Probleem Monstermarketplace

[Aquaman]

Beste kape,

hieronder het log van de laatste bewerking.

mvg

Aquaman

ComboFix 13-07-24.03 - Luce 25/07/2013 10:08:38.2.2 - x86

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1033.18.2038.933 [GMT 2:00]

Gestart vanuit: c:\users\Luce\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Luce\Desktop\CFScript.txt

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\LyricsSpeaker

c:\program files\LyricsSpeaker\120.crx

c:\program files\LyricsSpeaker\120.dat

c:\program files\LyricsSpeaker\120.xpi

c:\program files\LyricsSpeaker\chrome.manifest

c:\program files\LyricsSpeaker\sqlite3.dll

c:\program files\LyricsSpeaker\Uninstall.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-06-25 to 2013-07-25 ))))))))))))))))))))))))))))))

.

.

2013-07-25 08:19 . 2013-07-25 08:19 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-07-25 08:19 . 2013-07-25 08:19 -------- d-----w- c:\users\Bart & Leen\AppData\Local\temp

2013-07-25 08:19 . 2013-07-25 08:19 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2013-07-25 07:02 . 2013-07-25 07:02 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{849688D2-5F20-46EC-8DEB-95EA3A15CBB2}\offreg.dll

2013-07-24 05:18 . 2013-07-02 06:54 7143960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{849688D2-5F20-46EC-8DEB-95EA3A15CBB2}\mpengine.dll

2013-07-23 21:01 . 2013-05-08 05:07 1571160 ------w- c:\windows\TotalUninstaller.exe

2013-07-23 21:01 . 2013-07-23 21:01 -------- d-----w- c:\program files\Samsung

2013-07-23 08:40 . 2013-07-23 08:40 388096 ----a-r- c:\users\Luce\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-07-23 08:40 . 2013-07-23 08:40 -------- d-----w- c:\program files\Trend Micro

2013-07-22 20:58 . 2013-07-22 20:58 -------- d-----w- c:\users\Bart & Leen\AppData\Local\Microsoft Help

2013-07-13 21:34 . 2013-07-13 21:37 -------- d-----w- c:\windows\system32\MRT

2013-07-12 04:51 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\system32\DWrite.dll

2013-07-12 04:51 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL

2013-07-12 04:51 . 2013-06-04 04:53 509440 ----a-w- c:\windows\system32\qedit.dll

2013-07-12 04:51 . 2013-06-05 03:05 2347520 ----a-w- c:\windows\system32\win32k.sys

2013-07-12 04:51 . 2013-04-10 05:03 936448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2013-07-12 04:51 . 2013-04-10 05:03 988672 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll

2013-07-12 04:51 . 2013-04-10 05:03 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll

2013-07-12 04:51 . 2013-04-10 05:04 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL

2013-07-12 04:51 . 2013-05-27 04:57 680960 ----a-w- c:\program files\Windows Defender\MpSvc.dll

2013-07-12 04:51 . 2013-05-27 04:57 392704 ----a-w- c:\program files\Windows Defender\MpClient.dll

2013-07-12 04:51 . 2013-05-27 04:57 224768 ----a-w- c:\program files\Windows Defender\MpCommu.dll

2013-07-11 09:14 . 2013-07-11 09:20 -------- d-----w- c:\users\Bart & Leen\AppData\Roaming\vlc

2013-07-03 21:08 . 2013-07-03 21:12 -------- d-----r- c:\users\Luce\Copy

2013-07-03 21:07 . 2013-07-04 18:04 -------- d-sh--w- c:\windows\system32\AI_RecycleBin

2013-07-03 21:05 . 2013-07-23 09:37 -------- d-----w- c:\users\Luce\AppData\Roaming\Copy

2013-06-25 17:11 . 2013-06-26 16:36 -------- d-----w- c:\program files\Mozilla Thunderbird

2013-06-25 16:22 . 2013-06-25 16:22 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-07-22 16:26 . 2012-04-03 16:20 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-07-22 16:26 . 2011-05-19 17:31 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-06-27 19:22 . 2013-03-16 13:27 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-06-27 19:22 . 2012-05-28 10:45 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-06-27 19:22 . 2010-05-03 19:10 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys

2013-06-25 16:22 . 2012-05-22 19:06 867240 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-06-25 16:22 . 2012-01-31 11:21 789416 ----a-w- c:\windows\system32\deployJava1.dll

2013-06-21 11:32 . 2013-06-21 11:32 212600 ----a-w- c:\windows\system32\SBuySupplies.exe

2013-06-21 11:32 . 2013-04-25 08:30 28672 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\sst6cpc.dll

2013-05-13 04:45 . 2013-06-13 16:47 140288 ----a-w- c:\windows\system32\cryptsvc.dll

2013-05-13 04:45 . 2013-06-13 16:47 1160192 ----a-w- c:\windows\system32\crypt32.dll

2013-05-13 04:45 . 2013-06-13 16:47 103936 ----a-w- c:\windows\system32\cryptnet.dll

2013-05-13 03:08 . 2013-06-13 16:47 903168 ----a-w- c:\windows\system32\certutil.exe

2013-05-13 03:08 . 2013-06-13 16:47 43008 ----a-w- c:\windows\system32\certenc.dll

2013-05-10 18:37 . 2010-04-17 17:38 249856 ------w- c:\windows\Setup1.exe

2013-05-10 18:37 . 2010-04-17 17:38 73216 ----a-w- c:\windows\ST6UNST.EXE

2013-05-10 03:20 . 2013-06-13 16:46 24576 ----a-w- c:\windows\system32\cryptdlg.dll

2013-05-09 08:59 . 2013-03-16 13:27 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2013-05-09 08:59 . 2012-05-28 10:45 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2013-05-09 08:59 . 2010-05-03 19:10 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2013-05-09 08:59 . 2010-05-03 19:10 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-05-09 08:59 . 2010-05-03 19:10 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2013-05-09 08:58 . 2010-06-29 15:24 41664 ----a-w- c:\windows\avastSS.scr

2013-05-09 08:58 . 2010-05-03 19:10 229648 ----a-w- c:\windows\system32\aswBoot.exe

2013-05-09 07:12 . 2012-06-19 19:08 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-05-08 05:38 . 2013-06-13 16:46 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-05-06 05:06 . 2013-06-13 16:46 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-05-06 05:06 . 2013-06-13 16:46 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-05-06 00:48 . 2013-05-11 13:33 17408 ----a-w- c:\windows\Launcher.exe

2013-05-02 00:06 . 2009-11-28 15:37 238872 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-05-09 08:58 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1aCopyShExtError]

@="{83BEA36E-7680-4598-A4DF-994426F6E78D}"

[HKEY_CLASSES_ROOT\CLSID\{83BEA36E-7680-4598-A4DF-994426F6E78D}]

2013-07-04 18:04 3086336 ----a-w- c:\users\Luce\AppData\Roaming\Copy\overlay\CopyShExt.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2aCopyShExtSynced]

@="{845B7388-6F85-4F32-9FD5-F02DC7882B89}"

[HKEY_CLASSES_ROOT\CLSID\{845B7388-6F85-4F32-9FD5-F02DC7882B89}]

2013-07-04 18:04 3086336 ----a-w- c:\users\Luce\AppData\Roaming\Copy\overlay\CopyShExt.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3aCopyShExtSyncing]

@="{F6378A7A-F753-449B-AE1B-997A96132E61}"

[HKEY_CLASSES_ROOT\CLSID\{F6378A7A-F753-449B-AE1B-997A96132E61}]

2013-07-04 18:04 3086336 ----a-w- c:\users\Luce\AppData\Roaming\Copy\overlay\CopyShExt.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4aCopyShExtSyncingProg1]

@="{3A511828-777D-46F8-82F4-5B530C1B3D9E}"

[HKEY_CLASSES_ROOT\CLSID\{3A511828-777D-46F8-82F4-5B530C1B3D9E}]

2013-07-04 18:04 3086336 ----a-w- c:\users\Luce\AppData\Roaming\Copy\overlay\CopyShExt.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5aCopyShExtSyncingProg2]

@="{C8C88204-5B14-40EC-BA72-8AEBC762047E}"

[HKEY_CLASSES_ROOT\CLSID\{C8C88204-5B14-40EC-BA72-8AEBC762047E}]

2013-07-04 18:04 3086336 ----a-w- c:\users\Luce\AppData\Roaming\Copy\overlay\CopyShExt.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6aCopyShExtSyncingProg3]

@="{ACFF45C3-3EEB-4351-86C2-6696BA264239}"

[HKEY_CLASSES_ROOT\CLSID\{ACFF45C3-3EEB-4351-86C2-6696BA264239}]

2013-07-04 18:04 3086336 ----a-w- c:\users\Luce\AppData\Roaming\Copy\overlay\CopyShExt.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7aCopyShExtSyncingProg4]

@="{29AF997F-488B-46F0-AE78-7146F1B89CC3}"

[HKEY_CLASSES_ROOT\CLSID\{29AF997F-488B-46F0-AE78-7146F1B89CC3}]

2013-07-04 18:04 3086336 ----a-w- c:\users\Luce\AppData\Roaming\Copy\overlay\CopyShExt.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8aCopyShExtSyncingProg5]

@="{03F9AD29-1C78-4B66-8890-B177B5430C53}"

[HKEY_CLASSES_ROOT\CLSID\{03F9AD29-1C78-4B66-8890-B177B5430C53}]

2013-07-04 18:04 3086336 ----a-w- c:\users\Luce\AppData\Roaming\Copy\overlay\CopyShExt.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-04-24 17:59 130736 ----a-w- c:\users\Luce\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-04-24 17:59 130736 ----a-w- c:\users\Luce\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-04-24 17:59 130736 ----a-w- c:\users\Luce\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]

"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]

"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2011-12-22 362432]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Copy"="c:\users\Luce\AppData\Roaming\Copy\CopyAgent.exe" [2013-07-17 13267600]

.

c:\users\Luce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Luce\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]

EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2013-1-10 1078624]

Stickies.lnk - c:\program files\Stickies\stickies.exe [2013-3-27 1134592]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk

backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^Luce^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Schermopname en Snel starten.lnk]

path=c:\users\Luce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk

backup=c:\windows\pss\OneNote 2010 Schermopname en Snel starten.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]

2008-04-23 01:08 483328 ----a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid]

2011-05-23 11:36 2068480 ----a-w- c:\program files\Belgium Identity Card\beid35gui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]

2012-07-12 08:14 138096 ----atw- c:\users\Luce\AppData\Local\Facebook\Update\FacebookUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2008-02-27 11:03 570664 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Packard Bell Software Suite]

2009-10-01 06:36 3144736 ----a-w- c:\program files\Packard Bell\Software Suite\PBSoftSuite.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Suite]

2009-10-01 06:36 3144736 ----a-w- c:\program files\Packard Bell\Software Suite\PBSoftSuite.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]

2006-03-30 15:45 313472 ----a-r- c:\program files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe

.

R1 MpKsl148f2eef;MpKsl148f2eef;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{85DBA74C-6511-4122-AA75-2EEDAF3A76DC}\MpKsl148f2eef.sys [x]

R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-02-28 161384]

R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2009-12-15 37632]

R3 cpuz135;cpuz135;c:\program files\CPUID\PC Wizard 2012\pcwiz_x32.sys [2012-08-11 24880]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-19 83168]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]

R3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\DRIVERS\ser2pl.sys [2013-02-22 134144]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 181344]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R4 MyScrapNook_12Service;My Scrap NookService;c:\progra~1\MYSCRA~2\bar\1.bin\12barsvc.exe [x]

S0 aswRvrt;aswRvrt; [x]

S0 aswVmm;aswVmm; [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2011-06-29 66776]

S1 NEOFLTR_700_16899;Juniper Networks TDI Filter Driver (NEOFLTR_700_16899);c:\windows\system32\Drivers\NEOFLTR_700_16899.SYS [2010-10-23 84336]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]

S2 PowerSave;PowerSave Service;c:\program files\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe [2009-04-06 1002016]

S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2011-08-10 5120]

S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - WS2IFSL

.

Inhoud van de 'Gedeelde Taken' map

.

2013-07-25 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 16:26]

.

2013-07-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3323627426-1777380327-1123927095-1001Core.job

- c:\users\Luce\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-28 08:14]

.

2013-07-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3323627426-1777380327-1123927095-1001UA.job

- c:\users\Luce\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-28 08:14]

.

.

------- Bijkomende Scan -------

.

mStart Page = hxxp://www.google.com

mSearch Bar = hxxp://www.google.com

IE: &Verzenden naar OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105

IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Nieuwe notitie - c:\program files\Evernote\Evernote\\EvernoteIERes\NewNote.html

IE: Toevoegen aan Evernote 4 - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html

Trusted Zone: fortis.com\PC Helpforum - Gratis hulp bij computer problemen

TCP: DhcpNameServer = 195.130.131.1 195.130.130.129

FF - ProfilePath - c:\users\Luce\AppData\Roaming\Mozilla\Firefox\Profiles\ukec3ixn.default\

FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/calendar/render?pli=1&gsessionid=6vVdNTGRbIVUtlBQx_9RsQ|iGoogle

FF - ExtSQL: 2013-06-01 09:09; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Luce\AppData\Roaming\Mozilla\Firefox\Profiles\ukec3ixn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF - ExtSQL: 2013-07-08 22:46; lspeaker@lyricsspeaker.net; c:\program files\LyricsSpeaker\120.xpi

.

- - - - ORPHANS VERWIJDERD - - - -

.

MSConfigStartUp-Belkin Storage Manager - c:\program files\Belkin Storage Manager\StorageManager.exe

MSConfigStartUp-ROC_ROC_NT - c:\program files\AVG Secure Search\ROC_ROC_NT.exe

MSConfigStartUp-ROC_roc_ssl_v12 - c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe

MSConfigStartUp-snpstd - c:\windows\vsnpstd.exe

AddRemove-lspeaker@lyricsspeaker.net - c:\program files\LyricsSpeaker\uninstall.exe

AddRemove-{B1CCE550-E1E2-11DB-6784-000B892018BE} - c:\program files\IQNotes\Uninst_iQ-Notes .exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-07-25 10:21:17

ComboFix-quarantined-files.txt 2013-07-25 08:21

ComboFix2.txt 2013-07-24 06:19

.

Pre-Run: 80.624.447.488 bytes beschikbaar

Post-Run: 89.264.340.992 bytes beschikbaar

.

- - End Of File - - 90641E85F5B2D37197EAA126AC187226

A36C5E4F47E84449FF07ED3517B43A31

25 juli 2013 aangepast door Aquaman

[kape]

En dan opnieuw dezelfde vraag: wat met MonsterMarketPlace nu ?