Lag spikes tijdens multigaming + mogelijk malware

[Dredg]

Hey,

Ik heb volgende problemen sinds ik mijn nieuwe laptop een maand geleden heb aangeschaft.

Ik heb een constante ping van 250-300 en om de 5 minuten blokkeert mijn scherm en ga ik naar een ping van 999. Ik heb dit zowel bij Medal Of Honor: Allied Assault als Call Of Duty 2.

Gezien mijn broer op hetzelfde netwerk zit (draadloos wi fi) en geen problemen ondervindt, veronderstel ik dat het aan mijn laptop ligt.

Mijn drivers zijn up to date (denk ik).

Een ander punt is dat ik telkens google.be.trusted.offers krijg (ongewenste reclame) en af en toe zaken van iLIVID... Heb reeds gescand met AVIRA en Malwarebytes, maar die vinden niets.

Aan mijn MOHAA configs ligt het niet gezien ik reeds verschillende commands heb geprobeerd:

snaps 30

cl_maxpackets 60

rate 35000

cl_nodelta 1

cl_packetdup 1

Ook lijkt er niets enorm veel CPU te verbruiken?

Mijn specs:

Welke soort kabel heb ik juist nodig om van mijn draadloos eventjes bekabeld netwerk te maken? Plaats ik die van mijn laptop naar router of modem?

27 juli 2013 aangepast door Dredg

[iEscape]

@ Dredg,

op PCH!

Een ander punt is dat ik telkens google.be.trusted.offers krijg (ongewenste reclame) en af en toe zaken van iLIVID...

We zullen eerst eens nagaan of malware of virussen de oorzaak zijn van je probleem.

1. Download HijackThis. (klik er op)

De download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere PC en het bestand met een USB-stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden. Dit kan je HIER doen.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map. De logjes kan je dan ook in die map terugvinden.

---

2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)

---

3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

p.s. als je een schermafbeelding maakt, maak dan een schermafbeelding alleen van het actieve scherm. Die schermafbeelding in je eerste bericht kan men niet lezen.

27 juli 2013 aangepast door iEscape

[Dredg]

Hey,

Hier mijn logje:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:05:03, on 27/07/2013

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v10.0 (10.00.9200.16537)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\Xfire\Xfire.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

O2 - BHO: Define - {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\Kenny\AppData\Local\DefineExt\temp.dat

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

O4 - HKLM\..\Run: [btTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [Driver Restore] C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe /applicationMode:systemTray /showWelcome:false

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Connected Remote Service (HPConnectedRemote) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: @oem28.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: Intel® Rapid Storage Technologie (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater15.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11018 bytes

[iEscape]

@ Dredg,

Van zodra 1 van de experts online is zal deze je zeker verder helpen aangaande je vraag/probleem.

[kape]

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

O2 - BHO: Define - {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\Kenny\AppData\Local\DefineExt\temp.dat

O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download AdwCleaner by Xplode naar het bureaublad.

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Klik vervolgens op Verwijderen.
  
• Klik bij AdwCleaner – Informatie op OK
  
• Klik bij AdwCleaner – Herstarten Noodzakelijk op OK
  

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.

Nadat de PC opnieuw is opgestart, opent een logfile.

Post aansluitend de inhoud van dit log in je volgende bericht, samen met een nieuw logje van HijackThis.

[Dredg]

# AdwCleaner v2.306 - Verslag gemaakt op 27/07/2013 om 15:50:01

# Geactualiseerd op 19/07/2013 door Xplode

# Besturingssysteem : Windows 8 (64 bits)

# Gebruiker : Kenny - DREDG

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Users\Kenny\Downloads\adwcleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

Map Verwijderd : C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Verwijderd bij het opstarten : C:\Program Files (x86)\Common Files\AVG Secure Search

***** [Register] *****

Sleutel Verwijderd : HKCU\Software\Softonic

Sleutel Verwijderd : HKLM\Software\AVG Security Toolbar

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Waarde Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Google Chrome v28.0.1500.72

File : C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[s1].txt - [4448 octets] - [27/07/2013 15:50:01]

########## EOF - C:\AdwCleaner[s1].txt - [4508 octets] ##########

Hier mijn logje:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:54:50, on 27/07/2013

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v10.0 (10.00.9200.16537)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Define - {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\Kenny\AppData\Local\DefineExt\temp.dat (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O4 - HKLM\..\Run: [btTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [Driver Restore] C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe /applicationMode:systemTray /showWelcome:false

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Connected Remote Service (HPConnectedRemote) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: @oem28.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: Intel® Rapid Storage Technologie (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater15.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10411 bytes

[kape]

Dit is er nog eentje dat je gemist hebt met HijackThis. Wil je dat nog eens opnieuw fixen:

O2 - BHO: Define - {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\Kenny\AppData\Local\DefineExt\temp.dat (file missing)

Download ComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

• Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  
• Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  
• Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  
• Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  
• Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  
• Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  
• Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  
• Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  
• Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
  

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

• Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  
• Illegal operation attempted on a registry key that has been marked for deletion.
  

[Dredg]

Quasi zeker van dat ik dat lijntje ook had aangevinkt...

Hier txt van ComboFix

ComboFix 13-07-27.01 - Kenny 27/07/2013 21:02:29.1.8 - x64

Microsoft Windows 8 6.2.9200.0.1252.32.1043.18.8084.5992 [GMT 2:00]

Gestart vanuit: c:\users\Kenny\Downloads\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Kenny\AppData\Local\assembly\tmp

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-06-27 to 2013-07-27 ))))))))))))))))))))))))))))))

.

.

2013-07-27 19:06 . 2013-07-27 19:06 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-07-27 15:21 . 2013-07-27 15:21 -------- d-----w- c:\programdata\D-Link

2013-07-27 15:19 . 2012-02-10 14:36 986728 ----a-w- c:\windows\system32\drivers\rtwlanu.sys

2013-07-27 13:50 . 2013-07-27 13:50 121 ----a-w- c:\windows\DeleteOnReboot.bat

2013-07-27 09:59 . 2013-07-27 09:59 -------- d-----w- c:\program files (x86)\Trend Micro

2013-07-27 08:30 . 2013-07-27 08:30 289968 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10211.bin

2013-07-27 07:53 . 2013-07-27 07:53 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-07-27 07:53 . 2013-07-27 07:53 -------- d-----w- c:\programdata\Malwarebytes

2013-07-27 07:53 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-07-25 10:02 . 2012-10-17 03:57 929792 ----a-w- c:\windows\SysWow64\mfnetsrc.dll

2013-07-25 10:02 . 2012-10-17 03:57 568832 ----a-w- c:\windows\SysWow64\mfnetcore.dll

2013-07-25 10:02 . 2012-10-17 03:57 513024 ----a-w- c:\windows\SysWow64\mfmpeg2srcsnk.dll

2013-07-25 10:02 . 2012-10-17 04:32 1172992 ----a-w- c:\windows\system32\mfnetsrc.dll

2013-07-25 10:02 . 2012-10-17 04:32 677888 ----a-w- c:\windows\system32\mfnetcore.dll

2013-07-25 10:02 . 2012-10-17 04:32 673280 ----a-w- c:\windows\system32\mfmpeg2srcsnk.dll

2013-07-24 18:22 . 2012-10-12 05:39 82944 ----a-w- c:\windows\SysWow64\dskquota.dll

2013-07-24 18:22 . 2012-10-12 06:13 109568 ----a-w- c:\windows\system32\dskquota.dll

2013-07-24 18:14 . 2013-07-24 18:13 83672 ----a-w- c:\windows\system32\drivers\avnetflt.sys

2013-07-24 18:14 . 2013-07-24 18:13 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2013-07-24 18:14 . 2013-07-24 18:13 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys

2013-07-24 18:14 . 2013-07-24 18:14 -------- d-----w- c:\programdata\Avira

2013-07-24 18:14 . 2013-07-24 18:14 -------- d-----w- c:\program files (x86)\Avira

2013-07-24 18:14 . 2013-07-24 18:13 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2013-07-21 15:52 . 2013-07-21 15:52 -------- d-sh--w- c:\windows\ftpcache

2013-07-21 15:42 . 2013-07-21 15:42 -------- d-----w- c:\program files (x86)\Activision

2013-07-20 20:28 . 2013-07-20 20:28 -------- d-----w- c:\program files (x86)\Xfire

2013-07-20 17:57 . 2013-07-20 17:57 -------- d-----w- c:\program files (x86)\AMD APP

2013-07-20 17:55 . 2013-07-20 17:55 -------- d-----w- C:\AMD

2013-07-20 17:42 . 2013-07-20 17:42 -------- d-----w- c:\program files (x86)\SystemRequirementsLab

2013-07-19 23:38 . 2012-10-24 04:54 396008 ----a-w- c:\windows\system32\hal.dll

2013-07-10 16:00 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll

2013-07-10 16:00 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll

2013-07-10 16:00 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL

2013-07-10 16:00 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll

2013-07-10 16:00 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll

2013-07-10 16:00 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll

2013-07-10 16:00 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2013-07-10 15:59 . 2013-05-30 23:14 4036096 ----a-w- c:\windows\system32\win32k.sys

2013-07-10 15:59 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll

2013-07-10 15:59 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll

2013-07-10 15:59 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-07-10 15:59 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-07-10 15:57 . 2013-05-04 06:59 2842112 ----a-w- c:\windows\system32\WMVDECOD.DLL

2013-07-10 15:57 . 2013-05-04 04:57 2620928 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL

2013-07-07 15:56 . 2012-11-20 05:24 1164800 ----a-w- c:\windows\SysWow64\Display.dll

2013-07-07 15:56 . 2012-11-20 05:17 1184256 ----a-w- c:\windows\system32\Display.dll

2013-07-07 15:56 . 2012-11-20 05:02 6656 ----a-w- c:\windows\SysWow64\KBDKURD.DLL

2013-07-07 15:56 . 2012-11-20 04:59 7168 ----a-w- c:\windows\system32\KBDKURD.DLL

2013-07-07 15:56 . 2012-11-08 04:25 523776 ----a-w- c:\windows\SysWow64\WSShared.dll

2013-07-07 15:56 . 2012-11-08 04:25 143872 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.dll

2013-07-07 15:56 . 2012-11-08 04:25 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll

2013-07-07 15:56 . 2012-11-08 04:22 641536 ----a-w- c:\windows\system32\WSShared.dll

2013-07-07 15:56 . 2012-11-08 04:22 198656 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.dll

2013-07-07 15:56 . 2012-11-08 04:22 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2013-07-07 15:55 . 2012-10-11 05:45 3236864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll

2013-07-07 15:55 . 2012-10-11 07:47 793200 ----a-w- c:\windows\system32\mfplat.dll

2013-07-07 15:55 . 2012-10-11 05:46 1395712 ----a-w- c:\windows\system32\Windows.UI.Immersive.dll

2013-07-07 15:55 . 2012-10-11 05:45 579584 ----a-w- c:\windows\system32\StructuredQuery.dll

2013-07-07 15:55 . 2012-10-11 05:44 1265152 ----a-w- c:\windows\system32\lsasrv.dll

2013-07-07 15:55 . 2012-10-11 05:07 1226752 ----a-w- c:\windows\SysWow64\Windows.UI.Immersive.dll

2013-07-07 15:53 . 2012-11-06 04:18 11459584 ----a-w- c:\windows\system32\glcndFilter.dll

2013-07-07 06:19 . 2013-05-15 22:35 144384 ----a-w- c:\windows\system32\tssdisai.dll

2013-07-07 05:57 . 2013-07-07 05:57 -------- d-----w- c:\users\Public\CyberLink

2013-07-06 20:51 . 2013-06-27 22:04 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-07-06 20:51 . 2013-06-27 22:04 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-07-06 20:43 . 2013-07-07 05:56 -------- d-----r- c:\windows\BrowserChoice

2013-07-06 20:23 . 2013-07-06 20:23 -------- d-----w- C:\sources

2013-07-06 18:53 . 2013-07-06 18:53 495856 ----a-w- c:\windows\system32\drivers\SynTP.sys

2013-07-06 18:53 . 2013-07-06 18:53 264432 ----a-w- c:\windows\system32\SynTPAPI.dll

2013-07-06 18:53 . 2013-07-06 18:53 192240 ----a-w- c:\windows\system32\SynTPCo18.dll

2013-07-06 18:53 . 2013-07-06 18:53 151280 ----a-w- c:\windows\SysWow64\SynTPCom.dll

2013-07-06 18:53 . 2013-07-06 18:53 544496 ----a-w- c:\windows\SysWow64\SynCom.dll

2013-07-06 18:53 . 2013-07-06 18:53 1060080 ----a-w- c:\windows\system32\SynCOM.dll

2013-07-06 18:53 . 2013-07-06 18:53 33008 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys

2013-07-06 11:24 . 2013-07-06 11:24 -------- d-----w- c:\program files (x86)\VideoLAN

2013-07-06 11:13 . 2013-07-27 07:49 -------- d-----w- c:\program files (x86)\MyPC Backup

2013-07-06 10:56 . 2013-07-10 16:50 78185248 ----a-w- c:\windows\system32\MRT.exe

2013-07-05 19:02 . 2013-07-05 19:02 -------- d-----w- c:\programdata\ATI

2013-07-05 18:53 . 2013-07-05 18:57 -------- d-----w- c:\program files\ATI Technologies

2013-07-05 18:51 . 2013-07-05 18:51 -------- d-----w- c:\program files (x86)\GrabIt

2013-07-05 18:25 . 2013-07-05 18:25 -------- d-----w- c:\program files (x86)\Common Files\Java

2013-07-05 18:25 . 2013-07-05 18:25 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2013-07-05 18:25 . 2013-07-05 18:25 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll

2013-07-05 18:25 . 2013-07-05 18:25 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-07-05 18:25 . 2013-07-05 18:25 -------- d-----w- c:\program files (x86)\Java

2013-07-05 18:00 . 2013-07-05 18:00 -------- d-----w- c:\program files (x86)\HP

2013-07-05 17:55 . 2013-07-05 17:55 -------- d-----w- c:\programdata\UAB

2013-07-05 17:55 . 2013-07-05 17:55 -------- d-----w- c:\programdata\Driver Restore

2013-07-05 17:53 . 2013-07-05 17:53 -------- d-----w- c:\program files (x86)\Driver Restore

2013-07-05 17:42 . 2006-02-03 06:43 3830992 ----a-w- c:\windows\system32\d3dx9_29.dll

2013-07-05 17:31 . 2012-11-10 04:22 126976 ----a-w- c:\windows\system32\RDWebAI.dll

2013-07-05 17:31 . 2012-11-10 04:23 132608 ----a-w- c:\windows\SysWow64\poqexec.exe

2013-07-05 17:31 . 2012-11-10 04:23 148480 ----a-w- c:\windows\system32\poqexec.exe

2013-07-05 17:31 . 2012-11-10 04:22 122880 ----a-w- c:\windows\system32\VmHostAI.dll

2013-07-05 17:31 . 2012-11-10 04:20 135680 ----a-w- c:\windows\system32\appserverai.dll

2013-07-05 17:26 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll

2013-07-05 17:25 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll

2013-07-05 17:21 . 2013-03-02 02:43 1933312 ----a-w- c:\windows\system32\wbem\cimwin32.dll

2013-07-05 17:20 . 2013-04-09 04:51 14267904 ----a-w- c:\windows\system32\wmp.dll

2013-07-05 17:19 . 2013-04-16 02:34 1455368 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-07-05 17:18 . 2013-05-15 02:25 888320 ----a-w- c:\windows\system32\autochk.exe

2013-07-05 17:18 . 2013-05-15 02:25 542208 ----a-w- c:\windows\system32\untfs.dll

2013-07-05 17:18 . 2013-05-15 02:24 793088 ----a-w- c:\windows\SysWow64\autochk.exe

2013-07-05 17:18 . 2013-05-15 02:24 482816 ----a-w- c:\windows\SysWow64\untfs.dll

2013-07-05 17:18 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll

2013-07-05 17:18 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll

2013-07-05 17:18 . 2013-05-30 23:24 1257472 ----a-w- c:\windows\system32\kernel32.dll

2013-07-05 17:18 . 2012-11-26 04:20 86016 ----a-w- c:\windows\system32\ncryptsslp.dll

2013-07-05 17:18 . 2012-11-26 04:21 71168 ----a-w- c:\windows\SysWow64\ncryptsslp.dll

2013-07-05 17:18 . 2013-05-23 23:01 1300992 ----a-w- c:\windows\system32\gdi32.dll

2013-07-05 17:18 . 2013-05-23 22:27 1022464 ----a-w- c:\windows\SysWow64\gdi32.dll

2013-07-05 17:16 . 2013-02-02 05:41 1437184 ----a-w- c:\windows\SysWow64\GdiPlus.dll

2013-07-05 17:15 . 2013-04-28 22:28 915968 ----a-w- c:\windows\system32\uxtheme.dll

2013-07-05 17:10 . 2013-07-20 20:29 -------- d-----w- c:\programdata\Xfire

2013-07-05 17:10 . 2013-07-05 17:09 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2013-07-05 17:10 . 2013-07-05 17:10 -------- d-----w- c:\programdata\AVG SafeGuard toolbar

2013-07-05 17:10 . 2013-07-27 13:50 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search

2013-07-05 17:10 . 2013-07-05 17:10 -------- d-----w- c:\program files (x86)\AVG SafeGuard toolbar

2013-07-05 16:48 . 2013-07-05 16:49 -------- d-----w- c:\program files (x86)\Google

2013-07-05 16:45 . 2013-07-05 16:45 -------- d-----w- c:\program files\EA GAMES

2013-07-05 16:43 . 2013-07-21 15:41 -------- d-----w- c:\program files (x86)\Common Files\InstallShield

2013-07-05 16:39 . 2013-07-05 16:39 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin

2013-07-05 16:39 . 2013-07-05 16:39 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin

2013-07-03 17:09 . 2013-07-24 18:06 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared

2013-07-03 16:45 . 2013-07-05 18:02 -------- d-----w- c:\users\Kenny

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-07-06 19:38 . 2012-12-28 07:26 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll

2013-07-06 19:38 . 2012-12-28 07:26 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll

2013-07-06 19:38 . 2012-12-28 07:26 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll

2013-07-03 16:45 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-07-05 18:02 222832 ----a-w- c:\users\Kenny\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-07-05 18:02 222832 ----a-w- c:\users\Kenny\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-07-05 18:02 222832 ----a-w- c:\users\Kenny\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Driver Restore"="c:\program files (x86)\Driver Restore\Driver Restore\DriverRestore.exe" [2013-06-25 3967352]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"BtTray"="c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" [2012-09-19 371976]

"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-09-07 581024]

"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-04 642216]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-07-24 345144]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableCursorSuppression"= 1 (0x1)

"ConsentPromptBehaviorUser"= 3 (0x3)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="userinit.exe"

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]

R3 getbus;getbus;c:\users\Kenny\AppData\Local\Temp\getbus.sys;c:\users\Kenny\AppData\Local\Temp\getbus.sys [x]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]

R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]

R3 RTL8192cu;%RTL8192cu.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]

R3 SmbDrv;SmbDrv;c:\windows\System32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]

R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]

R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys;c:\program files (x86)\Xfire2\XFDriver64.sys [x]

R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]

S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\System32\drivers\amdkmpfd.sys;c:\windows\SYSNATIVE\drivers\amdkmpfd.sys [x]

S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 AntiVirSchedulerService;Avira Planner;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]

S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]

S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]

S2 HPConnectedRemote;HP Connected Remote Service;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [x]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]

S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technologie;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [x]

S3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service;c:\windows\System32\Drivers\BtAudioBus.sys;c:\windows\SYSNATIVE\Drivers\BtAudioBus.sys [x]

S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;c:\windows\System32\Drivers\BtL2caScoIf.sys;c:\windows\SYSNATIVE\Drivers\BtL2caScoIf.sys [x]

S3 BthLEEnum;Bluetooth Low Energy-stuurprogramma;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]

S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;c:\windows\System32\Drivers\IvtUrbBtFlt.sys;c:\windows\SYSNATIVE\Drivers\IvtUrbBtFlt.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]

S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]

S3 rtbth;RTBTH Bluetooth Device Driver;c:\windows\System32\drivers\rtbth.sys;c:\windows\SYSNATIVE\drivers\rtbth.sys [x]

S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]

S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]

S3 WirelessButtonDriver;HP Wireless Button Driver Service;c:\windows\System32\drivers\WirelessButtonDriver64.sys;c:\windows\SYSNATIVE\drivers\WirelessButtonDriver64.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

apphost REG_MULTI_SZ apphostsvc

iissvcs REG_MULTI_SZ w3svc was

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-07-13 07:58 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-05 16:48]

.

2013-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-05 16:48]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-07-05 18:02 261744 ----a-w- c:\users\Kenny\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-07-05 18:02 261744 ----a-w- c:\users\Kenny\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-07-05 18:02 261744 ----a-w- c:\users\Kenny\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-08-20 1664000]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-09-04 171040]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-09-04 399392]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-09-04 441888]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 195.130.131.1 195.130.130.129

.

- - - - ORPHANS VERWIJDERD - - - -

.

BHO-{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - c:\users\Kenny\AppData\Local\DefineExt\temp.dat

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

@SACL=(02 0000)

.

Voltooingstijd: 2013-07-27 21:09:59

ComboFix-quarantined-files.txt 2013-07-27 19:09

.

Pre-Run: 398 092 492 800 bytes free

Post-Run: 398 395 719 680 bytes free

.

- - End Of File - - 2E9F45A4D59E57724B3B18DF4ABC9351

D41D8CD98F00B204E9800998ECF8427E

[kape]

Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

Schakel alle antivirus- en antispywareprogramma's uit, want deze kunnen namelijk conflicteren met ComboFix.

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

Open een nieuw leeg Kladblok scherm, kopieer en plak hierin de volgende code.

 
Folder::
C:\Users\Kenny\AppData\Local\DefineExt
C:\Program Files (x86)\Common Files\AVG Secure Search
c:\program files (x86)\MyPC Backup
c:\programdata\AVG SafeGuard toolbar
c:\program files (x86)\AVG SafeGuard toolbar

Driver::
getbus
vToolbarUpdater15.3.0  

Sla dit op op je Bureaublad als CFScript.txt

Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld:

Nu zal ComboFix vanzelf worden gestart.

Start opnieuw op als daarom gevraagd wordt, en post de inhoud van de Combofix.txt in je volgende antwoord.

[Dredg]

Hey,

Hier het logje van ComboFix:

ComboFix 13-07-27.01 - Kenny 28/07/2013 10:11:04.2.8 - x64

Microsoft Windows 8 6.2.9200.0.1252.32.1043.18.8084.6000 [GMT 2:00]

Gestart vanuit: c:\users\Kenny\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Kenny\Desktop\CFScript.txt

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\AVG SafeGuard toolbar

c:\program files (x86)\AVG SafeGuard toolbar\15.3.0.11\AVG SafeGuard toolbar_toolbar.dll

c:\program files (x86)\AVG SafeGuard toolbar\about.gif

c:\program files (x86)\AVG SafeGuard toolbar\active-threats18.gif

c:\program files (x86)\AVG SafeGuard toolbar\AVG SafeGuard toolbar

c:\program files (x86)\AVG SafeGuard toolbar\Chrome\content\icons\bg_close.gif

c:\program files (x86)\AVG SafeGuard toolbar\Chrome\content\icons\bg_expand.gif

c:\program files (x86)\AVG SafeGuard toolbar\Chrome\content\icons\bg_tooltip.gif

c:\program files (x86)\AVG SafeGuard toolbar\Chrome\content\icons\bg_tracking.gif

c:\program files (x86)\AVG SafeGuard toolbar\Chrome\content\icons\bull4x4.gif

c:\program files (x86)\AVG SafeGuard toolbar\Chrome\content\icons\divider.gif

c:\program files (x86)\AVG SafeGuard toolbar\Chrome\content\icons\innerBG_gradient.gif

c:\program files (x86)\AVG SafeGuard toolbar\ChromeGuardRes\avg_logo_medium.png

c:\program files (x86)\AVG SafeGuard toolbar\ChromeGuardRes\cg.css

c:\program files (x86)\AVG SafeGuard toolbar\ChromeGuardRes\cg.js

c:\program files (x86)\AVG SafeGuard toolbar\ChromeGuardRes\ChromeGuadDsp.html

c:\program files (x86)\AVG SafeGuard toolbar\ChromeGuardRes\jquery-1.8.1.min.js

c:\program files (x86)\AVG SafeGuard toolbar\ChromeRes\nt.html

c:\program files (x86)\AVG SafeGuard toolbar\ChromeRes\nt28.html

c:\program files (x86)\AVG SafeGuard toolbar\ChromeRes\nt28.js

c:\program files (x86)\AVG SafeGuard toolbar\CleanHistory.gif

c:\program files (x86)\AVG SafeGuard toolbar\configuration.xml

c:\program files (x86)\AVG SafeGuard toolbar\current.gif

c:\program files (x86)\AVG SafeGuard toolbar\currently-safe18.gif

c:\program files (x86)\AVG SafeGuard toolbar\data.zip

c:\program files (x86)\AVG SafeGuard toolbar\DSPDlg_IE\all.css

c:\program files (x86)\AVG SafeGuard toolbar\DSPDlg_IE\btn-ok2.gif

c:\program files (x86)\AVG SafeGuard toolbar\DSPDlg_IE\downBtn.png

c:\program files (x86)\AVG SafeGuard toolbar\DSPDlg_IE\DSPDlg_IE.html

c:\program files (x86)\AVG SafeGuard toolbar\DSPDlg_IE\logo2.png

c:\program files (x86)\AVG SafeGuard toolbar\DSPDlg_IE\upBtn.png

c:\program files (x86)\AVG SafeGuard toolbar\EnableHelperRes\EEImageHandler.html

c:\program files (x86)\AVG SafeGuard toolbar\EnableHelperRes\Images\box_ie.png

c:\program files (x86)\AVG SafeGuard toolbar\EULA.gif

c:\program files (x86)\AVG SafeGuard toolbar\Eula.txt

c:\program files (x86)\AVG SafeGuard toolbar\favicon.ico

c:\program files (x86)\AVG SafeGuard toolbar\feedback.gif

c:\program files (x86)\AVG SafeGuard toolbar\FireFoxSearchXml.tmp

c:\program files (x86)\AVG SafeGuard toolbar\help.gif

c:\program files (x86)\AVG SafeGuard toolbar\icon18.gif

c:\program files (x86)\AVG SafeGuard toolbar\labs.gif

c:\program files (x86)\AVG SafeGuard toolbar\Licenses\CPOL license.txt

c:\program files (x86)\AVG SafeGuard toolbar\Licenses\Encoding_decoding_base64.txt

c:\program files (x86)\AVG SafeGuard toolbar\Licenses\hmac.txt

c:\program files (x86)\AVG SafeGuard toolbar\Licenses\LICENSE-bsdiff.txt

c:\program files (x86)\AVG SafeGuard toolbar\Licenses\LICENSE-bzip.txt

c:\program files (x86)\AVG SafeGuard toolbar\Licenses\LICENSE-JasonCpp.txt

c:\program files (x86)\AVG SafeGuard toolbar\Licenses\LICENSE-MPL-NPAPI.txt

c:\program files (x86)\AVG SafeGuard toolbar\Licenses\LICENSE-sparsehash.txt

c:\program files (x86)\AVG SafeGuard toolbar\Licenses\Log4CPlus.txt

c:\program files (x86)\AVG SafeGuard toolbar\Licenses\PassthruApp.txt

c:\program files (x86)\AVG SafeGuard toolbar\lip.exe

c:\program files (x86)\AVG SafeGuard toolbar\performanceIcon.gif

c:\program files (x86)\AVG SafeGuard toolbar\PostInstall.exe

c:\program files (x86)\AVG SafeGuard toolbar\PostInstaller.ini

c:\program files (x86)\AVG SafeGuard toolbar\privacy.gif

c:\program files (x86)\AVG SafeGuard toolbar\remote_configuration.xml

c:\program files (x86)\AVG SafeGuard toolbar\search.gif

c:\program files (x86)\AVG SafeGuard toolbar\setup.bmp

c:\program files (x86)\AVG SafeGuard toolbar\surf-with-caution18.gif

c:\program files (x86)\AVG SafeGuard toolbar\Uninstall.exe

c:\program files (x86)\AVG SafeGuard toolbar\uninstall.gif

c:\program files (x86)\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall\cp-bg.png

c:\program files (x86)\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall\cp_logo.png

c:\program files (x86)\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall\downBtn.png

c:\program files (x86)\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall\loader.gif

c:\program files (x86)\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall\uninstall-bg.png

c:\program files (x86)\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall\upBtn.png

c:\program files (x86)\AVG SafeGuard toolbar\UninstallRes\ClientPackage\jquery-1.5.1.min.js

c:\program files (x86)\AVG SafeGuard toolbar\UninstallRes\ClientPackage\jquery-1.8.1.min.js

c:\program files (x86)\AVG SafeGuard toolbar\UninstallRes\ClientPackage\uninstall_cp.css

c:\program files (x86)\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Uninstall_cp.html

c:\program files (x86)\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Uninstall_cp_step2.html

c:\program files (x86)\AVG SafeGuard toolbar\updating18.gif

c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe

c:\program files (x86)\Common Files\AVG Secure Search

c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\log4cplusU.dll

c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe

c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe

c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\UpdaterConfig.ini

c:\program files (x86)\MyPC Backup

c:\program files (x86)\MyPC Backup\DEL_UnRegisterExtensions.exe

c:\programdata\AVG SafeGuard toolbar

c:\programdata\AVG SafeGuard toolbar\ChromeExt\15.3.0.11\avg.crx

c:\programdata\AVG SafeGuard toolbar\Logger\logger.properties

c:\users\Kenny\AppData\Local\DefineExt

c:\users\Kenny\AppData\Local\DefineExt\.build

c:\users\Kenny\AppData\Local\DefineExt\.user

c:\users\Kenny\AppData\Local\DefineExt\eula.txt

c:\users\Kenny\AppData\Local\DefineExt\uninst.exe

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_getbus

-------\Service_vToolbarUpdater15.3.0

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-06-28 to 2013-07-28 ))))))))))))))))))))))))))))))

.

.

2013-07-28 08:15 . 2013-07-28 08:15 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-07-27 15:21 . 2013-07-27 15:21 -------- d-----w- c:\programdata\D-Link

2013-07-27 15:19 . 2012-02-10 14:36 986728 ----a-w- c:\windows\system32\drivers\rtwlanu.sys

2013-07-27 13:50 . 2013-07-27 13:50 121 ----a-w- c:\windows\DeleteOnReboot.bat

2013-07-27 09:59 . 2013-07-27 09:59 -------- d-----w- c:\program files (x86)\Trend Micro

2013-07-27 08:30 . 2013-07-27 08:30 289968 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10211.bin

2013-07-27 07:53 . 2013-07-27 07:53 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-07-27 07:53 . 2013-07-27 07:53 -------- d-----w- c:\programdata\Malwarebytes

2013-07-27 07:53 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-07-25 10:02 . 2012-10-17 03:57 929792 ----a-w- c:\windows\SysWow64\mfnetsrc.dll

2013-07-25 10:02 . 2012-10-17 03:57 568832 ----a-w- c:\windows\SysWow64\mfnetcore.dll

2013-07-25 10:02 . 2012-10-17 03:57 513024 ----a-w- c:\windows\SysWow64\mfmpeg2srcsnk.dll

2013-07-25 10:02 . 2012-10-17 04:32 1172992 ----a-w- c:\windows\system32\mfnetsrc.dll

2013-07-25 10:02 . 2012-10-17 04:32 677888 ----a-w- c:\windows\system32\mfnetcore.dll

2013-07-25 10:02 . 2012-10-17 04:32 673280 ----a-w- c:\windows\system32\mfmpeg2srcsnk.dll

2013-07-24 18:22 . 2012-10-12 05:39 82944 ----a-w- c:\windows\SysWow64\dskquota.dll

2013-07-24 18:22 . 2012-10-12 06:13 109568 ----a-w- c:\windows\system32\dskquota.dll

2013-07-24 18:14 . 2013-07-24 18:13 83672 ----a-w- c:\windows\system32\drivers\avnetflt.sys

2013-07-24 18:14 . 2013-07-24 18:13 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2013-07-24 18:14 . 2013-07-24 18:13 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys

2013-07-24 18:14 . 2013-07-24 18:14 -------- d-----w- c:\programdata\Avira

2013-07-24 18:14 . 2013-07-24 18:14 -------- d-----w- c:\program files (x86)\Avira

2013-07-24 18:14 . 2013-07-24 18:13 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2013-07-21 15:52 . 2013-07-21 15:52 -------- d-sh--w- c:\windows\ftpcache

2013-07-21 15:42 . 2013-07-21 15:42 -------- d-----w- c:\program files (x86)\Activision

2013-07-20 20:28 . 2013-07-20 20:28 -------- d-----w- c:\program files (x86)\Xfire

2013-07-20 17:57 . 2013-07-20 17:57 -------- d-----w- c:\program files (x86)\AMD APP

2013-07-20 17:55 . 2013-07-20 17:55 -------- d-----w- C:\AMD

2013-07-20 17:42 . 2013-07-20 17:42 -------- d-----w- c:\program files (x86)\SystemRequirementsLab

2013-07-19 23:38 . 2012-10-24 04:54 396008 ----a-w- c:\windows\system32\hal.dll

2013-07-10 16:00 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll

2013-07-10 16:00 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll

2013-07-10 16:00 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL

2013-07-10 16:00 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll

2013-07-10 16:00 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll

2013-07-10 16:00 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll

2013-07-10 16:00 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2013-07-10 15:59 . 2013-05-30 23:14 4036096 ----a-w- c:\windows\system32\win32k.sys

2013-07-10 15:59 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll

2013-07-10 15:59 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll

2013-07-10 15:59 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-07-10 15:59 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-07-10 15:57 . 2013-05-04 06:59 2842112 ----a-w- c:\windows\system32\WMVDECOD.DLL

2013-07-10 15:57 . 2013-05-04 04:57 2620928 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL

2013-07-07 15:56 . 2012-11-20 05:24 1164800 ----a-w- c:\windows\SysWow64\Display.dll

2013-07-07 15:56 . 2012-11-20 05:17 1184256 ----a-w- c:\windows\system32\Display.dll

2013-07-07 15:56 . 2012-11-20 05:02 6656 ----a-w- c:\windows\SysWow64\KBDKURD.DLL

2013-07-07 15:56 . 2012-11-20 04:59 7168 ----a-w- c:\windows\system32\KBDKURD.DLL

2013-07-07 15:56 . 2012-11-08 04:25 523776 ----a-w- c:\windows\SysWow64\WSShared.dll

2013-07-07 15:56 . 2012-11-08 04:25 143872 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.dll

2013-07-07 15:56 . 2012-11-08 04:25 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll

2013-07-07 15:56 . 2012-11-08 04:22 641536 ----a-w- c:\windows\system32\WSShared.dll

2013-07-07 15:56 . 2012-11-08 04:22 198656 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.dll

2013-07-07 15:56 . 2012-11-08 04:22 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2013-07-07 15:55 . 2012-10-11 05:45 3236864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll

2013-07-07 15:55 . 2012-10-11 07:47 793200 ----a-w- c:\windows\system32\mfplat.dll

2013-07-07 15:55 . 2012-10-11 05:46 1395712 ----a-w- c:\windows\system32\Windows.UI.Immersive.dll

2013-07-07 15:55 . 2012-10-11 05:45 579584 ----a-w- c:\windows\system32\StructuredQuery.dll

2013-07-07 15:55 . 2012-10-11 05:44 1265152 ----a-w- c:\windows\system32\lsasrv.dll

2013-07-07 15:55 . 2012-10-11 05:07 1226752 ----a-w- c:\windows\SysWow64\Windows.UI.Immersive.dll

2013-07-07 15:53 . 2012-11-06 04:18 11459584 ----a-w- c:\windows\system32\glcndFilter.dll

2013-07-07 06:19 . 2013-05-15 22:35 144384 ----a-w- c:\windows\system32\tssdisai.dll

2013-07-07 05:57 . 2013-07-07 05:57 -------- d-----w- c:\users\Public\CyberLink

2013-07-06 20:51 . 2013-06-27 22:04 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-07-06 20:51 . 2013-06-27 22:04 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-07-06 20:43 . 2013-07-07 05:56 -------- d-----r- c:\windows\BrowserChoice

2013-07-06 20:23 . 2013-07-06 20:23 -------- d-----w- C:\sources

2013-07-06 18:53 . 2013-07-06 18:53 495856 ----a-w- c:\windows\system32\drivers\SynTP.sys

2013-07-06 18:53 . 2013-07-06 18:53 264432 ----a-w- c:\windows\system32\SynTPAPI.dll

2013-07-06 18:53 . 2013-07-06 18:53 192240 ----a-w- c:\windows\system32\SynTPCo18.dll

2013-07-06 18:53 . 2013-07-06 18:53 151280 ----a-w- c:\windows\SysWow64\SynTPCom.dll

2013-07-06 18:53 . 2013-07-06 18:53 544496 ----a-w- c:\windows\SysWow64\SynCom.dll

2013-07-06 18:53 . 2013-07-06 18:53 1060080 ----a-w- c:\windows\system32\SynCOM.dll

2013-07-06 18:53 . 2013-07-06 18:53 33008 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys

2013-07-06 11:24 . 2013-07-06 11:24 -------- d-----w- c:\program files (x86)\VideoLAN

2013-07-06 10:56 . 2013-07-10 16:50 78185248 ----a-w- c:\windows\system32\MRT.exe

2013-07-05 19:02 . 2013-07-05 19:02 -------- d-----w- c:\programdata\ATI

2013-07-05 18:53 . 2013-07-05 18:57 -------- d-----w- c:\program files\ATI Technologies

2013-07-05 18:51 . 2013-07-05 18:51 -------- d-----w- c:\program files (x86)\GrabIt

2013-07-05 18:25 . 2013-07-05 18:25 -------- d-----w- c:\program files (x86)\Common Files\Java

2013-07-05 18:25 . 2013-07-05 18:25 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2013-07-05 18:25 . 2013-07-05 18:25 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll

2013-07-05 18:25 . 2013-07-05 18:25 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-07-05 18:25 . 2013-07-05 18:25 -------- d-----w- c:\program files (x86)\Java

2013-07-05 18:00 . 2013-07-05 18:00 -------- d-----w- c:\program files (x86)\HP

2013-07-05 17:55 . 2013-07-05 17:55 -------- d-----w- c:\programdata\UAB

2013-07-05 17:55 . 2013-07-05 17:55 -------- d-----w- c:\programdata\Driver Restore

2013-07-05 17:53 . 2013-07-05 17:53 -------- d-----w- c:\program files (x86)\Driver Restore

2013-07-05 17:42 . 2006-02-03 06:43 3830992 ----a-w- c:\windows\system32\d3dx9_29.dll

2013-07-05 17:31 . 2012-11-10 04:22 126976 ----a-w- c:\windows\system32\RDWebAI.dll

2013-07-05 17:31 . 2012-11-10 04:23 132608 ----a-w- c:\windows\SysWow64\poqexec.exe

2013-07-05 17:31 . 2012-11-10 04:23 148480 ----a-w- c:\windows\system32\poqexec.exe

2013-07-05 17:31 . 2012-11-10 04:22 122880 ----a-w- c:\windows\system32\VmHostAI.dll

2013-07-05 17:31 . 2012-11-10 04:20 135680 ----a-w- c:\windows\system32\appserverai.dll

2013-07-05 17:26 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll

2013-07-05 17:25 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll

2013-07-05 17:21 . 2013-03-02 02:43 1933312 ----a-w- c:\windows\system32\wbem\cimwin32.dll

2013-07-05 17:20 . 2013-04-09 04:51 14267904 ----a-w- c:\windows\system32\wmp.dll

2013-07-05 17:19 . 2013-04-16 02:34 1455368 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-07-05 17:18 . 2013-05-15 02:25 888320 ----a-w- c:\windows\system32\autochk.exe

2013-07-05 17:18 . 2013-05-15 02:25 542208 ----a-w- c:\windows\system32\untfs.dll

2013-07-05 17:18 . 2013-05-15 02:24 793088 ----a-w- c:\windows\SysWow64\autochk.exe

2013-07-05 17:18 . 2013-05-15 02:24 482816 ----a-w- c:\windows\SysWow64\untfs.dll

2013-07-05 17:18 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll

2013-07-05 17:18 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll

2013-07-05 17:18 . 2013-05-30 23:24 1257472 ----a-w- c:\windows\system32\kernel32.dll

2013-07-05 17:18 . 2012-11-26 04:20 86016 ----a-w- c:\windows\system32\ncryptsslp.dll

2013-07-05 17:18 . 2012-11-26 04:21 71168 ----a-w- c:\windows\SysWow64\ncryptsslp.dll

2013-07-05 17:18 . 2013-05-23 23:01 1300992 ----a-w- c:\windows\system32\gdi32.dll

2013-07-05 17:18 . 2013-05-23 22:27 1022464 ----a-w- c:\windows\SysWow64\gdi32.dll

2013-07-05 17:16 . 2013-02-02 05:41 1437184 ----a-w- c:\windows\SysWow64\GdiPlus.dll

2013-07-05 17:15 . 2013-04-28 22:28 915968 ----a-w- c:\windows\system32\uxtheme.dll

2013-07-05 17:10 . 2013-07-20 20:29 -------- d-----w- c:\programdata\Xfire

2013-07-05 17:10 . 2013-07-05 17:09 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2013-07-05 16:48 . 2013-07-05 16:49 -------- d-----w- c:\program files (x86)\Google

2013-07-05 16:45 . 2013-07-05 16:45 -------- d-----w- c:\program files\EA GAMES

2013-07-05 16:43 . 2013-07-21 15:41 -------- d-----w- c:\program files (x86)\Common Files\InstallShield

2013-07-05 16:39 . 2013-07-05 16:39 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin

2013-07-05 16:39 . 2013-07-05 16:39 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin

2013-07-03 17:09 . 2013-07-24 18:06 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared

2013-07-03 16:45 . 2013-07-05 18:02 -------- d-----w- c:\users\Kenny

2013-07-03 15:20 . 2013-07-03 17:07 -------- d--h--r- c:\users\Public\AccountPictures

2013-07-03 15:20 . 2013-07-03 15:20 -------- d-sh--we c:\users\Default\Sjablonen

2013-07-03 15:20 . 2013-07-03 15:20 -------- d-sh--we c:\users\Default\Netwerkprinteromgeving

2013-07-03 15:20 . 2013-07-03 15:20 -------- d-sh--we c:\users\Default\Menu Start

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-07-06 19:38 . 2012-12-28 07:26 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll

2013-07-06 19:38 . 2012-12-28 07:26 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll

2013-07-06 19:38 . 2012-12-28 07:26 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll

2013-07-03 16:45 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}]

c:\users\Kenny\AppData\Local\DefineExt\temp.dat [bU]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-07-05 18:02 222832 ----a-w- c:\users\Kenny\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-07-05 18:02 222832 ----a-w- c:\users\Kenny\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-07-05 18:02 222832 ----a-w- c:\users\Kenny\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Driver Restore"="c:\program files (x86)\Driver Restore\Driver Restore\DriverRestore.exe" [2013-06-25 3967352]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"BtTray"="c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" [2012-09-19 371976]

"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-09-07 581024]

"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-04 642216]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-07-24 345144]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableCursorSuppression"= 1 (0x1)

"ConsentPromptBehaviorUser"= 3 (0x3)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="userinit.exe"

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]

R2 HPConnectedRemote;HP Connected Remote Service;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [x]

R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]

R3 RTL8192cu;%RTL8192cu.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]

R3 SmbDrv;SmbDrv;c:\windows\System32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]

R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]

R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys;c:\program files (x86)\Xfire2\XFDriver64.sys [x]

R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]

S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\System32\drivers\amdkmpfd.sys;c:\windows\SYSNATIVE\drivers\amdkmpfd.sys [x]

S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 AntiVirSchedulerService;Avira Planner;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]

S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]

S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technologie;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service;c:\windows\System32\Drivers\BtAudioBus.sys;c:\windows\SYSNATIVE\Drivers\BtAudioBus.sys [x]

S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;c:\windows\System32\Drivers\BtL2caScoIf.sys;c:\windows\SYSNATIVE\Drivers\BtL2caScoIf.sys [x]

S3 BthLEEnum;Bluetooth Low Energy-stuurprogramma;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]

S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;c:\windows\System32\Drivers\IvtUrbBtFlt.sys;c:\windows\SYSNATIVE\Drivers\IvtUrbBtFlt.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]

S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]

S3 rtbth;RTBTH Bluetooth Device Driver;c:\windows\System32\drivers\rtbth.sys;c:\windows\SYSNATIVE\drivers\rtbth.sys [x]

S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]

S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]

S3 WirelessButtonDriver;HP Wireless Button Driver Service;c:\windows\System32\drivers\WirelessButtonDriver64.sys;c:\windows\SYSNATIVE\drivers\WirelessButtonDriver64.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

apphost REG_MULTI_SZ apphostsvc

iissvcs REG_MULTI_SZ w3svc was

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-07-13 07:58 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-05 16:48]

.

2013-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-05 16:48]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-07-05 18:02 261744 ----a-w- c:\users\Kenny\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-07-05 18:02 261744 ----a-w- c:\users\Kenny\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-07-05 18:02 261744 ----a-w- c:\users\Kenny\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-08-20 1664000]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-09-04 171040]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-09-04 399392]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-09-04 441888]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 195.130.131.1 195.130.130.129

.

- - - - ORPHANS VERWIJDERD - - - -

.

AddRemove-AVG SafeGuard toolbar - c:\program files (x86)\AVG SafeGuard toolbar\UNINSTALL.exe

AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe

AddRemove-Define Ext - c:\users\Kenny\AppData\Local\DefineExt\uninst.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

@SACL=(02 0000)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe

c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe

c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

.

**************************************************************************

.

Voltooingstijd: 2013-07-28 10:21:54 - machine werd herstart

ComboFix-quarantined-files.txt 2013-07-28 08:21

ComboFix2.txt 2013-07-27 19:10

.

Pre-Run: 402 081 734 656 bytes free

Post-Run: 401 849 925 632 bytes free

.

- - End Of File - - C67BE1891DC015444EFFAC9137DC7471

D41D8CD98F00B204E9800998ECF8427E