-12-10 13:47 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-12-10 13:47 . 2012-12-10 13:47 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-12-10 13:47 . 2012-12-10 13:47 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-12-10 13:47 . 2012-12-10 13:47 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-12-10 13:47 . 2012-12-10 13:47 -------- d-----w- c:\program files (x86)\Java

2012-12-10 13:09 . 2012-12-10 13:10 -------- d-----w- c:\program files\WinRAR

2012-12-10 12:32 . 2012-12-10 12:32 -------- d-----w- c:\users\WINDOWS\AppData\Local\CRE

2012-12-10 12:32 . 2012-12-10 12:32 -------- d-----w- c:\program files (x86)\uTorrent

2012-12-10 12:31 . 2012-12-28 21:42 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\uTorrent

2012-12-10 11:54 . 2012-12-10 11:54 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\Avira

2012-12-10 11:49 . 2012-12-11 14:15 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2012-12-10 11:49 . 2012-12-11 14:15 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys

2012-12-10 11:49 . 2012-12-10 11:49 -------- d-----w- c:\programdata\Avira

2012-12-10 11:49 . 2012-12-10 11:49 -------- d-----w- c:\program files (x86)\Avira

2012-12-10 11:49 . 2012-11-16 19:17 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2012-12-10 11:37 . 2013-01-03 13:18 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\vlc

2012-12-10 11:35 . 2012-12-10 11:36 -------- d-----w- c:\users\WINDOWS\AppData\Local\Google

2012-12-10 11:35 . 2012-12-10 11:36 -------- d-----w- c:\program files (x86)\Google

2012-12-10 11:35 . 2012-12-10 11:35 -------- d-----w- c:\users\WINDOWS\AppData\Local\Apps

2012-12-10 11:35 . 2012-12-10 11:35 -------- d-----w- c:\users\WINDOWS\AppData\Local\Deployment

2012-12-09 18:58 . 2012-12-09 19:04 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\Nero

2012-12-09 18:51 . 2012-12-09 18:51 -------- d-----w- c:\program files (x86)\Nero

2012-12-09 18:51 . 2012-12-09 18:51 -------- d-----w- c:\program files (x86)\Common Files\Nero

2012-12-09 18:51 . 2012-12-09 18:51 -------- d-----w- c:\programdata\Nero

2012-12-08 18:41 . 2012-12-27 11:53 -------- d-----w- c:\users\WINDOWS\AppData\Local\ElevatedDiagnostics

2012-12-06 08:10 . 2012-12-06 08:10 -------- d-----w- c:\program files (x86)\FinalWire

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-11-18 13:13 . 2011-03-28 17:36 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-11-13 21:12 . 2012-11-13 21:12 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-11-13 21:12 . 2012-11-13 21:12 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-11-13 20:44 . 2012-11-13 20:44 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-11-13 20:44 . 2012-11-13 20:44 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2012-11-13 20:44 . 2012-11-13 20:44 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2012-11-13 20:44 . 2012-11-13 20:44 89088 ----a-w- c:\windows\system32\ie4uinit.exe

2012-11-13 20:44 . 2012-11-13 20:44 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2012-11-13 20:44 . 2012-11-13 20:44 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-11-13 20:44 . 2012-11-13 20:44 85504 ----a-w- c:\windows\system32\iesetup.dll

2012-11-13 20:44 . 2012-11-13 20:44 82432 ----a-w- c:\windows\system32\icardie.dll

2012-11-13 20:44 . 2012-11-13 20:44 816640 ----a-w- c:\windows\system32\jscript.dll

2012-11-13 20:44 . 2012-11-13 20:44 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2012-11-13 20:44 . 2012-11-13 20:44 76800 ----a-w- c:\windows\system32\tdc.ocx

2012-11-13 20:44 . 2012-11-13 20:44 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2012-11-13 20:44 . 2012-11-13 20:44 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2012-11-13 20:44 . 2012-11-13 20:44 729088 ----a-w- c:\windows\system32\msfeeds.dll

2012-11-13 20:44 . 2012-11-13 20:44 65024 ----a-w- c:\windows\system32\pngfilt.dll

2012-11-13 20:44 . 2012-11-13 20:44 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2012-11-13 20:44 . 2012-11-13 20:44 599040 ----a-w- c:\windows\system32\vbscript.dll

2012-11-13 20:44 . 2012-11-13 20:44 55296 ----a-w- c:\windows\system32\msfeedsbs.dll

2012-11-13 20:44 . 2012-11-13 20:44 534528 ----a-w- c:\windows\system32\ieapfltr.dll

2012-11-13 20:44 . 2012-11-13 20:44 49664 ----a-w- c:\windows\system32\imgutil.dll

2012-11-13 20:44 . 2012-11-13 20:44 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2012-11-13 20:44 . 2012-11-13 20:44 48640 ----a-w- c:\windows\system32\mshtmler.dll

2012-11-13 20:44 . 2012-11-13 20:44 452608 ----a-w- c:\windows\system32\dxtmsft.dll

2012-11-13 20:44 . 2012-11-13 20:44 448512 ----a-w- c:\windows\system32\html.iec

2012-11-13 20:44 . 2012-11-13 20:44 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-11-13 20:44 . 2012-11-13 20:44 403248 ----a-w- c:\windows\system32\iedkcs32.dll

2012-11-13 20:44 . 2012-11-13 20:44 39936 ----a-w- c:\windows\system32\iernonce.dll

2012-11-13 20:44 . 2012-11-13 20:44 3695416 ----a-w- c:\windows\system32\ieapfltr.dat

2012-11-13 20:44 . 2012-11-13 20:44 367104 ----a-w- c:\windows\SysWow64\html.iec

2012-11-13 20:44 . 2012-11-13 20:44 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2012-11-13 20:44 . 2012-11-13 20:44 30720 ----a-w- c:\windows\system32\licmgr10.dll

2012-11-13 20:44 . 2012-11-13 20:44 282112 ----a-w- c:\windows\system32\dxtrans.dll

2012-11-13 20:44 . 2012-11-13 20:44 267776 ----a-w- c:\windows\system32\ieaksie.dll

2012-11-13 20:44 . 2012-11-13 20:44 249344 ----a-w- c:\windows\system32\webcheck.dll

2012-11-13 20:44 . 2012-11-13 20:44 248320 ----a-w- c:\windows\system32\ieui.dll

2012-11-13 20:44 . 2012-11-13 20:44 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-11-13 20:44 . 2012-11-13 20:44 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-11-13 20:44 . 2012-11-13 20:44 237056 ----a-w- c:\windows\system32\url.dll

2012-11-13 20:44 . 2012-11-13 20:44 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2012-11-13 20:44 . 2012-11-13 20:44 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-11-13 20:44 . 2012-11-13 20:44 222208 ----a-w- c:\windows\system32\msls31.dll

2012-11-13 20:44 . 2012-11-13 20:44 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-11-13 20:44 . 2012-11-13 20:44 197120 ----a-w- c:\windows\system32\msrating.dll

2012-11-13 20:44 . 2012-11-13 20:44 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-11-13 20:44 . 2012-11-13 20:44 17811968 ----a-w- c:\windows\system32\mshtml.dll

2012-11-13 20:44 . 2012-11-13 20:44 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-13 20:44 . 2012-11-13 20:44 165888 ----a-w- c:\windows\system32\iexpress.exe

2012-11-13 20:44 . 2012-11-13 20:44 163840 ----a-w- c:\windows\system32\ieakui.dll

2012-11-13 20:44 . 2012-11-13 20:44 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2012-11-13 20:44 . 2012-11-13 20:44 160256 ----a-w- c:\windows\system32\wextract.exe

2012-11-13 20:44 . 2012-11-13 20:44 160256 ----a-w- c:\windows\system32\ieakeng.dll

2012-11-13 20:44 . 2012-11-13 20:44 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2012-11-13 20:44 . 2012-11-13 20:44 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2012-11-13 20:44 . 2012-11-13 20:44 149504 ----a-w- c:\windows\system32\occache.dll

2012-11-13 20:44 . 2012-11-13 20:44 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-13 20:44 . 2012-11-13 20:44 145920 ----a-w- c:\windows\system32\iepeers.dll

2012-11-13 20:44 . 2012-11-13 20:44 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-11-13 20:44 . 2012-11-13 20:44 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-11-13 20:44 . 2012-11-13 20:44 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-11-13 20:44 . 2012-11-13 20:44 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2012-11-13 20:44 . 2012-11-13 20:44 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-11-13 20:44 . 2012-11-13 20:44 12288 ----a-w- c:\windows\system32\mshta.exe

2012-11-13 20:44 . 2012-11-13 20:44 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2012-11-13 20:44 . 2012-11-13 20:44 114176 ----a-w- c:\windows\system32\admparse.dll

2012-11-13 20:44 . 2012-11-13 20:44 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-11-13 20:44 . 2012-11-13 20:44 111616 ----a-w- c:\windows\system32\iesysprep.dll

2012-11-13 20:44 . 2012-11-13 20:44 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2012-11-13 20:44 . 2012-11-13 20:44 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-11-13 20:44 . 2012-11-13 20:44 10752 ----a-w- c:\windows\system32\msfeedssync.exe

2012-11-13 20:44 . 2012-11-13 20:44 103936 ----a-w- c:\windows\system32\inseng.dll

2012-11-13 20:44 . 2012-11-13 20:44 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2012-10-29 20:04 . 2012-11-14 15:13 66395536 ----a-w- c:\windows\system32\MRT.exe

2012-10-18 18:25 . 2012-11-14 15:09 3149824 ----a-w- c:\windows\system32\win32k.sys

2012-10-17 00:31 . 2012-11-18 13:42 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A073B800-9DDC-42E0-B9A5-CBD3D3E1A12D}\mpengine.dll

2012-10-09 18:17 . 2012-11-14 15:09 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-10-09 18:17 . 2012-11-14 15:09 226816 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-10-09 17:40 . 2012-11-14 15:09 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-14 15:09 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]

"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-12-10 1354736]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]

"DriverMax"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-11-14 11324864]

"DriverMax_RESTART"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-11-14 11324864]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-11 384800]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="userinit.exe"

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux9"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2011-02-17 27296]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 netr28x;Ralink 802.11n stuurprogramma voor draadloze netwerken voor Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-14 1255736]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-12-17 30568]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-11 283200]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]

S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]

S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-12-17 711112]

S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [2009-10-13 61440]

S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys [2011-10-05 729152]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2013-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-10 11:35]

.

2013-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-10 11:35]

.

.

--------- X64 Entries -----------

.

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Free YouTube to MP3 Converter - c:\users\WINDOWS\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: DhcpNameServer = 192.168.1.1

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]

"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-01-04 11:03:56

ComboFix-quarantined-files.txt 2013-01-04 10:03

.

Pre-Run: 54.656.425.984 bytes beschikbaar

Post-Run: 54.710.939.648 bytes beschikbaar

.

- - End Of File - - 539819DBE745F522AADDD6E700B25099

Grtz

- - - Updated - - -

ComboFix 13-01-04.01 - WINDOWS 04/01/2013 10:57:56.1.4 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.32.1043.18.4095.2706 [GMT 1:00]

Gestart vanuit: c:\users\WINDOWS\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

D:\install.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-12-04 to 2013-01-04 ))))))))))))))))))))))))))))))

.

.

2013-01-02 17:26 . 2013-01-02 17:26 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\Malwarebytes

2013-01-02 17:25 . 2013-01-02 17:25 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-01-02 17:25 . 2013-01-02 17:25 -------- d-----w- c:\programdata\Malwarebytes

2013-01-02 17:25 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-01-02 17:25 . 2013-01-02 17:25 -------- d-----w- c:\users\WINDOWS\AppData\Local\Programs

2013-01-01 16:58 . 2013-01-01 16:58 388096 ----a-r- c:\users\WINDOWS\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-01-01 16:58 . 2013-01-01 16:58 -------- d-----w- c:\program files (x86)\Trend Micro

2012-12-19 15:42 . 2012-12-19 15:42 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\DVDVideoSoft

2012-12-19 15:42 . 2012-12-19 15:42 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft

2012-12-19 15:42 . 2012-12-19 15:42 -------- d-----w- c:\program files (x86)\DVDVideoSoft

2012-12-17 17:49 . 2011-10-05 09:55 729152 ----a-w- c:\windows\system32\drivers\netr7364.sys

2012-12-17 17:46 . 2012-12-17 17:46 -------- d-----w- c:\users\WINDOWS\AppData\Local\Innovative Solutions

2012-12-17 17:46 . 2012-12-17 17:46 -------- d-----w- c:\program files (x86)\Innovative Solutions

2012-12-17 17:46 . 2012-12-17 17:45 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2012-12-17 17:46 . 2013-01-03 13:06 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search

2012-12-17 17:45 . 2012-12-17 17:45 -------- d--h--w- c:\programdata\Common Files

2012-12-11 18:47 . 2012-12-12 06:21 -------- d-----w- c:\program files (x86)\Diablo III

2012-12-11 18:47 . 2012-12-11 18:47 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment

2012-12-11 18:47 . 2012-12-11 18:47 -------- d-----w- c:\programdata\Blizzard Entertainment

2012-12-11 18:33 . 2012-12-11 18:34 -------- d-----w- c:\programdata\Battle.net

2012-12-11 15:41 . 2012-12-11 15:41 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\bizarre creations

2012-12-11 15:28 . 2012-12-11 15:28 -------- d-----w- c:\program files (x86)\InstallShield Installation Information

2012-12-11 15:23 . 2012-12-11 15:23 -------- d-----w- c:\program files (x86)\Activision

2012-12-11 14:30 . 2012-12-11 14:30 -------- d-----w- c:\program files (x86)\Electronic Arts

2012-12-11 14:29 . 2012-12-11 14:29 -------- d-----w- c:\programdata\Solidshield

2012-12-11 14:24 . 2012-12-11 14:24 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2012-12-11 14:24 . 2012-12-11 14:24 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite

2012-12-10 16:50 . 2012-12-10 16:50 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\OnLive App

2012-12-10 16:50 . 2012-12-10 16:50 -------- d-----w- c:\program files (x86)\OnLive

2012-12-10 16:03 . 2013-01-04 09:45 -------- d-----w- c:\program files (x86)\Steam

2012-12-10 16:03 . 2012-12-23 15:29 -------- d-----w- c:\program files (x86)\Common Files\Steam

2012-12-10 14:03 . 2012-12-10 14:03 -------- d-----w- c:\program files (x86)\VideoLAN

2012-12-10 13:49 . 2012-12-10 13:49 -------- d-----w- c:\program files (x86)\SystemRequirementsLab

2012-12-10 13:47 . 2012-12-10 13:47 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\SystemRequirementsLab

2012-12-10 13:47 . 2012-12-10 13:47 -------- d-----w- c:\windows\Sun

2012-12-10 13:47 . 2012-12-10 13:47 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-12-10 13:47 . 2012-12-10 13:47 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-12-10 13:47 . 2012-12-10 13:47 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-12-10 13:47 . 2012-12-10 13:47 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-12-10 13:47 . 2012-12-10 13:47 -------- d-----w- c:\program files (x86)\Java

2012-12-10 13:09 . 2012-12-10 13:10 -------- d-----w- c:\program files\WinRAR

2012-12-10 12:32 . 2012-12-10 12:32 -------- d-----w- c:\users\WINDOWS\AppData\Local\CRE

2012-12-10 12:32 . 2012-12-10 12:32 -------- d-----w- c:\program files (x86)\uTorrent

2012-12-10 12:31 . 2012-12-28 21:42 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\uTorrent

2012-12-10 11:54 . 2012-12-10 11:54 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\Avira

2012-12-10 11:49 . 2012-12-11 14:15 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2012-12-10 11:49 . 2012-12-11 14:15 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys

2012-12-10 11:49 . 2012-12-10 11:49 -------- d-----w- c:\programdata\Avira

2012-12-10 11:49 . 2012-12-10 11:49 -------- d-----w- c:\program files (x86)\Avira

2012-12-10 11:49 . 2012-11-16 19:17 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2012-12-10 11:37 . 2013-01-03 13:18 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\vlc

2012-12-10 11:35 . 2012-12-10 11:36 -------- d-----w- c:\users\WINDOWS\AppData\Local\Google

2012-12-10 11:35 . 2012-12-10 11:36 -------- d-----w- c:\program files (x86)\Google

2012-12-10 11:35 . 2012-12-10 11:35 -------- d-----w- c:\users\WINDOWS\AppData\Local\Apps

2012-12-10 11:35 . 2012-12-10 11:35 -------- d-----w- c:\users\WINDOWS\AppData\Local\Deployment

2012-12-09 18:58 . 2012-12-09 19:04 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\Nero

2012-12-09 18:51 . 2012-12-09 18:51 -------- d-----w- c:\program files (x86)\Nero

2012-12-09 18:51 . 2012-12-09 18:51 -------- d-----w- c:\program files (x86)\Common Files\Nero

2012-12-09 18:51 . 2012-12-09 18:51 -------- d-----w- c:\programdata\Nero

2012-12-08 18:41 . 2012-12-27 11:53 -------- d-----w- c:\users\WINDOWS\AppData\Local\ElevatedDiagnostics

2012-12-06 08:10 . 2012-12-06 08:10 -------- d-----w- c:\program files (x86)\FinalWire

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-11-18 13:13 . 2011-03-28 17:36 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-11-13 21:12 . 2012-11-13 21:12 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-11-13 21:12 . 2012-11-13 21:12 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-11-13 20:44 . 2012-11-13 20:44 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-11-13 20:44 . 2012-11-13 20:44 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2012-11-13 20:44 . 2012-11-13 20:44 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2012-11-13 20:44 . 2012-11-13 20:44 89088 ----a-w- c:\windows\system32\ie4uinit.exe

2012-11-13 20:44 . 2012-11-13 20:44 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2012-11-13 20:44 . 2012-11-13 20:44 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-11-13 20:44 . 2012-11-13 20:44 85504 ----a-w- c:\windows\system32\iesetup.dll

2012-11-13 20:44 . 2012-11-13 20:44 82432 ----a-w- c:\windows\system32\icardie.dll

2012-11-13 20:44 . 2012-11-13 20:44 816640 ----a-w- c:\windows\system32\jscript.dll

2012-11-13 20:44 . 2012-11-13 20:44 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2012-11-13 20:44 . 2012-11-13 20:44 76800 ----a-w- c:\windows\system32\tdc.ocx

2012-11-13 20:44 . 2012-11-13 20:44 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2012-11-13 20:44 . 2012-11-13 20:44 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2012-11-13 20:44 . 2012-11-13 20:44 729088 ----a-w- c:\windows\system32\msfeeds.dll

2012-11-13 20:44 . 2012-11-13 20:44 65024 ----a-w- c:\windows\system32\pngfilt.dll

2012-11-13 20:44 . 2012-11-13 20:44 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2012-11-13 20:44 . 2012-11-13 20:44 599040 ----a-w- c:\windows\system32\vbscript.dll

2012-11-13 20:44 . 2012-11-13 20:44 55296 ----a-w- c:\windows\system32\msfeedsbs.dll

2012-11-13 20:44 . 2012-11-13 20:44 534528 ----a-w- c:\windows\system32\ieapfltr.dll

2012-11-13 20:44 . 2012-11-13 20:44 49664 ----a-w- c:\windows\system32\imgutil.dll

2012-11-13 20:44 . 2012-11-13 20:44 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2012-11-13 20:44 . 2012-11-13 20:44 48640 ----a-w- c:\windows\system32\mshtmler.dll

2012-11-13 20:44 . 2012-11-13 20:44 452608 ----a-w- c:\windows\system32\dxtmsft.dll

2012-11-13 20:44 . 2012-11-13 20:44 448512 ----a-w- c:\windows\system32\html.iec

2012-11-13 20:44 . 2012-11-13 20:44 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-11-13 20:44 . 2012-11-13 20:44 403248 ----a-w- c:\windows\system32\iedkcs32.dll

2012-11-13 20:44 . 2012-11-13 20:44 39936 ----a-w- c:\windows\system32\iernonce.dll

2012-11-13 20:44 . 2012-11-13 20:44 3695416 ----a-w- c:\windows\system32\ieapfltr.dat

2012-11-13 20:44 . 2012-11-13 20:44 367104 ----a-w- c:\windows\SysWow64\html.iec

2012-11-13 20:44 . 2012-11-13 20:44 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2012-11-13 20:44 . 2012-11-13 20:44 30720 ----a-w- c:\windows\system32\licmgr10.dll

2012-11-13 20:44 . 2012-11-13 20:44 282112 ----a-w- c:\windows\system32\dxtrans.dll

2012-11-13 20:44 . 2012-11-13 20:44 267776 ----a-w- c:\windows\system32\ieaksie.dll

2012-11-13 20:44 . 2012-11-13 20:44 249344 ----a-w- c:\windows\system32\webcheck.dll

2012-11-13 20:44 . 2012-11-13 20:44 248320 ----a-w- c:\windows\system32\ieui.dll

2012-11-13 20:44 . 2012-11-13 20:44 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-11-13 20:44 . 2012-11-13 20:44 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-11-13 20:44 . 2012-11-13 20:44 237056 ----a-w- c:\windows\system32\url.dll

2012-11-13 20:44 . 2012-11-13 20:44 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2012-11-13 20:44 . 2012-11-13 20:44 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-11-13 20:44 . 2012-11-13 20:44 222208 ----a-w- c:\windows\system32\msls31.dll

2012-11-13 20:44 . 2012-11-13 20:44 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-11-13 20:44 . 2012-11-13 20:44 197120 ----a-w- c:\windows\system32\msrating.dll

2012-11-13 20:44 . 2012-11-13 20:44 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-11-13 20:44 . 2012-11-13 20:44 17811968 ----a-w- c:\windows\system32\mshtml.dll

2012-11-13 20:44 . 2012-11-13 20:44 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-13 20:44 . 2012-11-13 20:44 165888 ----a-w- c:\windows\system32\iexpress.exe

2012-11-13 20:44 . 2012-11-13 20:44 163840 ----a-w- c:\windows\system32\ieakui.dll

2012-11-13 20:44 . 2012-11-13 20:44 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2012-11-13 20:44 . 2012-11-13 20:44 160256 ----a-w- c:\windows\system32\wextract.exe

2012-11-13 20:44 . 2012-11-13 20:44 160256 ----a-w- c:\windows\system32\ieakeng.dll

2012-11-13 20:44 . 2012-11-13 20:44 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2012-11-13 20:44 . 2012-11-13 20:44 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2012-11-13 20:44 . 2012-11-13 20:44 149504 ----a-w- c:\windows\system32\occache.dll

2012-11-13 20:44 . 2012-11-13 20:44 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-13 20:44 . 2012-11-13 20:44 145920 ----a-w- c:\windows\system32\iepeers.dll

2012-11-13 20:44 . 2012-11-13 20:44 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-11-13 20:44 . 2012-11-13 20:44 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-11-13 20:44 . 2012-11-13 20:44 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-11-13 20:44 . 2012-11-13 20:44 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2012-11-13 20:44 . 2012-11-13 20:44 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-11-13 20:44 . 2012-11-13 20:44 12288 ----a-w- c:\windows\system32\mshta.exe

2012-11-13 20:44 . 2012-11-13 20:44 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2012-11-13 20:44 . 2012-11-13 20:44 114176 ----a-w- c:\windows\system32\admparse.dll

2012-11-13 20:44 . 2012-11-13 20:44 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-11-13 20:44 . 2012-11-13 20:44 111616 ----a-w- c:\windows\system32\iesysprep.dll

2012-11-13 20:44 . 2012-11-13 20:44 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2012-11-13 20:44 . 2012-11-13 20:44 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-11-13 20:44 . 2012-11-13 20:44 10752 ----a-w- c:\windows\system32\msfeedssync.exe

2012-11-13 20:44 . 2012-11-13 20:44 103936 ----a-w- c:\windows\system32\inseng.dll

2012-11-13 20:44 . 2012-11-13 20:44 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2012-10-29 20:04 . 2012-11-14 15:13 66395536 ----a-w- c:\windows\system32\MRT.exe

2012-10-18 18:25 . 2012-11-14 15:09 3149824 ----a-w- c:\windows\system32\win32k.sys

2012-10-17 00:31 . 2012-11-18 13:42 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A073B800-9DDC-42E0-B9A5-CBD3D3E1A12D}\mpengine.dll

2012-10-09 18:17 . 2012-11-14 15:09 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-10-09 18:17 . 2012-11-14 15:09 226816 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-10-09 17:40 . 2012-11-14 15:09 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-14 15:09 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]

"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-12-10 1354736]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]

"DriverMax"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-11-14 11324864]

"DriverMax_RESTART"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-11-14 11324864]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-11 384800]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="userinit.exe"

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux9"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2011-02-17 27296]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 netr28x;Ralink 802.11n stuurprogramma voor draadloze netwerken voor Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-14 1255736]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-12-17 30568]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-11 283200]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]

S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]

S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-12-17 711112]

S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [2009-10-13 61440]

S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys [2011-10-05 729152]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2013-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-10 11:35]

.

2013-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-10 11:35]

.

.

--------- X64 Entries -----------

.

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Free YouTube to MP3 Converter - c:\users\WINDOWS\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: DhcpNameServer = 192.168.1.1

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]

"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-01-04 11:03:56

ComboFix-quarantined-files.txt 2013-01-04 10:03

.

Pre-Run: 54.656.425.984 bytes beschikbaar

Post-Run: 54.710.939.648 bytes beschikbaar

.

- - End Of File - - 539819DBE745F522AADDD6E700B25099

Grtz

- - - Updated - - -

ComboFix 13-01-04.01 - WINDOWS 04/01/2013 10:57:56.1.4 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.32.1043.18.4095.2706 [GMT 1:00]

Gestart vanuit: c:\users\WINDOWS\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

D:\install.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-12-04 to 2013-01-04 ))))))))))))))))))))))))))))))

.

.

2013-01-02 17:26 . 2013-01-02 17:26 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\Malwarebytes

2013-01-02 17:25 . 2013-01-02 17:25 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-01-02 17:25 . 2013-01-02 17:25 -------- d-----w- c:\programdata\Malwarebytes

2013-01-02 17:25 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-01-02 17:25 . 2013-01-02 17:25 -------- d-----w- c:\users\WINDOWS\AppData\Local\Programs

2013-01-01 16:58 . 2013-01-01 16:58 388096 ----a-r- c:\users\WINDOWS\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-01-01 16:58 . 2013-01-01 16:58 -------- d-----w- c:\program files (x86)\Trend Micro

2012-12-19 15:42 . 2012-12-19 15:42 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\DVDVideoSoft

2012-12-19 15:42 . 2012-12-19 15:42 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft

2012-12-19 15:42 . 2012-12-19 15:42 -------- d-----w- c:\program files (x86)\DVDVideoSoft

2012-12-17 17:49 . 2011-10-05 09:55 729152 ----a-w- c:\windows\system32\drivers\netr7364.sys

2012-12-17 17:46 . 2012-12-17 17:46 -------- d-----w- c:\users\WINDOWS\AppData\Local\Innovative Solutions

2012-12-17 17:46 . 2012-12-17 17:46 -------- d-----w- c:\program files (x86)\Innovative Solutions

2012-12-17 17:46 . 2012-12-17 17:45 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2012-12-17 17:46 . 2013-01-03 13:06 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search

2012-12-17 17:45 . 2012-12-17 17:45 -------- d--h--w- c:\programdata\Common Files

2012-12-11 18:47 . 2012-12-12 06:21 -------- d-----w- c:\program files (x86)\Diablo III

2012-12-11 18:47 . 2012-12-11 18:47 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment

2012-12-11 18:47 . 2012-12-11 18:47 -------- d-----w- c:\programdata\Blizzard Entertainment

2012-12-11 18:33 . 2012-12-11 18:34 -------- d-----w- c:\programdata\Battle.net

2012-12-11 15:41 . 2012-12-11 15:41 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\bizarre creations

2012-12-11 15:28 . 2012-12-11 15:28 -------- d-----w- c:\program files (x86)\InstallShield Installation Information

2012-12-11 15:23 . 2012-12-11 15:23 -------- d-----w- c:\program files (x86)\Activision

2012-12-11 14:30 . 2012-12-11 14:30 -------- d-----w- c:\program files (x86)\Electronic Arts

2012-12-11 14:29 . 2012-12-11 14:29 -------- d-----w- c:\programdata\Solidshield

2012-12-11 14:24 . 2012-12-11 14:24 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2012-12-11 14:24 . 2012-12-11 14:24 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite

2012-12-10 16:50 . 2012-12-10 16:50 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\OnLive App

2012-12-10 16:50 . 2012-12-10 16:50 -------- d-----w- c:\program files (x86)\OnLive

2012-12-10 16:03 . 2013-01-04 09:45 -------- d-----w- c:\program files (x86)\Steam

2012-12-10 16:03 . 2012-12-23 15:29 -------- d-----w- c:\program files (x86)\Common Files\Steam

2012-12-10 14:03 . 2012-12-10 14:03 -------- d-----w- c:\program files (x86)\VideoLAN

2012-12-10 13:49 . 2012-12-10 13:49 -------- d-----w- c:\program files (x86)\SystemRequirementsLab

2012-12-10 13:47 . 2012-12-10 13:47 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\SystemRequirementsLab

2012-12-10 13:47 . 2012-12-10 13:47 -------- d-----w- c:\windows\Sun

2012-12-10 13:47 . 2012-12-10 13:47 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-12-10 13:47 . 2012-12-10 13:47 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-12-10 13:47 . 2012-12-10 13:47 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-12-10 13:47 . 2012-12-10 13:47 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-12-10 13:47 . 2012-12-10 13:47 -------- d-----w- c:\program files (x86)\Java

2012-12-10 13:09 . 2012-12-10 13:10 -------- d-----w- c:\program files\WinRAR

2012-12-10 12:32 . 2012-12-10 12:32 -------- d-----w- c:\users\WINDOWS\AppData\Local\CRE

2012-12-10 12:32 . 2012-12-10 12:32 -------- d-----w- c:\program files (x86)\uTorrent

2012-12-10 12:31 . 2012-12-28 21:42 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\uTorrent

2012-12-10 11:54 . 2012-12-10 11:54 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\Avira

2012-12-10 11:49 . 2012-12-11 14:15 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2012-12-10 11:49 . 2012-12-11 14:15 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys

2012-12-10 11:49 . 2012-12-10 11:49 -------- d-----w- c:\programdata\Avira

2012-12-10 11:49 . 2012-12-10 11:49 -------- d-----w- c:\program files (x86)\Avira

2012-12-10 11:49 . 2012-11-16 19:17 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2012-12-10 11:37 . 2013-01-03 13:18 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\vlc

2012-12-10 11:35 . 2012-12-10 11:36 -------- d-----w- c:\users\WINDOWS\AppData\Local\Google

2012-12-10 11:35 . 2012-12-10 11:36 -------- d-----w- c:\program files (x86)\Google

2012-12-10 11:35 . 2012-12-10 11:35 -------- d-----w- c:\users\WINDOWS\AppData\Local\Apps

2012-12-10 11:35 . 2012-12-10 11:35 -------- d-----w- c:\users\WINDOWS\AppData\Local\Deployment

2012-12-09 18:58 . 2012-12-09 19:04 -------- d-----w- c:\users\WINDOWS\AppData\Roaming\Nero

2012-12-09 18:51 . 2012-12-09 18:51 -------- d-----w- c:\program files (x86)\Nero

2012-12-09 18:51 . 2012-12-09 18:51 -------- d-----w- c:\program files (x86)\Common Files\Nero

2012-12-09 18:51 . 2012-12-09 18:51 -------- d-----w- c:\programdata\Nero

2012-12-08 18:41 . 2012-12-27 11:53 -------- d-----w- c:\users\WINDOWS\AppData\Local\ElevatedDiagnostics

2012-12-06 08:10 . 2012-12-06 08:10 -------- d-----w- c:\program files (x86)\FinalWire

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-11-18 13:13 . 2011-03-28 17:36 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-11-13 21:12 . 2012-11-13 21:12 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-11-13 21:12 . 2012-11-13 21:12 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-11-13 20:44 . 2012-11-13 20:44 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-11-13 20:44 . 2012-11-13 20:44 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2012-11-13 20:44 . 2012-11-13 20:44 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2012-11-13 20:44 . 2012-11-13 20:44 89088 ----a-w- c:\windows\system32\ie4uinit.exe

2012-11-13 20:44 . 2012-11-13 20:44 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2012-11-13 20:44 . 2012-11-13 20:44 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-11-13 20:44 . 2012-11-13 20:44 85504 ----a-w- c:\windows\system32\iesetup.dll

2012-11-13 20:44 . 2012-11-13 20:44 82432 ----a-w- c:\windows\system32\icardie.dll

2012-11-13 20:44 . 2012-11-13 20:44 816640 ----a-w- c:\windows\system32\jscript.dll

2012-11-13 20:44 . 2012-11-13 20:44 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2012-11-13 20:44 . 2012-11-13 20:44 76800 ----a-w- c:\windows\system32\tdc.ocx

2012-11-13 20:44 . 2012-11-13 20:44 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2012-11-13 20:44 . 2012-11-13 20:44 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2012-11-13 20:44 . 2012-11-13 20:44 729088 ----a-w- c:\windows\system32\msfeeds.dll

2012-11-13 20:44 . 2012-11-13 20:44 65024 ----a-w- c:\windows\system32\pngfilt.dll

2012-11-13 20:44 . 2012-11-13 20:44 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2012-11-13 20:44 . 2012-11-13 20:44 599040 ----a-w- c:\windows\system32\vbscript.dll

2012-11-13 20:44 . 2012-11-13 20:44 55296 ----a-w- c:\windows\system32\msfeedsbs.dll

2012-11-13 20:44 . 2012-11-13 20:44 534528 ----a-w- c:\windows\system32\ieapfltr.dll

2012-11-13 20:44 . 2012-11-13 20:44 49664 ----a-w- c:\windows\system32\imgutil.dll

2012-11-13 20:44 . 2012-11-13 20:44 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2012-11-13 20:44 . 2012-11-13 20:44 48640 ----a-w- c:\windows\system32\mshtmler.dll

2012-11-13 20:44 . 2012-11-13 20:44 452608 ----a-w- c:\windows\system32\dxtmsft.dll

2012-11-13 20:44 . 2012-11-13 20:44 448512 ----a-w- c:\windows\system32\html.iec

2012-11-13 20:44 . 2012-11-13 20:44 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-11-13 20:44 . 2012-11-13 20:44 403248 ----a-w- c:\windows\system32\iedkcs32.dll

2012-11-13 20:44 . 2012-11-13 20:44 39936 ----a-w- c:\windows\system32\iernonce.dll

2012-11-13 20:44 . 2012-11-13 20:44 3695416 ----a-w- c:\windows\system32\ieapfltr.dat

2012-11-13 20:44 . 2012-11-13 20:44 367104 ----a-w- c:\windows\SysWow64\html.iec

2012-11-13 20:44 . 2012-11-13 20:44 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2012-11-13 20:44 . 2012-11-13 20:44 30720 ----a-w- c:\windows\system32\licmgr10.dll

2012-11-13 20:44 . 2012-11-13 20:44 282112 ----a-w- c:\windows\system32\dxtrans.dll

2012-11-13 20:44 . 2012-11-13 20:44 267776 ----a-w- c:\windows\system32\ieaksie.dll

2012-11-13 20:44 . 2012-11-13 20:44 249344 ----a-w- c:\windows\system32\webcheck.dll

2012-11-13 20:44 . 2012-11-13 20:44 248320 ----a-w- c:\windows\system32\ieui.dll

2012-11-13 20:44 . 2012-11-13 20:44 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-11-13 20:44 . 2012-11-13 20:44 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-11-13 20:44 . 2012-11-13 20:44 237056 ----a-w- c:\windows\system32\url.dll

2012-11-13 20:44 . 2012-11-13 20:44 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2012-11-13 20:44 . 2012-11-13 20:44 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-11-13 20:44 . 2012-11-13 20:44 222208 ----a-w- c:\windows\system32\msls31.dll

2012-11-13 20:44 . 2012-11-13 20:44 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-11-13 20:44 . 2012-11-13 20:44 197120 ----a-w- c:\windows\system32\msrating.dll

2012-11-13 20:44 . 2012-11-13 20:44 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-11-13 20:44 . 2012-11-13 20:44 17811968 ----a-w- c:\windows\system32\mshtml.dll

2012-11-13 20:44 . 2012-11-13 20:44 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-13 20:44 . 2012-11-13 20:44 165888 ----a-w- c:\windows\system32\iexpress.exe

2012-11-13 20:44 . 2012-11-13 20:44 163840 ----a-w- c:\windows\system32\ieakui.dll

2012-11-13 20:44 . 2012-11-13 20:44 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2012-11-13 20:44 . 2012-11-13 20:44 160256 ----a-w- c:\windows\system32\wextract.exe

2012-11-13 20:44 . 2012-11-13 20:44 160256 ----a-w- c:\windows\system32\ieakeng.dll

2012-11-13 20:44 . 2012-11-13 20:44 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2012-11-13 20:44 . 2012-11-13 20:44 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2012-11-13 20:44 . 2012-11-13 20:44 149504 ----a-w- c:\windows\system32\occache.dll

2012-11-13 20:44 . 2012-11-13 20:44 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-13 20:44 . 2012-11-13 20:44 145920 ----a-w- c:\windows\system32\iepeers.dll

2012-11-13 20:44 . 2012-11-13 20:44 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-11-13 20:44 . 2012-11-13 20:44 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-11-13 20:44 . 2012-11-13 20:44 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-11-13 20:44 . 2012-11-13 20:44 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2012-11-13 20:44 . 2012-11-13 20:44 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-11-13 20:44 . 2012-11-13 20:44 12288 ----a-w- c:\windows\system32\mshta.exe

2012-11-13 20:44 . 2012-11-13 20:44 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2012-11-13 20:44 . 2012-11-13 20:44 114176 ----a-w- c:\windows\system32\admparse.dll

2012-11-13 20:44 . 2012-11-13 20:44 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-11-13 20:44 . 2012-11-13 20:44 111616 ----a-w- c:\windows\system32\iesysprep.dll

2012-11-13 20:44 . 2012-11-13 20:44 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2012-11-13 20:44 . 2012-11-13 20:44 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-11-13 20:44 . 2012-11-13 20:44 10752 ----a-w- c:\windows\system32\msfeedssync.exe

2012-11-13 20:44 . 2012-11-13 20:44 103936 ----a-w- c:\windows\system32\inseng.dll

2012-11-13 20:44 . 2012-11-13 20:44 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2012-10-29 20:04 . 2012-11-14 15:13 66395536 ----a-w- c:\windows\system32\MRT.exe

2012-10-18 18:25 . 2012-11-14 15:09 3149824 ----a-w- c:\windows\system32\win32k.sys

2012-10-17 00:31 . 2012-11-18 13:42 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A073B800-9DDC-42E0-B9A5-CBD3D3E1A12D}\mpengine.dll

2012-10-09 18:17 . 2012-11-14 15:09 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-10-09 18:17 . 2012-11-14 15:09 226816 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-10-09 17:40 . 2012-11-14 15:09 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-14 15:09 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]

"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-12-10 1354736]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]

"DriverMax"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-11-14 11324864]

"DriverMax_RESTART"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-11-14 11324864]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-11 384800]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="userinit.exe"

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux9"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2011-02-17 27296]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 netr28x;Ralink 802.11n stuurprogramma voor draadloze netwerken voor Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-14 1255736]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-12-17 30568]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-11 283200]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]

S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]

S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-12-17 711112]

S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [2009-10-13 61440]

S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys [2011-10-05 729152]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2013-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-10 11:35]

.

2013-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-10 11:35]

.

.

--------- X64 Entries -----------

.

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Free YouTube to MP3 Converter - c:\users\WINDOWS\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: DhcpNameServer = 192.168.1.1

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]

"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-01-04 11:03:56

ComboFix-quarantined-files.txt 2013-01-04 10:03

.

Pre-Run: 54.656.425.984 bytes beschikbaar

Post-Run: 54.710.939.648 bytes beschikbaar

.

- - End Of File - - 539819DBE745F522AADDD6E700B25099

Grtz