Ga naar inhoud

usb poorten werken niet meer


bokske

Aanbevolen berichten

Moet ik een uitbreiding van xp installeren voor die runtime error 13?

Ik heb het volgende gedownload: windows XP-KB 936929-SP3-x86-NLD. Nog niet geïnstalleerd omdat ik niet weet of dit wel nodig is.

Neen, dit is het servicepack 3 van XP en - volgens je logje heb je dat al op de PC staan.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

Hier kan je lezen hoe je Combofix moet gebruiken.

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: klik hier of hier

Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.

2. Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.

3. ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.

**Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.

4. Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.

cf-rc-auto.jpg

Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:

rc-auto-done.jpg

Klik op Ja om verder te gaan met het scannen naar malware.

5. Wanneer ComboFix klaar is, zal het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

  • Reacties 28
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatst: (aangepast)

Heeft een hele tijd geduurd sorry.

hier het logje:

caomboFix 13-05-01.03 - User 02/05/2013 20:22:50.1.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1022.386 [GMT 2:00]

Gestart vanuit: J:\ComboFix.exe

AV: AVG Internet Security 2012 *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}

FW: AVG Internet Security 2012 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\docume~1\User\LOCALS~1\Temp\08f56ff6-864d-4a92-944a-57b870198cb2\CliSecureRT.dll

c:\documents and settings\All Users\Application Data\TEMP

c:\documents and settings\All Users\Application Data\TEMP\AVG\avgfinst.dat

c:\documents and settings\All Users\Application Data\TEMP\AVG\avi7.avg

c:\documents and settings\All Users\Application Data\TEMP\AVG\crt_x64.msi

c:\documents and settings\All Users\Application Data\TEMP\AVG\files.dat

c:\documents and settings\All Users\Application Data\TEMP\AVG\incavi.avm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_cz.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_da.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_fr.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ge.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_hu.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_id.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_in.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_it.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_jp.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ko.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ms.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_nl.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pb.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pl.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pt.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ru.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sc.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sk.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sp.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_tr.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_us.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zh.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zt.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\microavi.avg

c:\documents and settings\All Users\Application Data\TEMP\AVG\miniavi.avg

c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.dat

c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.exe

c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.ini

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupcz.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupda.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupfr.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupge.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setuphu.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupid.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupin.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupit.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupjp.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupko.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupms.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupnl.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setuppb.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setuppl.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setuppt.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupru.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupsc.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupsk.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupsp.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setuptr.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupus.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupzh.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupzt.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\vcredis1.cab

c:\documents and settings\All Users\Application Data\TEMP\AVG\vcredist.msi

c:\documents and settings\All Users\Menu Start\Programma's\Protected Search

c:\documents and settings\All Users\Menu Start\Programma's\Protected Search\Protected Search Settings.lnk

c:\documents and settings\User\Application Data\PriceGong

c:\documents and settings\User\Application Data\PriceGong\Data\1.txt

c:\documents and settings\User\Application Data\PriceGong\Data\1.xml

c:\documents and settings\User\Application Data\PriceGong\Data\1707.txt

c:\documents and settings\User\Application Data\PriceGong\Data\1728.txt

c:\documents and settings\User\Application Data\PriceGong\Data\2229.txt

c:\documents and settings\User\Application Data\PriceGong\Data\41.txt

c:\documents and settings\User\Application Data\PriceGong\Data\4489.txt

c:\documents and settings\User\Application Data\PriceGong\Data\6174.txt

c:\documents and settings\User\Application Data\PriceGong\Data\a.txt

c:\documents and settings\User\Application Data\PriceGong\Data\a.xml

c:\documents and settings\User\Application Data\PriceGong\Data\b.txt

c:\documents and settings\User\Application Data\PriceGong\Data\b.xml

c:\documents and settings\User\Application Data\PriceGong\Data\c.txt

c:\documents and settings\User\Application Data\PriceGong\Data\c.xml

c:\documents and settings\User\Application Data\PriceGong\Data\d.txt

c:\documents and settings\User\Application Data\PriceGong\Data\d.xml

c:\documents and settings\User\Application Data\PriceGong\Data\e.txt

c:\documents and settings\User\Application Data\PriceGong\Data\e.xml

c:\documents and settings\User\Application Data\PriceGong\Data\f.txt

c:\documents and settings\User\Application Data\PriceGong\Data\f.xml

c:\documents and settings\User\Application Data\PriceGong\Data\g.txt

c:\documents and settings\User\Application Data\PriceGong\Data\g.xml

c:\documents and settings\User\Application Data\PriceGong\Data\h.txt

c:\documents and settings\User\Application Data\PriceGong\Data\h.xml

c:\documents and settings\User\Application Data\PriceGong\Data\i.txt

c:\documents and settings\User\Application Data\PriceGong\Data\i.xml

c:\documents and settings\User\Application Data\PriceGong\Data\j.txt

c:\documents and settings\User\Application Data\PriceGong\Data\J.xml

c:\documents and settings\User\Application Data\PriceGong\Data\k.txt

c:\documents and settings\User\Application Data\PriceGong\Data\k.xml

c:\documents and settings\User\Application Data\PriceGong\Data\l.txt

c:\documents and settings\User\Application Data\PriceGong\Data\l.xml

c:\documents and settings\User\Application Data\PriceGong\Data\m.txt

c:\documents and settings\User\Application Data\PriceGong\Data\m.xml

c:\documents and settings\User\Application Data\PriceGong\Data\mru.xml

c:\documents and settings\User\Application Data\PriceGong\Data\n.txt

c:\documents and settings\User\Application Data\PriceGong\Data\n.xml

c:\documents and settings\User\Application Data\PriceGong\Data\o.txt

c:\documents and settings\User\Application Data\PriceGong\Data\o.xml

c:\documents and settings\User\Application Data\PriceGong\Data\p.txt

c:\documents and settings\User\Application Data\PriceGong\Data\p.xml

c:\documents and settings\User\Application Data\PriceGong\Data\q.txt

c:\documents and settings\User\Application Data\PriceGong\Data\q.xml

c:\documents and settings\User\Application Data\PriceGong\Data\r.txt

c:\documents and settings\User\Application Data\PriceGong\Data\r.xml

c:\documents and settings\User\Application Data\PriceGong\Data\s.txt

c:\documents and settings\User\Application Data\PriceGong\Data\s.xml

c:\documents and settings\User\Application Data\PriceGong\Data\t.txt

c:\documents and settings\User\Application Data\PriceGong\Data\t.xml

c:\documents and settings\User\Application Data\PriceGong\Data\u.txt

c:\documents and settings\User\Application Data\PriceGong\Data\u.xml

c:\documents and settings\User\Application Data\PriceGong\Data\v.txt

c:\documents and settings\User\Application Data\PriceGong\Data\v.xml

c:\documents and settings\User\Application Data\PriceGong\Data\w.txt

c:\documents and settings\User\Application Data\PriceGong\Data\w.xml

c:\documents and settings\User\Application Data\PriceGong\Data\wlu.txt

c:\documents and settings\User\Application Data\PriceGong\Data\x.txt

c:\documents and settings\User\Application Data\PriceGong\Data\x.xml

c:\documents and settings\User\Application Data\PriceGong\Data\y.txt

c:\documents and settings\User\Application Data\PriceGong\Data\y.xml

c:\documents and settings\User\Application Data\PriceGong\Data\z.txt

c:\documents and settings\User\Application Data\PriceGong\Data\z.xml

c:\documents and settings\User\Local Settings\Application Data\SimplyTech\Toolbar

c:\documents and settings\User\Local Settings\Application Data\SimplyTech\Toolbar\settings.ini

c:\documents and settings\User\Local Settings\Temp\08f56ff6-864d-4a92-944a-57b870198cb2\CliSecureRT.dll

c:\documents and settings\User\WINDOWS

C:\ipconfig.txt

c:\program files\DealPly

c:\program files\DealPly\DealPly.crx

c:\program files\DealPly\DealPlyUpdate.exe

c:\program files\DealPly\DealPlyUpdateRun.exe

c:\program files\DealPly\icon.ico

c:\program files\DealPly\sqlite3.dll

c:\program files\DealPly\uninst.exe

C:\Windows.bin

c:\windows\DXM147.tmp

c:\windows\DXM76.tmp

c:\windows\DXME4.tmp

c:\windows\EventSystem.log

c:\windows\IsUn0413.exe

c:\windows\system32\Cache

c:\windows\system32\Cache\1f411beed7132e5c.fb

c:\windows\system32\Cache\272512937d9e61a4.fb

c:\windows\system32\Cache\287204568329e189.fb

c:\windows\system32\Cache\28bc8f716fd76a47.fb

c:\windows\system32\Cache\2c53092c95605355.fb

c:\windows\system32\Cache\31a0997e9a5b5eb3.fb

c:\windows\system32\Cache\32c84fe32bb74d60.fb

c:\windows\system32\Cache\3917078cb68ec657.fb

c:\windows\system32\Cache\40dd869951023d2e.fb

c:\windows\system32\Cache\42152e57dfac73c9.fb

c:\windows\system32\Cache\590ba23ce359fd0c.fb

c:\windows\system32\Cache\610289e025a3ee9a.fb

c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb

c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb

c:\windows\system32\Cache\6d03dad1035885d3.fb

c:\windows\system32\Cache\92430a0ea38a3a46.fb

c:\windows\system32\Cache\a8556537add6dfc5.fb

c:\windows\system32\Cache\ad10a52aff5e038d.fb

c:\windows\system32\Cache\c1fa887b03019701.fb

c:\windows\system32\Cache\c4d28dca2e7648be.fb

c:\windows\system32\Cache\d201ef9910cd39de.fb

c:\windows\system32\Cache\d2e94710a5708128.fb

c:\windows\system32\Cache\d79b9dfe81484ec4.fb

c:\windows\system32\Cache\ddb1b46c16e01114.fb

c:\windows\system32\Cache\e0de16f883bea794.fb

c:\windows\system32\Cache\f998975c9cc711ee.fb

c:\windows\system32\drivers\etc\hosts.ics

c:\windows\system32\muzapp.exe

c:\windows\system32\PowerToyReadme.htm

c:\windows\system32\roboot.exe

c:\windows\system32\SET976.tmp

c:\windows\system32\system

c:\windows\system32\tmp132.tmp

c:\windows\system32\tmp133.tmp

c:\windows\system32\tmp135.tmp

c:\windows\system32\tmp136.tmp

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\regtlib.exe

c:\windows\Tasks\Protected Search.job

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-04-02 to 2013-05-02 ))))))))))))))))))))))))))))))

.

.

2013-05-02 11:06 . 2013-05-02 11:22 -------- d-----w- c:\windows\system32\CatRoot_bak

2013-05-02 10:15 . 2013-05-02 10:15 -------- d-----w- c:\documents and settings\User\Application Data\DriverCure

2013-05-02 10:15 . 2013-05-02 10:15 -------- d-----w- c:\documents and settings\User\Application Data\SpeedyPC Software

2013-05-02 10:15 . 2013-05-02 10:15 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedyPC Software

2013-05-02 10:14 . 2013-05-02 10:14 -------- d-----w- c:\program files\SpeedyPC Software

2013-05-02 09:30 . 2013-05-02 09:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-05-02 09:22 . 2013-05-02 09:22 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes

2013-05-02 09:22 . 2013-05-02 09:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2013-05-02 09:19 . 2013-05-02 09:19 -------- d-----w- c:\program files\backups

2013-04-30 06:14 . 2013-04-29 20:36 388608 ----a-w- c:\program files\HijackThis.exe

2013-04-26 09:00 . 2011-06-01 02:17 987904 ----a-r- c:\windows\system32\drivers\RTL8192cu.sys

2013-04-26 09:00 . 2013-04-26 09:00 -------- d-----w- c:\program files\Belkin

2013-04-24 19:31 . 2013-04-24 19:36 -------- d-----w- c:\program files\Speccy

2013-04-22 16:35 . 2012-08-23 09:31 32120 ----a-w- c:\windows\system32\TURegOpt.exe

2013-04-22 16:28 . 2013-04-22 16:36 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG

2013-04-22 16:24 . 2013-04-22 16:24 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-04-11 01:18 . 2011-04-04 22:59 302368 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2013-03-14 09:18 . 2013-03-14 09:19 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-03-14 09:17 . 2013-03-14 09:20 143872 ----a-w- c:\windows\system32\javacpl.cpl

2013-03-14 09:17 . 2012-09-07 06:30 861088 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-03-14 09:17 . 2010-05-09 07:42 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-03-13 17:11 . 2012-06-22 06:57 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-03-13 17:11 . 2011-05-23 08:51 73432 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-13 17:09 . 2013-03-13 17:09 15859416 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

2013-03-08 08:36 . 2008-04-15 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll

2013-03-07 15:56 . 2008-04-15 12:00 2154496 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-07 15:56 . 2008-04-14 22:11 2033152 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-02 02:08 . 2008-04-15 12:00 916480 ----a-w- c:\windows\system32\wininet.dll

2013-03-02 02:08 . 2008-04-15 12:00 43520 ------w- c:\windows\system32\licmgr10.dll

2013-03-02 02:08 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2013-03-02 01:58 . 2008-04-15 12:00 1867392 ----a-w- c:\windows\system32\win32k.sys

2013-03-02 01:08 . 2008-04-15 12:00 385024 ------w- c:\windows\system32\html.iec

2013-02-27 07:58 . 2008-11-24 10:33 2067456 ----a-w- c:\windows\system32\mstscax.dll

2013-02-12 00:32 . 2008-04-15 12:00 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HP Photosmart 5510 series (NET)"="c:\program files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" [2011-09-16 1804648]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-05 39408]

"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-03-06 21392]

"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-03-06 943504]

"GoogleChromeAutoLaunch_CB71CD92231E9EECFEEE72606F7F75DB"="c:\program files\Google\Chrome\Application\chrome.exe" [2013-04-09 1312720]

"BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2013-04-12 883032]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-15 15360]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"ScreenPrint32"="c:\program files\ScreenPrint32 v3\ScreenPrint32.exe" [2003-05-15 446464]

"RTHDCPL"="RTHDCPL.EXE" [2008-07-03 16876032]

"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016]

"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-03-06 3508624]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2011-02-03 2068480]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

.

c:\documents and settings\User\Menu Start\Programma's\Opstarten\

OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2013-1-8 228448]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKLM\~\startupfolder\C:^Documents and Settings^User^Menu Start^Programma's^Opstarten^Inktwaarschuwingen controleren - HP Photosmart 5510 series (netwerk).lnk]

path=c:\documents and settings\User\Menu Start\Programma's\Opstarten\Inktwaarschuwingen controleren - HP Photosmart 5510 series (netwerk).lnk

backup=c:\windows\pss\Inktwaarschuwingen controleren - HP Photosmart 5510 series (netwerk).lnkStartup

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"Spotify"="c:\documents and settings\User\Application Data\Spotify\Spotify.exe" /uri spotify:autostart

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

"Advanced System Protector_startup"="c:\program files\Advanced System Protector\AdvancedSystemProtector.exe" autolaunch

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 4:50 24896]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16/03/2011 16:03 31952]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7/01/2011 6:41 250080]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [5/04/2011 0:59 302368]

R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [5/12/2012 4:44 2321560]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [2/11/2012 4:51 5174392]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14/02/2012 4:53 193288]

R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [9/07/2012 22:28 935008]

R3 3xHybrid;Pinnacle PCTV 110i service;c:\windows\system32\drivers\3xHybrid.sys [18/12/2006 18:53 827008]

R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12/07/2010 4:33 30944]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 13:32 142176]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23/12/2011 13:32 24144]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 13:32 17232]

R3 RTL8192cu;%RTL8192cu.DeviceDesc%;c:\windows\system32\drivers\RTL8192cu.sys [26/04/2013 11:00 987904]

S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [25/04/2011 10:44 33536]

S3 ADM851x;ADMtek ADM8513 USB To Fast Ethernet Adapter;c:\windows\system32\drivers\ADM851x.SYS [20/11/2008 18:01 26493]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [10/03/2012 11:10 30312]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [12/07/2011 12:45 167264]

S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12/07/2010 4:33 30944]

S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]

S3 SQTECH9052;Disney Micro;c:\windows\system32\drivers\Capt9052.sys [28/01/2009 21:26 38656]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [10/03/2012 11:10 121064]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [10/03/2012 11:10 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [10/03/2012 11:10 136808]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [10/03/2012 11:10 114280]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [4/07/2012 15:26 10088]

S4 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [15/04/2008 14:00 14336]

S4 SAiDownloader;SAiDownloader;c:\windows\system32\SAiDownloader.exe [23/03/2010 11:49 438272]

S4 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [23/08/2012 11:31 1532280]

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-04-11 10:36 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-04-23 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-22 17:12]

.

2013-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]

.

2013-04-20 c:\windows\Tasks\At1.job

- c:\program files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16 10:01]

.

2013-04-21 c:\windows\Tasks\At2.job

- c:\program files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16 10:01]

.

2013-04-22 c:\windows\Tasks\At3.job

- c:\program files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16 10:01]

.

2013-04-21 c:\windows\Tasks\At4.job

- c:\program files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16 10:01]

.

2013-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-05 07:14]

.

2013-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-05 07:14]

.

2013-04-23 c:\windows\Tasks\HP Photo Creations Communicator.job

- c:\documents and settings\All Users\Application Data\HP Photo Creations\Communicator.exe [2011-01-22 10:11]

.

2013-04-23 c:\windows\Tasks\HP Photo Creations Messager.job

- c:\documents and settings\All Users\Application Data\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]

.

2013-04-13 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

2013-05-02 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

2012-10-15 c:\windows\Tasks\prismShakeIcon.job

- c:\program files\NCH Software\Prism\prism.exe [2011-04-08 13:41]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll

.

.

------- Bestandsassociaties -------

.

.scr=AutoCADScriptFile

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-10 - (no file)

Toolbar-!{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

Toolbar-Locked - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)

AddRemove-DealPly - c:\program files\DealPly\uninst.exe

AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe

AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe

AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe

AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe

AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe

AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe

AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe

AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe

AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe

AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe

AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe

AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe

AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe

AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe

AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe

AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe

AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe

AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe

AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2013-05-02 20:48

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(1308)

c:\windows\system32\Ati2evxx.dll

.

- - - - - - - > 'explorer.exe'(616)

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\progra~1\AVG\AVG2012\avgrsx.exe

c:\program files\AVG\AVG2012\avgcsrvx.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\msdtc.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\AVG\AVG2012\avgnsx.exe

c:\windows\system32\locator.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\windows\system32\SearchIndexer.exe

c:\windows\system32\wscntfy.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

c:\windows\RTHDCPL.EXE

c:\program files\AVG\AVG2012\avgcsrvx.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

c:\program files\AVG\AVG2012\avgmfapx.exe

c:\program files\AVG\AVG2012\fixcfg.exe

.

**************************************************************************

.

Voltooingstijd: 2013-05-02 21:01:08 - machine werd herstart

ComboFix-quarantined-files.txt 2013-05-02 19:00

.

Pre-Run: 133.355.159.552 bytes beschikbaar

Post-Run: 133.990.928.384 bytes beschikbaar

.

- - End Of File - - 01D2BADED8D993A94FE97BC3E71E6756

ComboFix 13-05-01.03 - User 02/05/2013 20:22:50.1.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1022.386 [GMT 2:00]

Gestart vanuit: J:\ComboFix.exe

AV: AVG Internet Security 2012 *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}

FW: AVG Internet Security 2012 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\docume~1\User\LOCALS~1\Temp\08f56ff6-864d-4a92-944a-57b870198cb2\CliSecureRT.dll

c:\documents and settings\All Users\Application Data\TEMP

c:\documents and settings\All Users\Application Data\TEMP\AVG\avgfinst.dat

c:\documents and settings\All Users\Application Data\TEMP\AVG\avi7.avg

c:\documents and settings\All Users\Application Data\TEMP\AVG\crt_x64.msi

c:\documents and settings\All Users\Application Data\TEMP\AVG\files.dat

c:\documents and settings\All Users\Application Data\TEMP\AVG\incavi.avm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_cz.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_da.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_fr.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ge.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_hu.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_id.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_in.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_it.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_jp.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ko.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ms.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_nl.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pb.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pl.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pt.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ru.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sc.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sk.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sp.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_tr.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_us.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zh.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zt.htm

c:\documents and settings\All Users\Application Data\TEMP\AVG\microavi.avg

c:\documents and settings\All Users\Application Data\TEMP\AVG\miniavi.avg

c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.dat

c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.exe

c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.ini

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupcz.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupda.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupfr.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupge.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setuphu.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupid.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupin.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupit.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupjp.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupko.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupms.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupnl.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setuppb.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setuppl.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setuppt.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupru.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupsc.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupsk.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupsp.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setuptr.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupus.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupzh.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\setupzt.lns

c:\documents and settings\All Users\Application Data\TEMP\AVG\vcredis1.cab

c:\documents and settings\All Users\Application Data\TEMP\AVG\vcredist.msi

c:\documents and settings\All Users\Menu Start\Programma's\Protected Search

c:\documents and settings\All Users\Menu Start\Programma's\Protected Search\Protected Search Settings.lnk

c:\documents and settings\User\Application Data\PriceGong

c:\documents and settings\User\Application Data\PriceGong\Data\1.txt

c:\documents and settings\User\Application Data\PriceGong\Data\1.xml

c:\documents and settings\User\Application Data\PriceGong\Data\1707.txt

c:\documents and settings\User\Application Data\PriceGong\Data\1728.txt

c:\documents and settings\User\Application Data\PriceGong\Data\2229.txt

c:\documents and settings\User\Application Data\PriceGong\Data\41.txt

c:\documents and settings\User\Application Data\PriceGong\Data\4489.txt

c:\documents and settings\User\Application Data\PriceGong\Data\6174.txt

c:\documents and settings\User\Application Data\PriceGong\Data\a.txt

c:\documents and settings\User\Application Data\PriceGong\Data\a.xml

c:\documents and settings\User\Application Data\PriceGong\Data\b.txt

c:\documents and settings\User\Application Data\PriceGong\Data\b.xml

c:\documents and settings\User\Application Data\PriceGong\Data\c.txt

c:\documents and settings\User\Application Data\PriceGong\Data\c.xml

c:\documents and settings\User\Application Data\PriceGong\Data\d.txt

c:\documents and settings\User\Application Data\PriceGong\Data\d.xml

c:\documents and settings\User\Application Data\PriceGong\Data\e.txt

c:\documents and settings\User\Application Data\PriceGong\Data\e.xml

c:\documents and settings\User\Application Data\PriceGong\Data\f.txt

c:\documents and settings\User\Application Data\PriceGong\Data\f.xml

c:\documents and settings\User\Application Data\PriceGong\Data\g.txt

c:\documents and settings\User\Application Data\PriceGong\Data\g.xml

c:\documents and settings\User\Application Data\PriceGong\Data\h.txt

c:\documents and settings\User\Application Data\PriceGong\Data\h.xml

c:\documents and settings\User\Application Data\PriceGong\Data\i.txt

c:\documents and settings\User\Application Data\PriceGong\Data\i.xml

c:\documents and settings\User\Application Data\PriceGong\Data\j.txt

c:\documents and settings\User\Application Data\PriceGong\Data\J.xml

c:\documents and settings\User\Application Data\PriceGong\Data\k.txt

c:\documents and settings\User\Application Data\PriceGong\Data\k.xml

c:\documents and settings\User\Application Data\PriceGong\Data\l.txt

c:\documents and settings\User\Application Data\PriceGong\Data\l.xml

c:\documents and settings\User\Application Data\PriceGong\Data\m.txt

c:\documents and settings\User\Application Data\PriceGong\Data\m.xml

c:\documents and settings\User\Application Data\PriceGong\Data\mru.xml

c:\documents and settings\User\Application Data\PriceGong\Data\n.txt

c:\documents and settings\User\Application Data\PriceGong\Data\n.xml

c:\documents and settings\User\Application Data\PriceGong\Data\o.txt

c:\documents and settings\User\Application Data\PriceGong\Data\o.xml

c:\documents and settings\User\Application Data\PriceGong\Data\p.txt

c:\documents and settings\User\Application Data\PriceGong\Data\p.xml

c:\documents and settings\User\Application Data\PriceGong\Data\q.txt

c:\documents and settings\User\Application Data\PriceGong\Data\q.xml

c:\documents and settings\User\Application Data\PriceGong\Data\r.txt

c:\documents and settings\User\Application Data\PriceGong\Data\r.xml

c:\documents and settings\User\Application Data\PriceGong\Data\s.txt

c:\documents and settings\User\Application Data\PriceGong\Data\s.xml

c:\documents and settings\User\Application Data\PriceGong\Data\t.txt

c:\documents and settings\User\Application Data\PriceGong\Data\t.xml

c:\documents and settings\User\Application Data\PriceGong\Data\u.txt

c:\documents and settings\User\Application Data\PriceGong\Data\u.xml

c:\documents and settings\User\Application Data\PriceGong\Data\v.txt

c:\documents and settings\User\Application Data\PriceGong\Data\v.xml

c:\documents and settings\User\Application Data\PriceGong\Data\w.txt

c:\documents and settings\User\Application Data\PriceGong\Data\w.xml

c:\documents and settings\User\Application Data\PriceGong\Data\wlu.txt

c:\documents and settings\User\Application Data\PriceGong\Data\x.txt

c:\documents and settings\User\Application Data\PriceGong\Data\x.xml

c:\documents and settings\User\Application Data\PriceGong\Data\y.txt

c:\documents and settings\User\Application Data\PriceGong\Data\y.xml

c:\documents and settings\User\Application Data\PriceGong\Data\z.txt

c:\documents and settings\User\Application Data\PriceGong\Data\z.xml

c:\documents and settings\User\Local Settings\Application Data\SimplyTech\Toolbar

c:\documents and settings\User\Local Settings\Application Data\SimplyTech\Toolbar\settings.ini

c:\documents and settings\User\Local Settings\Temp\08f56ff6-864d-4a92-944a-57b870198cb2\CliSecureRT.dll

c:\documents and settings\User\WINDOWS

C:\ipconfig.txt

c:\program files\DealPly

c:\program files\DealPly\DealPly.crx

c:\program files\DealPly\DealPlyUpdate.exe

c:\program files\DealPly\DealPlyUpdateRun.exe

c:\program files\DealPly\icon.ico

c:\program files\DealPly\sqlite3.dll

c:\program files\DealPly\uninst.exe

C:\Windows.bin

c:\windows\DXM147.tmp

c:\windows\DXM76.tmp

c:\windows\DXME4.tmp

c:\windows\EventSystem.log

c:\windows\IsUn0413.exe

c:\windows\system32\Cache

c:\windows\system32\Cache\1f411beed7132e5c.fb

c:\windows\system32\Cache\272512937d9e61a4.fb

c:\windows\system32\Cache\287204568329e189.fb

c:\windows\system32\Cache\28bc8f716fd76a47.fb

c:\windows\system32\Cache\2c53092c95605355.fb

c:\windows\system32\Cache\31a0997e9a5b5eb3.fb

c:\windows\system32\Cache\32c84fe32bb74d60.fb

c:\windows\system32\Cache\3917078cb68ec657.fb

c:\windows\system32\Cache\40dd869951023d2e.fb

c:\windows\system32\Cache\42152e57dfac73c9.fb

c:\windows\system32\Cache\590ba23ce359fd0c.fb

c:\windows\system32\Cache\610289e025a3ee9a.fb

c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb

c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb

c:\windows\system32\Cache\6d03dad1035885d3.fb

c:\windows\system32\Cache\92430a0ea38a3a46.fb

c:\windows\system32\Cache\a8556537add6dfc5.fb

c:\windows\system32\Cache\ad10a52aff5e038d.fb

c:\windows\system32\Cache\c1fa887b03019701.fb

c:\windows\system32\Cache\c4d28dca2e7648be.fb

c:\windows\system32\Cache\d201ef9910cd39de.fb

c:\windows\system32\Cache\d2e94710a5708128.fb

c:\windows\system32\Cache\d79b9dfe81484ec4.fb

c:\windows\system32\Cache\ddb1b46c16e01114.fb

c:\windows\system32\Cache\e0de16f883bea794.fb

c:\windows\system32\Cache\f998975c9cc711ee.fb

c:\windows\system32\drivers\etc\hosts.ics

c:\windows\system32\muzapp.exe

c:\windows\system32\PowerToyReadme.htm

c:\windows\system32\roboot.exe

c:\windows\system32\SET976.tmp

c:\windows\system32\system

c:\windows\system32\tmp132.tmp

c:\windows\system32\tmp133.tmp

c:\windows\system32\tmp135.tmp

c:\windows\system32\tmp136.tmp

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\regtlib.exe

c:\windows\Tasks\Protected Search.job

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-04-02 to 2013-05-02 ))))))))))))))))))))))))))))))

.

.

2013-05-02 11:06 . 2013-05-02 11:22 -------- d-----w- c:\windows\system32\CatRoot_bak

2013-05-02 10:15 . 2013-05-02 10:15 -------- d-----w- c:\documents and settings\User\Application Data\DriverCure

2013-05-02 10:15 . 2013-05-02 10:15 -------- d-----w- c:\documents and settings\User\Application Data\SpeedyPC Software

2013-05-02 10:15 . 2013-05-02 10:15 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedyPC Software

2013-05-02 10:14 . 2013-05-02 10:14 -------- d-----w- c:\program files\SpeedyPC Software

2013-05-02 09:30 . 2013-05-02 09:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-05-02 09:22 . 2013-05-02 09:22 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes

2013-05-02 09:22 . 2013-05-02 09:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2013-05-02 09:19 . 2013-05-02 09:19 -------- d-----w- c:\program files\backups

2013-04-30 06:14 . 2013-04-29 20:36 388608 ----a-w- c:\program files\HijackThis.exe

2013-04-26 09:00 . 2011-06-01 02:17 987904 ----a-r- c:\windows\system32\drivers\RTL8192cu.sys

2013-04-26 09:00 . 2013-04-26 09:00 -------- d-----w- c:\program files\Belkin

2013-04-24 19:31 . 2013-04-24 19:36 -------- d-----w- c:\program files\Speccy

2013-04-22 16:35 . 2012-08-23 09:31 32120 ----a-w- c:\windows\system32\TURegOpt.exe

2013-04-22 16:28 . 2013-04-22 16:36 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG

2013-04-22 16:24 . 2013-04-22 16:24 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-04-11 01:18 . 2011-04-04 22:59 302368 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2013-03-14 09:18 . 2013-03-14 09:19 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-03-14 09:17 . 2013-03-14 09:20 143872 ----a-w- c:\windows\system32\javacpl.cpl

2013-03-14 09:17 . 2012-09-07 06:30 861088 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-03-14 09:17 . 2010-05-09 07:42 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-03-13 17:11 . 2012-06-22 06:57 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-03-13 17:11 . 2011-05-23 08:51 73432 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-13 17:09 . 2013-03-13 17:09 15859416 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

2013-03-08 08:36 . 2008-04-15 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll

2013-03-07 15:56 . 2008-04-15 12:00 2154496 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-07 15:56 . 2008-04-14 22:11 2033152 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-02 02:08 . 2008-04-15 12:00 916480 ----a-w- c:\windows\system32\wininet.dll

2013-03-02 02:08 . 2008-04-15 12:00 43520 ------w- c:\windows\system32\licmgr10.dll

2013-03-02 02:08 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2013-03-02 01:58 . 2008-04-15 12:00 1867392 ----a-w- c:\windows\system32\win32k.sys

2013-03-02 01:08 . 2008-04-15 12:00 385024 ------w- c:\windows\system32\html.iec

2013-02-27 07:58 . 2008-11-24 10:33 2067456 ----a-w- c:\windows\system32\mstscax.dll

2013-02-12 00:32 . 2008-04-15 12:00 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HP Photosmart 5510 series (NET)"="c:\program files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" [2011-09-16 1804648]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-05 39408]

"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-03-06 21392]

"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-03-06 943504]

"GoogleChromeAutoLaunch_CB71CD92231E9EECFEEE72606F7F75DB"="c:\program files\Google\Chrome\Application\chrome.exe" [2013-04-09 1312720]

"BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2013-04-12 883032]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-15 15360]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"ScreenPrint32"="c:\program files\ScreenPrint32 v3\ScreenPrint32.exe" [2003-05-15 446464]

"RTHDCPL"="RTHDCPL.EXE" [2008-07-03 16876032]

"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016]

"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-03-06 3508624]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2011-02-03 2068480]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

.

c:\documents and settings\User\Menu Start\Programma's\Opstarten\

OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2013-1-8 228448]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKLM\~\startupfolder\C:^Documents and Settings^User^Menu Start^Programma's^Opstarten^Inktwaarschuwingen controleren - HP Photosmart 5510 series (netwerk).lnk]

path=c:\documents and settings\User\Menu Start\Programma's\Opstarten\Inktwaarschuwingen controleren - HP Photosmart 5510 series (netwerk).lnk

backup=c:\windows\pss\Inktwaarschuwingen controleren - HP Photosmart 5510 series (netwerk).lnkStartup

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"Spotify"="c:\documents and settings\User\Application Data\Spotify\Spotify.exe" /uri spotify:autostart

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

"Advanced System Protector_startup"="c:\program files\Advanced System Protector\AdvancedSystemProtector.exe" autolaunch

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 4:50 24896]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16/03/2011 16:03 31952]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7/01/2011 6:41 250080]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [5/04/2011 0:59 302368]

R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [5/12/2012 4:44 2321560]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [2/11/2012 4:51 5174392]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14/02/2012 4:53 193288]

R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [9/07/2012 22:28 935008]

R3 3xHybrid;Pinnacle PCTV 110i service;c:\windows\system32\drivers\3xHybrid.sys [18/12/2006 18:53 827008]

R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12/07/2010 4:33 30944]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 13:32 142176]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23/12/2011 13:32 24144]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 13:32 17232]

R3 RTL8192cu;%RTL8192cu.DeviceDesc%;c:\windows\system32\drivers\RTL8192cu.sys [26/04/2013 11:00 987904]

S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [25/04/2011 10:44 33536]

S3 ADM851x;ADMtek ADM8513 USB To Fast Ethernet Adapter;c:\windows\system32\drivers\ADM851x.SYS [20/11/2008 18:01 26493]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [10/03/2012 11:10 30312]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [12/07/2011 12:45 167264]

S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12/07/2010 4:33 30944]

S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]

S3 SQTECH9052;Disney Micro;c:\windows\system32\drivers\Capt9052.sys [28/01/2009 21:26 38656]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [10/03/2012 11:10 121064]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [10/03/2012 11:10 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [10/03/2012 11:10 136808]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [10/03/2012 11:10 114280]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [4/07/2012 15:26 10088]

S4 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [15/04/2008 14:00 14336]

S4 SAiDownloader;SAiDownloader;c:\windows\system32\SAiDownloader.exe [23/03/2010 11:49 438272]

S4 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [23/08/2012 11:31 1532280]

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-04-11 10:36 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-04-23 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-22 17:12]

.

2013-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]

.

2013-04-20 c:\windows\Tasks\At1.job

- c:\program files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16 10:01]

.

2013-04-21 c:\windows\Tasks\At2.job

- c:\program files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16 10:01]

.

2013-04-22 c:\windows\Tasks\At3.job

- c:\program files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16 10:01]

.

2013-04-21 c:\windows\Tasks\At4.job

- c:\program files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16 10:01]

.

2013-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-05 07:14]

.

2013-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-05 07:14]

.

2013-04-23 c:\windows\Tasks\HP Photo Creations Communicator.job

- c:\documents and settings\All Users\Application Data\HP Photo Creations\Communicator.exe [2011-01-22 10:11]

.

2013-04-23 c:\windows\Tasks\HP Photo Creations Messager.job

- c:\documents and settings\All Users\Application Data\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]

.

2013-04-13 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

2013-05-02 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

2012-10-15 c:\windows\Tasks\prismShakeIcon.job

- c:\program files\NCH Software\Prism\prism.exe [2011-04-08 13:41]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll

.

.

------- Bestandsassociaties -------

.

.scr=AutoCADScriptFile

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-10 - (no file)

Toolbar-!{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

Toolbar-Locked - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)

AddRemove-DealPly - c:\program files\DealPly\uninst.exe

AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe

AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe

AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe

AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe

AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe

AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe

AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe

AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe

AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe

AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe

AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe

AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe

AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe

AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe

AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe

AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe

AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe

AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe

AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2013-05-02 20:48

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(1308)

c:\windows\system32\Ati2evxx.dll

.

- - - - - - - > 'explorer.exe'(616)

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\progra~1\AVG\AVG2012\avgrsx.exe

c:\program files\AVG\AVG2012\avgcsrvx.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\msdtc.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\AVG\AVG2012\avgnsx.exe

c:\windows\system32\locator.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\windows\system32\SearchIndexer.exe

c:\windows\system32\wscntfy.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

c:\windows\RTHDCPL.EXE

c:\program files\AVG\AVG2012\avgcsrvx.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

c:\program files\AVG\AVG2012\avgmfapx.exe

c:\program files\AVG\AVG2012\fixcfg.exe

.

**************************************************************************

.

Voltooingstijd: 2013-05-02 21:01:08 - machine werd herstart

ComboFix-quarantined-files.txt 2013-05-02 19:00

.

Pre-Run: 133.355.159.552 bytes beschikbaar

Post-Run: 133.990.928.384 bytes beschikbaar

.

- - End Of File - - 01D2BADED8D993A94FE97BC3E71E6756

aangepast door kape
dubbellog verwijderd
Link naar reactie
Delen op andere sites

Gisterenavond nog eens internet geprobeerd. Ineens werkt het terug. De computer is nog wel steeds traag maar alles schijnt te werken. Moet ik nog iets aanpassen aan de computer, of kan ik zo veilig verder werken?

Link naar reactie
Delen op andere sites

Combofix heeft behoorlijk werk geleverd en - nu je internet OK is - kunnen we best eerst even wat gaan opruimen.

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall (met spatie voor de /).

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download AdwCleaner by Xplode naar je bureaublad.

Sluit alle openstaande vensters.

  • Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
  • Voor XP: Gewoon dubbelklikken op AdwCleaner.
  • Klik vervolgens op Verwijderen.
  • Klik bij AdwCleaner – Informatie op OK
  • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht.

Link naar reactie
Delen op andere sites

# AdwCleaner v2.300 - Verslag gemaakt op 06/05/2013 om 16:29:41

# Geactualiseerd op 28/04/2013 door Xplode

# Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)

# Gebruiker : User - GEZINSCOMPUTER

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Documents and Settings\User\Bureaublad\adwcleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

Gestopt & Verwijdert : vToolbarUpdater11.2.0

***** [Files / Mappen] *****

File Verwijdert : C:\END

File Verwijdert : C:\user.js

File Verwijdert : C:\WINDOWS\system32\conduitEngine.tmp

Map Verwijdert : C:\Documents and Settings\All Users\Application Data\Ask

Map Verwijdert : C:\Documents and Settings\All Users\Application Data\AVG Secure Search

Map Verwijdert : C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar

Map Verwijdert : C:\Documents and Settings\All Users\Application Data\boost_interprocess

Map Verwijdert : C:\Documents and Settings\All Users\Application Data\Viewpoint

Map Verwijdert : C:\Documents and Settings\All Users\Menu Start\Programma's\Advanced System Protector

Map Verwijdert : C:\Documents and Settings\All Users\Menu Start\Programma's\DealPly

Map Verwijdert : C:\Documents and Settings\NetworkService\Local Settings\Application Data\DVDVideoSoftTB

Map Verwijdert : C:\Documents and Settings\User\Application Data\AVG Secure Search

Map Verwijdert : C:\Documents and Settings\User\Application Data\DealPly

Map Verwijdert : C:\Documents and Settings\User\Application Data\dvdvideosoftiehelpers

Map Verwijdert : C:\Documents and Settings\User\Application Data\OpenCandy

Map Verwijdert : C:\Documents and Settings\User\Application Data\searchquband

Map Verwijdert : C:\Documents and Settings\User\Application Data\Softonic

Map Verwijdert : C:\Documents and Settings\User\Local Settings\Application Data\APN

Map Verwijdert : C:\Documents and Settings\User\Local Settings\Application Data\AVG Secure Search

Map Verwijdert : C:\Documents and Settings\User\Local Settings\Application Data\Conduit

Map Verwijdert : C:\Documents and Settings\User\Local Settings\Application Data\DVDVideoSoftTB

Map Verwijdert : C:\Documents and Settings\User\Local Settings\Application Data\Ilivid Player

Map Verwijdert : C:\Documents and Settings\User\Local Settings\Application Data\PackageAware

Map Verwijdert : C:\Documents and Settings\User\Local Settings\Application Data\simplytech

Map Verwijdert : C:\Program Files\Ask.com

Map Verwijdert : C:\Program Files\AVG Secure Search

Map Verwijdert : C:\Program Files\Common Files\AVG Secure Search

Map Verwijdert : C:\Program Files\Common Files\DVDVideoSoft\TB

Map Verwijdert : C:\Program Files\Conduit

Map Verwijdert : C:\Program Files\DVDVideoSoftTB

Map Verwijdert : C:\Program Files\Ilivid

Map Verwijdert : C:\Program Files\Protected Search

Map Verwijdert : C:\Program Files\Softonic

Map Verwijdert : C:\Program Files\Viewpoint

Verwijdert bij het opstarten : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla

***** [Register] *****

Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit

Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_2

Sleutel Verwijdert : HKCU\Software\AVG Secure Search

Sleutel Verwijdert : HKCU\Software\AVG Security Toolbar

Sleutel Verwijdert : HKCU\Software\Conduit

Sleutel Verwijdert : HKCU\Software\ConduitSearchScopes

Sleutel Verwijdert : HKCU\Software\DealPly

Sleutel Verwijdert : HKCU\Software\DVDVideoSoftTB

Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Sleutel Verwijdert : HKCU\Software\IM

Sleutel Verwijdert : HKCU\Software\ImInstaller

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\DealPly

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly

Sleutel Verwijdert : HKCU\Software\ProtectedSearch

Sleutel Verwijdert : HKCU\Software\Softonic

Sleutel Verwijdert : HKCU\Toolbar

Sleutel Verwijdert : HKLM\Software\AVG Secure Search

Sleutel Verwijdert : HKLM\Software\AVG Security Toolbar

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\secman.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Conduit.Engine

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SoftonicApp.appCore

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2088433

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2269050

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2724386

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Sleutel Verwijdert : HKLM\Software\Conduit

Sleutel Verwijdert : HKLM\Software\DealPly

Sleutel Verwijdert : HKLM\Software\DVDVideoSoftTB

Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla

Sleutel Verwijdert : HKLM\Software\ImInstaller

Sleutel Verwijdert : HKLM\Software\MetaStream

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60C61E51-3FD9-40B3-9E41-4FFCBACE9ABF}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7AADBCF-0DC1-43A7-BC05-5E699A78FCF0}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Protected Search_is1

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF

Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic

Sleutel Verwijdert : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Sleutel Verwijdert : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP

Sleutel Verwijdert : HKLM\Software\Softonic

Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.softonic.com/INF00008/tb_v1?SearchSource=15&cc= --> hxxp://www.google.com

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[s1].txt - [17512 octets] - [06/05/2013 16:29:41]

########## EOF - C:\AdwCleaner[s1].txt - [17573 octets] ##########

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.