Ga naar inhoud

PC is sloom

Nikay
 Delen

Aanbevolen berichten

Nikay Bijdrager

Nikay

Geplaatst:
Geplaatst:

Aangezien mijn computer de laatste tijd nogal sloom is heb ik besloten om te vragen of jullie een keer naar het onderstaande logje willen kijken?

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:46:55, on 11-4-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16476)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Samsung\Kies\Kies.exe

C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe

C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Users\Nikay\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Users\Nikay\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Nikay\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Nikay\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Nikay\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Nikay\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Nikay\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Nikay\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Nikay\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Easylifeapp Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Easylifeapp Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Nikay\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [unified Remote v2] C:\Program Files (x86)\Unified Remote\RemoteServer.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = Nikay\AppData\Roaming\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11388 bytes

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

Hier kan je lezen hoe je Combofix moet gebruiken.

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: klik hier of hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites
Nikay Bijdrager

Nikay

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 13-04-11.01 - Nikay 11-04-2013 22:36:20.1.8 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.8147.5206 [GMT 2:00]

Gestart vanuit: c:\users\Nikay\Downloads\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\prefs.js

c:\programdata\Bryowwsee2ssave

c:\programdata\Bryowwsee2ssave\5130ed77ec1bc.tlb

c:\programdata\Bryowwsee2ssave\data\Bryowwsee2ssave.dat

c:\programdata\Bryowwsee2ssave\settings.ini

c:\programdata\Bryowwsee2ssave\uninstall.exe

c:\programdata\Microsoft\Windows\Start Menu\Programs\Bryowwsee2ssave

c:\programdata\Microsoft\Windows\Start Menu\Programs\Bryowwsee2ssave\Bryowwsee2ssave.lnk

c:\programdata\Microsoft\Windows\Start Menu\Programs\Bryowwsee2ssave\Uninstall.lnk

c:\windows\SysWow64\muzapp.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-03-11 to 2013-04-11 ))))))))))))))))))))))))))))))

.

.

2013-04-11 20:40 . 2013-04-11 20:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2013-04-11 20:40 . 2013-04-11 20:40 -------- d-----w- c:\users\Default_org\AppData\Local\temp

2013-04-11 20:40 . 2013-04-11 20:40 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-04-11 18:45 . 2013-04-11 18:45 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{65EED65F-D278-4719-A923-93331B69FA8F}\offreg.dll

2013-04-11 15:08 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{65EED65F-D278-4719-A923-93331B69FA8F}\mpengine.dll

2013-04-10 21:44 . 2013-02-22 07:04 763520 ----a-w- c:\program files\Internet Explorer\iexplore.exe

2013-04-10 21:41 . 2013-04-10 21:41 -------- d-----w- c:\program files (x86)\Common Files\Skype

2013-04-10 15:50 . 2013-03-02 06:04 1655656 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-04-10 15:50 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys

2013-04-10 15:50 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys

2013-04-10 15:50 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-04-10 15:50 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2013-04-10 15:50 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2013-04-10 15:50 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe

2013-04-10 15:49 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll

2013-04-10 15:49 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll

2013-04-10 06:46 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-04-07 10:35 . 2013-04-07 10:42 -------- d-----w- c:\users\Nikay\AppData\Roaming\Audacity

2013-03-31 13:39 . 2013-03-31 13:39 -------- d-----w- C:\Upload

2013-03-31 13:38 . 2013-03-31 13:38 -------- d-----w- c:\users\Nikay\.swt

2013-03-31 13:37 . 2013-03-31 13:39 -------- d-----w- C:\AllShare Play

2013-03-27 21:10 . 2013-03-27 21:10 -------- d-----w- c:\users\Nikay\AppData\Roaming\Unified Remote

2013-03-26 18:16 . 2013-02-22 07:17 203544 ----a-w- c:\windows\system32\drivers\ssudmdm.sys

2013-03-26 18:16 . 2013-02-22 07:17 102936 ----a-w- c:\windows\system32\drivers\ssudbus.sys

2013-03-26 18:01 . 2013-03-26 18:01 -------- d-----w- c:\program files (x86)\MarkAny

2013-03-26 18:00 . 2013-03-26 18:00 -------- d-----w- c:\users\Nikay\AppData\Roaming\Samsung

2013-03-26 18:00 . 2013-03-26 18:00 -------- d-----w- c:\users\Nikay\AppData\Local\Samsung

2013-03-26 17:57 . 2013-03-26 17:57 -------- d-----w- c:\program files (x86)\MyFree Codec

2013-03-26 17:50 . 2013-02-05 16:53 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll

2013-03-26 17:50 . 2013-02-05 16:52 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll

2013-03-26 17:49 . 2013-03-26 17:59 -------- d-----w- c:\program files (x86)\Samsung

2013-03-26 17:49 . 2013-03-26 17:59 -------- d-----w- c:\programdata\Samsung

2013-03-26 17:42 . 2013-03-26 17:42 -------- d-----w- c:\users\Nikay\AppData\Local\Downloaded Installations

2013-03-26 06:37 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-03-21 08:36 . 2012-11-28 08:52 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1112980A-E87E-4B95-9E3A-A8EB62F402C1}\gapaengine.dll

2013-03-17 21:40 . 2013-03-17 21:40 -------- d-----w- c:\program files\Microsoft Silverlight

2013-03-17 21:40 . 2013-03-17 21:40 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-04-10 21:46 . 2012-07-05 08:43 72702784 ----a-w- c:\windows\system32\MRT.exe

2013-04-04 12:50 . 2012-09-15 14:09 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-04-02 10:34 . 2010-11-21 03:27 282744 ------w- c:\windows\system32\MpSigStub.exe

2013-03-17 11:40 . 2012-07-12 20:08 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-03-17 11:40 . 2011-08-18 05:02 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-03-05 18:22 . 2013-03-05 18:22 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2013-03-05 18:22 . 2013-03-05 18:22 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2013-03-05 18:22 . 2013-03-05 18:22 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2013-03-05 18:22 . 2013-03-05 18:22 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2013-03-05 18:22 . 2013-03-05 18:22 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2013-03-05 18:22 . 2013-03-05 18:22 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2013-03-05 18:22 . 2013-03-05 18:22 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2013-03-05 18:22 . 2013-03-05 18:22 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2013-03-05 18:22 . 2013-03-05 18:22 367104 ----a-w- c:\windows\SysWow64\html.iec

2013-03-05 18:22 . 2013-03-05 18:22 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2013-03-05 18:22 . 2013-03-05 18:22 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2013-03-05 18:22 . 2013-03-05 18:22 222208 ----a-w- c:\windows\system32\msls31.dll

2013-03-05 18:22 . 2013-03-05 18:22 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2013-03-05 18:22 . 2013-03-05 18:22 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2013-03-05 18:22 . 2013-03-05 18:22 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2013-03-05 18:22 . 2013-03-05 18:22 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2013-03-05 18:22 . 2013-03-05 18:22 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2013-03-05 18:22 . 2013-03-05 18:22 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2013-03-05 18:22 . 2013-03-05 18:22 89088 ----a-w- c:\windows\system32\ie4uinit.exe

2013-03-05 18:22 . 2013-03-05 18:22 85504 ----a-w- c:\windows\system32\iesetup.dll

2013-03-05 18:22 . 2013-03-05 18:22 82432 ----a-w- c:\windows\system32\icardie.dll

2013-03-05 18:22 . 2013-03-05 18:22 76800 ----a-w- c:\windows\system32\tdc.ocx

2013-03-05 18:22 . 2013-03-05 18:22 65024 ----a-w- c:\windows\system32\pngfilt.dll

2013-03-05 18:22 . 2013-03-05 18:22 55296 ----a-w- c:\windows\system32\msfeedsbs.dll

2013-03-05 18:22 . 2013-03-05 18:22 534528 ----a-w- c:\windows\system32\ieapfltr.dll

2013-03-05 18:22 . 2013-03-05 18:22 49664 ----a-w- c:\windows\system32\imgutil.dll

2013-03-05 18:22 . 2013-03-05 18:22 48640 ----a-w- c:\windows\system32\mshtmler.dll

2013-03-05 18:22 . 2013-03-05 18:22 452608 ----a-w- c:\windows\system32\dxtmsft.dll

2013-03-05 18:22 . 2013-03-05 18:22 448512 ----a-w- c:\windows\system32\html.iec

2013-03-05 18:22 . 2013-03-05 18:22 403248 ----a-w- c:\windows\system32\iedkcs32.dll

2013-03-05 18:22 . 2013-03-05 18:22 39936 ----a-w- c:\windows\system32\iernonce.dll

2013-03-05 18:22 . 2013-03-05 18:22 3695416 ----a-w- c:\windows\system32\ieapfltr.dat

2013-03-05 18:22 . 2013-03-05 18:22 30720 ----a-w- c:\windows\system32\licmgr10.dll

2013-03-05 18:22 . 2013-03-05 18:22 282112 ----a-w- c:\windows\system32\dxtrans.dll

2013-03-05 18:22 . 2013-03-05 18:22 267776 ----a-w- c:\windows\system32\ieaksie.dll

2013-03-05 18:22 . 2013-03-05 18:22 249344 ----a-w- c:\windows\system32\webcheck.dll

2013-03-05 18:22 . 2013-03-05 18:22 197120 ----a-w- c:\windows\system32\msrating.dll

2013-03-05 18:22 . 2013-03-05 18:22 165888 ----a-w- c:\windows\system32\iexpress.exe

2013-03-05 18:22 . 2013-03-05 18:22 163840 ----a-w- c:\windows\system32\ieakui.dll

2013-03-05 18:22 . 2013-03-05 18:22 160256 ----a-w- c:\windows\system32\wextract.exe

2013-03-05 18:22 . 2013-03-05 18:22 160256 ----a-w- c:\windows\system32\ieakeng.dll

2013-03-05 18:22 . 2013-03-05 18:22 149504 ----a-w- c:\windows\system32\occache.dll

2013-03-05 18:22 . 2013-03-05 18:22 145920 ----a-w- c:\windows\system32\iepeers.dll

2013-03-05 18:22 . 2013-03-05 18:22 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2013-03-05 18:22 . 2013-03-05 18:22 12288 ----a-w- c:\windows\system32\mshta.exe

2013-03-05 18:22 . 2013-03-05 18:22 114176 ----a-w- c:\windows\system32\admparse.dll

2013-03-05 18:22 . 2013-03-05 18:22 111616 ----a-w- c:\windows\system32\iesysprep.dll

2013-03-05 18:22 . 2013-03-05 18:22 10752 ----a-w- c:\windows\system32\msfeedssync.exe

2013-03-05 18:22 . 2013-03-05 18:22 103936 ----a-w- c:\windows\system32\inseng.dll

2013-03-05 06:45 . 2013-03-05 06:45 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-03-05 06:45 . 2012-07-12 19:12 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll

2013-03-05 06:45 . 2012-07-12 19:12 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2013-02-18 18:09 . 2012-12-02 19:39 39768 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2013-02-12 05:45 . 2013-03-17 10:42 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2013-02-12 05:45 . 2013-03-17 10:42 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2013-02-12 05:45 . 2013-03-17 10:42 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll

2013-02-12 05:45 . 2013-03-17 10:42 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll

2013-02-12 04:48 . 2013-03-17 10:42 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2013-02-12 04:48 . 2013-03-17 10:42 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll

2013-02-05 16:52 . 2013-02-05 16:52 90112 ----a-w- c:\windows\MAMCityDownload.ocx

2013-02-05 16:52 . 2013-02-05 16:52 330240 ----a-w- c:\windows\MASetupCaller.dll

2013-02-05 16:52 . 2013-02-05 16:52 30568 ----a-w- c:\windows\MusiccityDownload.exe

2013-02-05 16:52 . 2013-02-05 16:52 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll

2013-02-05 16:52 . 2013-02-05 16:52 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll

2013-02-05 16:52 . 2013-02-05 16:52 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll

2013-02-05 16:52 . 2013-02-05 16:52 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll

2013-02-05 16:52 . 2013-02-05 16:52 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll

2013-02-05 16:52 . 2013-02-05 16:52 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll

2013-02-05 16:52 . 2013-02-05 16:52 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax

2013-02-05 16:52 . 2013-02-05 16:52 491520 ----a-w- c:\windows\SysWow64\muzapp.dll

2013-02-05 16:52 . 2013-02-05 16:52 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll

2013-02-05 16:52 . 2013-02-05 16:52 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll

2013-02-05 16:52 . 2013-02-05 16:52 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll

2013-02-05 16:52 . 2013-02-05 16:52 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll

2013-02-05 16:52 . 2013-02-05 16:52 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll

2013-02-05 16:52 . 2013-02-05 16:52 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll

2013-02-05 16:52 . 2013-02-05 16:52 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax

2013-02-05 16:52 . 2013-02-05 16:52 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll

2013-02-05 16:52 . 2013-02-05 16:52 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe

2013-02-05 16:52 . 2013-02-05 16:52 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll

2013-02-05 16:52 . 2013-02-05 16:52 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll

2013-02-05 16:52 . 2013-02-05 16:52 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax

2013-02-05 16:52 . 2013-02-05 16:52 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll

2013-02-05 16:52 . 2013-02-05 16:52 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax

2013-02-05 16:52 . 2013-02-05 16:52 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax

2013-02-05 16:52 . 2013-02-05 16:52 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll

2013-02-05 16:52 . 2013-02-05 16:52 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax

2013-01-28 21:54 . 2013-01-28 21:54 388096 ----a-r- c:\users\Nikay\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-01-26 10:13 . 2013-01-26 10:13 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll

2013-01-26 10:13 . 2013-01-26 10:13 856712 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2013-01-20 14:59 . 2013-01-20 14:59 230320 ----a-w- c:\windows\system32\drivers\MpFilter.sys

2013-01-20 14:59 . 2012-03-20 18:44 130008 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys

2013-01-13 21:17 . 2013-02-27 19:02 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-01-13 21:17 . 2013-02-27 19:02 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-01-13 21:16 . 2013-02-27 19:02 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Nikay\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Nikay\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Nikay\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Nikay\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]

"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]

"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-03-28 1511792]

"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2013-03-20 578560]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IMSS"="c:\program files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2011-02-01 112152]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-03-28 310640]

.

c:\users\Nikay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Nikay\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]

R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-02-22 102936]

R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]

R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584]

R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2011-11-10 115272]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]

R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-22 203544]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-05 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-02-18 39768]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-12 283200]

S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2011-06-14 30080]

S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]

S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]

S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320]

S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-18 968880]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]

S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-08-11 1014624]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2013-04-11 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 11:40]

.

2013-04-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1811925863-1459506102-556610850-1006Core.job

- c:\users\Nikay\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-12 19:01]

.

2013-04-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1811925863-1459506102-556610850-1006UA.job

- c:\users\Nikay\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-12 19:01]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Nikay\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Nikay\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Nikay\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 162552 ----a-w- c:\users\Nikay\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-11 11580520]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService

FontCache

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://search.easylifeapp.com/?pid=625&src=ie1&r=2013/03/01&hid=1164583895&lg=EN&cc=NL

uLocal Page = c:\windows\system32\blank.htm

mDefault_Page_URL = hxxp://acer.msn.com

mStart Page = hxxp://search.easylifeapp.com/?pid=625&src=ie1&r=2013/03/01&hid=1164583895&lg=EN&cc=NL

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 62.179.104.196 213.46.228.196

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKCU-Run-AdobeBridge - (no file)

Wow6432Node-HKCU-Run-Unified Remote v2 - c:\program files (x86)\Unified Remote\RemoteServer.exe

Wow6432Node-HKLM-Run-vProt - c:\program files (x86)\AVG Secure Search\vprot.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-1811925863-1459506102-556610850-1006\Software\SecuROM\License information*]

"datasecu"=hex:eb,98,b0,f5,bb,2b,b6,81,87,e0,00,81,cb,fe,8d,bc,98,ae,d4,ff,11,

5d,4c,bb,6a,29,d3,8d,88,27,bf,3d,6d,2e,4e,71,57,8e,8a,15,1d,e7,a7,e3,2c,e5,\

"rkeysecu"=hex:11,fe,7a,72,b0,31,f0,22,b0,47,ae,24,2f,73,6d,61

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-04-11 22:42:01

ComboFix-quarantined-files.txt 2013-04-11 20:42

.

Pre-Run: 682.429.427.712 bytes beschikbaar

Post-Run: 683.059.347.456 bytes beschikbaar

.

- - End Of File - - 3F7A7118B1A585C0BCE7EFE29376E70B

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Doe dan - als extraatje - nog even dit:

Download AdwCleaner by Xplode naar je bureaublad.

A3qkP9RCEAAOZhQ.jpg

Sluit alle openstaande vensters.

  • Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
  • Voor XP: Gewoon dubbelklikken op AdwCleaner.
  • Klik vervolgens op Verwijderen.
  • Klik bij AdwCleaner – Informatie op OK
  • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht.

Link naar reactie
Delen op andere sites
Nikay Bijdrager

Nikay

Geplaatst:
  • Auteur
Geplaatst:

# AdwCleaner v2.200 - Verslag gemaakt op 12/04/2013 om 16:19:21

# Geactualiseerd op 02/04/2013 door Xplode

# Besturingssysteem : Windows 7 Professional Service Pack 1 (64 bits)

# Gebruiker : Nikay - PAS-WS01

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Users\Nikay\Downloads\AdwCleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

Map Verwijdert : C:\Program Files (x86)\EasyLife

Map Verwijdert : C:\ProgramData\AVG Secure Search

Verwijdert bij het opstarten : C:\Program Files (x86)\Common Files\AVG Secure Search

***** [Register] *****

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{01BD49D7-C76B-4310-8BEB-14D7E5F322C6}

Sleutel Verwijdert : HKLM\Software\SProtector

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{01BD49D7-C76B-4310-8BEB-14D7E5F322C6}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [browsers] *****

-\\ Internet Explorer v9.0.8112.16476

Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.easylifeapp.com/?pid=625&src=ie1&r=2013/03/01&hid=1164583895&lg=EN&cc=NL --> hxxp://www.google.com

Vervangen : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.easylifeapp.com/?pid=625&src=ie1&r=2013/03/01&hid=1164583895&lg=EN&cc=NL --> hxxp://www.google.com

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Nikay\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[s2].txt - [1972 octets] - [12/04/2013 16:19:21]

########## EOF - C:\AdwCleaner[s2].txt - [2032 octets] ##########

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Problemen van de baan, dan is het tijd voor de “grote schoonmaak” : verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten.

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht/Programma’s en bestanden zoeken en typ daar: ComboFix /Uninstall (met spatie voor de /).

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Sluit alle openstaande vensters

Start AdwCleaner en klik Deinstallatie.

Klik op "Ja"

A3qkP9RCEAAOZhQ.jpg

AdwCleaner is nu verwijderd van je pc.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten). Hoe je de herstelpunten verwijdert lees je hier.

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.