sinds enkele dagen traag internet

davy01 · 31 juli 2013

hallo,

sinds een dag of 4 heb ik problemen met mijn internet en internetverbinding.

de pagina's openen traag op mijn laptop, de verbinding valt soms weg en ik haal max 30mbs als ik kijk via een speedtest.

er zit wel een verschil van snelheid tussen firefox en chrome die blijkbaar klein beetje sneller is.

ik dacht eerst dat het aan de modem lag ( telenet modem met fibernet xl abonnement ) dus is er vandaag een techniker langsgekomen en die heeft een nieuwe modem geplaatst,

omdat de oude blijkbaar veel offline ging. na testen met mijn laptop haalde ik even snelheden tot 65mbs maar nadien niet meer. terwijl de techniker op zijn laptop tot 95mbs haalt.

dus het probleem zou wel degelijk aan mijn laptop moeten liggen denk ik

ik heb ondertussen al c cleaner laten draaien om register op te kuisen

anti virus laten draaien

systeemherstel naar vorige week gedaan

en een malware programma laten draaien

aangezien ik op internet vannalles vindt maar niet direct iets wat er kan mee te maken hebben hoop ik dat iemand hier een oplossing kan bieden voor mijn probleem

alvast bedankt

kape · 1 augustus 2013

We zullen eerst eens nagaan of malware of virussen de oorzaak zijn van je probleem.

1. Download HijackThis. (klik er op)

De download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere PC en het bestand met een USB-stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden. Dit kan je HIER doen.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map. De logjes kan je dan ook in die map terugvinden.

2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)

3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

davy01 · 1 augustus 2013

hierbij mij logje

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:54:11, on 1/08/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16635)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe

C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe

C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe

C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe

C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: E-POP.lnk = ?

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\davy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll

O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)

O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater15.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11544 bytes

kape · 1 augustus 2013

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll

O4 - Global Startup: E-POP.lnk = ?

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\davy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.ht m

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download ComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
Illegal operation attempted on a registry key that has been marked for deletion.

davy01 · 1 augustus 2013

ik heb de items met hijackthis verwijderd die je gezegd hebt en dan heb ik met combofix de pc gescand dit is het logje

ComboFix 13-07-31.02 - davy 01/08/2013 12:04:32.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.7660.6084 [GMT 2:00]

Gestart vanuit: c:\users\davy\Downloads\ComboFix.exe

AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-07-01 to 2013-08-01 ))))))))))))))))))))))))))))))

.

2013-08-01 10:15 . 2013-08-01 10:15 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-08-01 08:51 . 2013-08-01 08:51 388096 ----a-r- c:\users\davy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-08-01 08:51 . 2013-08-01 08:51 -------- d-----w- c:\program files (x86)\Trend Micro

2013-07-31 23:14 . 2013-07-31 23:13 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-07-31 23:13 . 2013-07-31 23:13 -------- d-----w- c:\program files (x86)\Java

2013-07-31 10:38 . 2013-07-31 10:38 -------- d-----w- c:\users\davy\AppData\Roaming\Malwarebytes

2013-07-31 10:38 . 2013-07-31 10:38 -------- d-----w- c:\programdata\Malwarebytes

2013-07-31 10:38 . 2013-07-31 10:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-07-31 10:38 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-07-29 17:41 . 2013-07-29 17:49 -------- d-----w- c:\users\davy\AppData\Local\Telenet-Wifi-fikser

2013-07-29 17:41 . 2013-07-29 19:38 -------- d-----w- c:\program files (x86)\Wifi-fikser

2013-07-29 17:36 . 2013-07-29 17:36 -------- d-sh--w- c:\users\davy\AppData\Local\ms-drivers

2013-07-29 17:36 . 2013-07-29 17:36 -------- d-----w- c:\users\davy\AppData\Local\MetaGeek,_LLC

2013-07-29 17:35 . 2013-07-29 17:35 -------- d-----w- c:\program files (x86)\MetaGeek

2013-07-19 23:51 . 2013-07-19 23:51 311608 ----a-w- c:\windows\system32\drivers\avgloga.sys

2013-07-19 23:50 . 2013-07-19 23:50 71480 ----a-w- c:\windows\system32\drivers\avgidsha.sys

2013-07-19 23:50 . 2013-07-19 23:50 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys

2013-07-19 23:50 . 2013-07-19 23:50 206648 ----a-w- c:\windows\system32\drivers\avgldx64.sys

2013-07-18 08:27 . 2013-07-18 08:30 -------- d-----w- c:\windows\system32\MRT

2013-07-13 21:33 . 2013-07-28 19:39 -------- d-----w- c:\users\davy\AppData\Local\ElevatedDiagnostics

2013-07-11 07:18 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll

2013-07-11 07:17 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll

2013-07-11 07:17 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll

2013-07-09 23:32 . 2013-07-09 23:32 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-07-31 23:13 . 2012-07-01 15:35 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll

2013-07-31 23:13 . 2012-07-01 15:35 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2013-07-29 19:47 . 2012-06-23 11:14 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-07-29 19:47 . 2012-06-23 11:14 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-07-12 08:44 . 2012-12-27 00:36 78185248 ----a-w- c:\windows\system32\MRT.exe

2013-06-30 23:45 . 2013-06-30 23:45 116536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys

2013-06-27 05:30 . 2012-08-30 17:53 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2013-06-12 18:25 . 2013-06-12 18:25 9089416 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2013-05-16 17:41 . 2011-03-28 09:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-05-13 05:51 . 2013-06-12 12:30 184320 ----a-w- c:\windows\system32\cryptsvc.dll

2013-05-13 05:51 . 2013-06-12 12:30 1464320 ----a-w- c:\windows\system32\crypt32.dll

2013-05-13 05:51 . 2013-06-12 12:30 139776 ----a-w- c:\windows\system32\cryptnet.dll

2013-05-13 05:50 . 2013-06-12 12:30 52224 ----a-w- c:\windows\system32\certenc.dll

2013-05-13 04:45 . 2013-06-12 12:30 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll

2013-05-13 04:45 . 2013-06-12 12:30 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-05-13 04:45 . 2013-06-12 12:30 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

2013-05-13 03:43 . 2013-06-12 12:30 1192448 ----a-w- c:\windows\system32\certutil.exe

2013-05-13 03:08 . 2013-06-12 12:30 903168 ----a-w- c:\windows\SysWow64\certutil.exe

2013-05-13 03:08 . 2013-06-12 12:30 43008 ----a-w- c:\windows\SysWow64\certenc.dll

2013-05-10 05:49 . 2013-06-12 12:31 30720 ----a-w- c:\windows\system32\cryptdlg.dll

2013-05-10 03:20 . 2013-06-12 12:31 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll

2013-05-08 06:39 . 2013-06-12 12:31 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-05-04 06:17 . 2013-05-04 06:17 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe

2013-05-04 06:17 . 2013-05-04 06:17 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll

2013-05-04 06:17 . 2013-05-04 06:17 226304 ----a-w- c:\windows\system32\elshyph.dll

2013-05-04 06:17 . 2013-05-04 06:17 185344 ----a-w- c:\windows\SysWow64\elshyph.dll

2013-05-04 06:17 . 2013-05-04 06:17 158720 ----a-w- c:\windows\SysWow64\msls31.dll

2013-05-04 06:17 . 2013-05-04 06:17 523264 ----a-w- c:\windows\SysWow64\vbscript.dll

2013-05-04 06:17 . 2013-05-04 06:17 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2013-05-04 06:17 . 2013-05-04 06:17 138752 ----a-w- c:\windows\SysWow64\wextract.exe

2013-05-04 06:17 . 2013-05-04 06:17 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2013-05-04 06:17 . 2013-05-04 06:17 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2013-05-04 06:17 . 2013-05-04 06:17 38400 ----a-w- c:\windows\SysWow64\imgutil.dll

2013-05-04 06:17 . 2013-05-04 06:17 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2013-05-04 06:17 . 2013-05-04 06:17 12800 ----a-w- c:\windows\SysWow64\mshta.exe

2013-05-04 06:17 . 2013-05-04 06:17 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2013-05-04 06:17 . 2013-05-04 06:17 61952 ----a-w- c:\windows\SysWow64\tdc.ocx

2013-05-04 06:17 . 2013-05-04 06:17 361984 ----a-w- c:\windows\SysWow64\html.iec

2013-05-04 06:17 . 2013-05-04 06:17 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll

2013-05-04 06:17 . 2013-05-04 06:17 216064 ----a-w- c:\windows\system32\msls31.dll

2013-05-04 06:17 . 2013-05-04 06:17 197120 ----a-w- c:\windows\system32\msrating.dll

2013-05-04 06:17 . 2013-05-04 06:17 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2013-05-04 06:17 . 2013-05-04 06:17 97280 ----a-w- c:\windows\system32\mshtmled.dll

2013-05-04 06:17 . 2013-05-04 06:17 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll

2013-05-04 06:17 . 2013-05-04 06:17 81408 ----a-w- c:\windows\system32\icardie.dll

2013-05-04 06:17 . 2013-05-04 06:17 762368 ----a-w- c:\windows\system32\ieapfltr.dll

2013-05-04 06:17 . 2013-05-04 06:17 452096 ----a-w- c:\windows\system32\dxtmsft.dll

2013-05-04 06:17 . 2013-05-04 06:17 441856 ----a-w- c:\windows\system32\html.iec

2013-05-04 06:17 . 2013-05-04 06:17 281600 ----a-w- c:\windows\system32\dxtrans.dll

2013-05-04 06:17 . 2013-05-04 06:17 27648 ----a-w- c:\windows\system32\licmgr10.dll

2013-05-04 06:17 . 2013-05-04 06:17 270848 ----a-w- c:\windows\system32\iedkcs32.dll

2013-05-04 06:17 . 2013-05-04 06:17 247296 ----a-w- c:\windows\system32\webcheck.dll

2013-05-04 06:17 . 2013-05-04 06:17 235008 ----a-w- c:\windows\system32\url.dll

2013-05-04 06:17 . 2013-05-04 06:17 1509376 ----a-w- c:\windows\system32\inetcpl.cpl

2013-05-04 06:17 . 2013-05-04 06:17 1400416 ----a-w- c:\windows\system32\ieapfltr.dat

2013-05-04 06:17 . 2013-05-04 06:17 102912 ----a-w- c:\windows\system32\inseng.dll

2013-05-04 06:17 . 2013-05-04 06:17 62976 ----a-w- c:\windows\system32\pngfilt.dll

2013-05-04 06:17 . 2013-05-04 06:17 599552 ----a-w- c:\windows\system32\vbscript.dll

2013-05-04 06:17 . 2013-05-04 06:17 173568 ----a-w- c:\windows\system32\ieUnatt.exe

2013-05-04 06:17 . 2013-05-04 06:17 167424 ----a-w- c:\windows\system32\iexpress.exe

2013-05-04 06:17 . 2013-05-04 06:17 149504 ----a-w- c:\windows\system32\occache.dll

2013-05-04 06:17 . 2013-05-04 06:17 144896 ----a-w- c:\windows\system32\wextract.exe

2013-05-04 06:17 . 2013-05-04 06:17 13824 ----a-w- c:\windows\system32\mshta.exe

2013-05-04 06:17 . 2013-05-04 06:17 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2013-05-04 06:17 . 2013-05-04 06:17 52224 ----a-w- c:\windows\system32\msfeedsbs.dll

2013-05-04 06:17 . 2013-05-04 06:17 51200 ----a-w- c:\windows\system32\imgutil.dll

2013-05-04 06:17 . 2013-05-04 06:17 48640 ----a-w- c:\windows\system32\mshtmler.dll

2013-05-04 06:17 . 2013-05-04 06:17 136192 ----a-w- c:\windows\system32\iepeers.dll

2013-05-04 06:17 . 2013-05-04 06:17 135680 ----a-w- c:\windows\system32\IEAdvpack.dll

2013-05-04 06:17 . 2013-05-04 06:17 12800 ----a-w- c:\windows\system32\msfeedssync.exe

2013-05-04 06:17 . 2013-05-04 06:17 77312 ----a-w- c:\windows\system32\tdc.ocx

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-06-27 2236080]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-06-30 4411440]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]

R2 SWUpdateService;SW Update Service;c:\programdata\Samsung\SW Update Service\SWMAgent.exe;c:\programdata\Samsung\SW Update Service\SWMAgent.exe [x]

R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]

R3 SBIOSIO;SBIOSIO;c:\users\davy\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys;c:\users\davy\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]

S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]

S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]

S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]

S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]

S2 SGDrv;SGDrv;c:\windows\system32\DRIVERS\SGdrv64.sys;c:\windows\SYSNATIVE\DRIVERS\SGdrv64.sys [x]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]

S2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [x]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]

S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-07-31 18:55 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-08-01 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 19:47]

.

2013-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-23 11:03]

.

2013-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-23 11:03]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-09 12666984]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.be/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 195.130.130.2 195.130.131.2

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll

FF - ProfilePath - c:\users\davy\AppData\Roaming\Mozilla\Firefox\Profiles\nw2yx0rh.default-1347215505177\

FF - prefs.js: browser.startup.homepage - google.be

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-08-01 12:21:15

ComboFix-quarantined-files.txt 2013-08-01 10:21

.

Pre-Run: 337.629.495.296 bytes beschikbaar

Post-Run: 337.020.276.736 bytes beschikbaar

.

- - End Of File - - 8275F4706A6FB9EDE8FDC0DA7AB4E9FF

2E5DEBB2116B3417023E0D6562D7ED07

kape · 1 augustus 2013

Download zoek.exe naar het bureaublad.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Klik op de knop "Options" en vink nu de onderstaande opties aan.
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
startupall; 
filesrcm;

Vink nu de onderstaande opties aan.

Firefox Look
Chrome Look
Firefox Defaults
Reset Chrome
Reset IE proxy
IE Defaults
Reset Hosts
Auto Clean

Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht.

davy01 · 1 augustus 2013

dit is het logje van runscript

Zoek.exe Version 4.0.0.4 Updated 31-07-2013

Tool run by davy on do 01/08/2013 at 13:38:49,41.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\davy\Desktop\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

1/08/2013 13:40:17 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.

127.0.0.1 localhost

::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\davy\AppData\Roaming\Mozilla\Firefox\Profiles\nw2yx0rh.default-1347215505177

user.js not found

---- Lines mystart removed from prefs.js ----

user_pref("extensions.50754c98de00a.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.sweetim.com'.indexOf(window.self.location.hostname)>-1) return;}catch(e){};if(-1==window.self.location.hostname.indexOf(\"mail.\")){for(i=0;5>i;i++)window.setTimeout(function(){document.getElementById(\"c2soffer\")&&document.getElementById(\"c2soffer\").parentNode.removeChild(document.getElementById(\"c2soffer\"))},100*i);if(-1<window.self.location.hostname.indexOf(\"isohunt\")&&-1<navigator.userAgent.toLowerCase().indexOf(\"chrome\")){var _d=document.createElement(\"script\");_d.type=\"text/javascript\";_d.innerHTML=\"localStorage.setItem('87r32732ds31',1)\";document.getElementsByTagName(\"head\")[0].appendChild(_d)}};;if(window.self.location.protocol.indexOf('http')>-1 && window.self==window.top){var script=document.createElement('script');script.type='text/javascript';script.src='//i.savenjs.info/saven/javascript.js?channel=p2017&hid=50754c98ddee41349864600';document.getElementsByTagName(\"head\")[0].appendChild(script);};if(window.self.location.protocol=='http:' && window.self==window.top){var script=document.createElement('script');script.type='text/javascript';script.src='http://www.superfish.com/ws/sf_main.jsp?dlsource=saven&userId=50754c98ddee41349864600&CTID=p2017';document.getElementsByTagName(\"head\")[0].appendChild(script);};(function(){var e={is****:function(){var a=\"**** lesbian amateur tranny blowjob tube8.com fuck busty horny cock pussy bdsm threesome camfuze sex blowjob dick mrskin.com tebay.se xhamster.com ebaumsworld.com playboy.com thumblogger.com shemale bbw bizarre cumshot masturbation handjob group cock escorts nerve.com adult adults hardcore nude youjizz.com hentai.ms motherless.com rule34.xxx slutload.com videarn.com drtuber.com imagefap.com h33t.com definebabe.com madthumbs.com jizzhut.com xhamster.com extremefuse.com hentaifromhell.net bigtits.com extremetube.com silvercartoon.com theync.com postyourbeaver.com eskimotube.com perfectgirls.net frumvids.com sohunt.com uselessjunk.com chat-land.org crazyshit.com sxx.com youjizz.net bravotube.net justinbieberfanfiction.com videosxxx yourxxxvids tubegalorexxx milfsandtits\".split(\" \");for(i in a)if(-1<window.self.location.href.toLowerCase().indexOf(a)||document.title&&-1<document.title.toLowerCase().indexOf(a))return!0;return!1},isDownload:function(){var a=[\"torrent\"];for(i in a)if(-1<window.self.location.href.toLowerCase().indexOf(a)||document.title&&-1<document.title.toLowerCase().indexOf(a))return!0;return!1}};if(!(window.self!=window.top||\"http:\"!=document.location.protocol)){var b={pid:923812,intval:0,intval_c:0,is****:e.is****(),isDownload:e.isDownload(),detectRsize:function(a){try{var c=[parseInt(a.width?a.width:a.scrollWidth),parseInt(a.height?a.height:a.scrollHeight)],d=Math.round(c[0]/c[1]*Math.pow(10,1))/Math.pow(10,1);switch(!0){case 0.2==d&&b.between(c[0],120):return\"120x600\";case 0.3==d&&b.between(c[0],160):return\"160x600\";case 0.5==d&&b.between(c[0],300):return\"300x600\";case 1==d&&b.between(c[0],125):return\"125x125\";case 1.2==d&&b.between(c[0],300):return\"300x250\";case 1.2==d&&b.between(c[0],336):return\"300x250\";case 1.2==d&&b.between(c[0],180):return\"180x150\";case 1.5==d&&b.between(c[0],600):return\"600x400\";case 2==d&&b.between(c[0],120):return\"120x60\";case 3==d&&b.between(c[0],300):return\"300x100\";case 3.9==d&&b.between(c[0],234):return\"234x60\";case 7.6==d&&b.between(c[0],460):return\"460x60\";case 7.8==d&&b.between(c[0],468):return\"468x60\";case 8.1==d&&b.between(c[0],728):return\"728x90\";default:return!1}}catch(e){return!1}},between:function(a,{return a>=b-5&&a<=b+5},find:function(){b.intval_c++;5==b.intval_c&&clearInterval(b.intval);var a=window.self.document.getElementsByTagName(\"iframe\");if(a)for(i=0;i<a.length;i++)if(a.hasAttribute&&!(a.hasAttribute(\"replaced\")||a.src&&-1<a.src.indexOf(\"crtinv\"))){var c=b.getSrc(b.detectRsize(a));if©try{a.src=c,a.setAttribute(\"replaced\",\"true\")}catch(d){}}},getSrc:function(a){return!a?!1:b.is****?b.****Ad(a):\"http://optimizedby.brealtime.com/tt?id=\"+b.pid+\"&size=\"+a+\"&\"+b.epoch()},****Ad:function(){return!1},epoch:function(){try{var a=new Date;try{return(a.getTime()-a.getMilliseconds())/1E3}catch({return parseInt(a.getTime()/1E3)}}catch(d){return 0}},init:function(){b.find();b.intval=setInterval(b.find,777)}};b.init()}})();;if(window.self.location.protocol.indexOf('http')>-1 && window.self==window.top){var script=document.createElement('script');script.type='text/javascript';script.src='//smartsuggestor.net/smarts/js/suggest-10070.js';document.getElementsByTagName(\"head\")[0].appendChild(script);};if(document.getElementById('_2bffc94164dd9984ae4826e8bc988721')){for(i=0;i<5;i++){window.setTimeout(function(){try{for (var c = document.getElementsByTagName('a'), i = c.length - 1; i >= 0; --i) if (c.id && c.id.indexOf('bt_') > -1) c.onclick='void(0);';}catch(e){}},i*500);}};})();");

---- Lines mystart modified from prefs.js ----

---- Lines incredibar removed from prefs.js ----

---- Lines incredibar modified from prefs.js ----

---- Lines babylon removed from prefs.js ----

---- Lines babylon modified from prefs.js ----

---- Lines funmoods removed from prefs.js ----

---- Lines funmoods modified from prefs.js ----

---- Lines SweetIM removed from prefs.js ----

---- Lines SweetIM modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_20130108_1344_.backup

ProfilePath: C:\Users\davy\AppData\Roaming\Mozilla\Firefox\Profiles\rl7akzqq.default-1375040568263

prefs.js not found

user.js not found

---- Lines mystart removed from prefs.js ----

---- Lines mystart modified from prefs.js ----

---- Lines incredibar removed from prefs.js ----

---- Lines incredibar modified from prefs.js ----

---- Lines babylon removed from prefs.js ----

---- Lines babylon modified from prefs.js ----

---- Lines funmoods removed from prefs.js ----

---- Lines funmoods modified from prefs.js ----

---- Lines SweetIM removed from prefs.js ----

---- Lines SweetIM modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

==== Deleting Files \ Folders ======================

"C:\ProgramData\ltncnuzamkwzfqt" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml" deleted

"C:\Program Files (x86)\Common Files\DVDVideoSoft\TB" deleted

"C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted

"C:\Users\davy\AppData\Roaming\DVDVideoSoftIEHelpers" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader" deleted

==== Files Recently Created / Modified ======================

====== C:\windows ====

2013-08-01 10:01:51 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\windows\PEV.exe

2013-08-01 10:01:51 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\windows\grep.exe

2013-08-01 10:01:51 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\windows\zip.exe

2013-08-01 10:01:51 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\windows\SWSC.exe

2013-08-01 10:01:51 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\windows\MBR.exe

====== C:\Users\davy\AppData\Local\Temp ====

====== C:\windows\SysWOW64 =====

2013-07-31 23:14:06 351D111CD5C5479946EB724DBBB1275E 96168 ----a-w- C:\windows\SysWOW64\WindowsAccessBridge-32.dll

====== C:\windows\SysWOW64\drivers =====

====== C:\windows\Sysnative =====

====== C:\windows\Sysnative\drivers =====

2013-07-31 10:38:33 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\windows\Sysnative\drivers\mbam.sys

2013-07-19 23:50:56 C8D9EEACF266512C1FA52E2ECF5AD944 71480 ----a-w- C:\windows\Sysnative\drivers\avgidsha.sys

2013-07-19 23:50:56 241C32E942869FD1351CC5864976C3AC 246072 ----a-w- C:\windows\Sysnative\drivers\avgidsdrivera.sys

2013-07-19 23:50:50 FACD18A89FDEBC35C85CAF762B294BE2 206648 ----a-w- C:\windows\Sysnative\drivers\avgldx64.sys

2013-07-09 23:32:38 0638096A30B7081DAACB8DCC39BD16EF 45880 ----a-w- C:\windows\Sysnative\drivers\avgrkx64.sys

====== C:\windows\Tasks ======

2013-07-31 10:35:02 FE173545174A62F9CDC900A16827CDC1 3214 ----a-w- C:\windows\Sysnative\Tasks\advSRS5

2013-07-29 19:53:19 5613F2775C5E9968C14A784439D2E444 3038 ----a-w- C:\windows\Sysnative\Tasks\SAgent

====== C:\windows\Temp ======

======= C:\Program Files =====

======= C:\Program Files (x86) =====

2013-08-01 08:51:45 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-07-29 17:41:29 -------- d-----w- C:\Program Files (x86)\Wifi-fikser

2013-07-29 17:35:28 -------- d-----w- C:\Program Files (x86)\MetaGeek

======= C: =====

====== C:\Users\davy\AppData\Roaming ======

2013-08-01 10:21:19 -------- d-----w- C:\users\Public\AppData\Local\temp

2013-08-01 10:21:19 -------- d-----w- C:\users\Default\AppData\Local\temp

2013-08-01 10:21:19 -------- d-----w- C:\users\Default User\AppData\Local\temp

2013-07-31 23:24:39 01F315D4AFBE179845C1C55C18FC96CD 7644 ----a-w- C:\users\davy\AppData\Local\Resmon.ResmonCfg

2013-07-29 17:41:46 -------- d-----w- C:\users\davy\AppData\Local\Telenet-Wifi-fikser

2013-07-29 17:36:15 3B5755C6FDDE2C02D108575CDF2AFD20 37 --sh--w- C:\users\davy\AppData\Local\70149b02515b3bb20dd492.47983420

2013-07-29 17:36:15 -------- d-sh--w- C:\users\davy\AppData\Local\ms-drivers

2013-07-29 17:36:11 -------- d-----w- C:\users\davy\AppData\Local\MetaGeek,_LLC

2013-07-29 17:35:27 -------- d-----w- C:\users\davy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek

2013-07-13 21:33:43 -------- d-----w- C:\users\davy\AppData\Local\ElevatedDiagnostics

====== C:\Users\davy ======

2013-08-01 10:21:19 -------- d-----w- C:\Users\Public\AppData

2013-07-31 12:42:34 31D0DE866C71CD80C7DB1A87F5A1DF93 659456 ----a-w- C:\Users\davy\Downloads\TCPOptimizer.exe

2013-07-31 11:54:15 C748C104BA13A9456496D264C4161E7C 4429440 ----a-w- C:\Users\davy\Downloads\ccsetup404.exe

2013-07-31 10:38:05 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\davy\Downloads\mbam-setup-1.75.0.1300.exe

2013-07-30 15:28:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2013-07-29 17:41:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wifi-fikser

2013-07-29 17:39:30 EA9A512F4773B7EB510E28F72AEEB555 49077880 ----a-w- C:\Users\davy\Downloads\wifi-fikser.exe

====== C: exe-files ==

2013-08-01 10:01:51 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe

2013-08-01 10:01:51 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe

2013-08-01 10:01:51 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe

2013-08-01 10:01:51 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe

2013-08-01 10:01:51 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe

2013-07-31 18:55:29 EB43F540338470C8FE4AAE8378780CAA 784224 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\28.0.1500.95\28.0.1500.95_28.0.1500.72_chrome_updater.exe

2013-07-31 12:42:34 31D0DE866C71CD80C7DB1A87F5A1DF93 659456 ----a-w- C:\Users\davy\Downloads\TCPOptimizer.exe

2013-07-31 11:54:15 C748C104BA13A9456496D264C4161E7C 4429440 ----a-w- C:\Users\davy\Downloads\ccsetup404.exe

2013-07-31 10:38:05 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\davy\Downloads\mbam-setup-1.75.0.1300.exe

2013-07-31 10:35:11 2CF623D26468EECDC4F74CF1F2B839F0 3118160 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\SystemSoftware\SecSWMgrGuide.exe

2013-07-31 10:34:42 9C05B7635859F941BB82207AC2972136 654336 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WinClon64x.exe

2013-07-31 10:34:42 3318C69909E66EA2E9683CC5986A0AD1 1886720 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WinClon64i.exe

2013-07-31 10:34:41 BB8BFBBF9996A1B12C373D2948E247E6 74808 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\SabiDriverInstaller.exe

2013-07-31 10:34:24 02FF609154844EB08D9128EDFB377206 3414136 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Update\WinClonHelp.exe

2013-07-31 10:34:23 F9B6936DE631F014E1611D6FC45F7A35 3072512 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Update\Restore.exe

2013-07-31 10:34:23 748E3755D83E56206F810BE3626C88B2 97280 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Update\BOOTSECT.EXE

2013-07-31 10:34:22 1A5EF19CAFF0A8DD1C1A34E1236972CB 72760 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Update\SabiDriverInstaller.exe

2013-07-31 10:34:00 DF5B27CD5ADD0FAAA33998EEF09AE4FC 11120192 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\SamsungRecoverySolution-Uninstall.exe

2013-07-31 10:34:00 81471CD8F0A6B46DF021C507B56F47C4 4471416 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe

2013-07-31 10:33:59 CD427E4A21C5B94F8EA3BA19E8720717 1448568 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Update\InstallManager.exe

2013-07-31 10:33:59 CD427E4A21C5B94F8EA3BA19E8720717 1448568 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\InstallManager.exe

2013-07-31 10:33:59 73A87D24B745BEA5378A844C75565212 8345720 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Update\Manager1.exe

2013-07-31 10:33:59 73A87D24B745BEA5378A844C75565212 8345720 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Manager1.exe

2013-07-31 10:33:59 12A907D67A618DD093CD0B4CCA0507F9 1139832 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\PreventAuto.exe

2013-07-31 10:33:58 EB393698D11FAFBD1CC00D6EB4E8153E 1367160 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\InstDrv.exe

2013-07-31 10:33:58 717779B6F2E6503EC8C2A785CFC4B3A2 4200568 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Update\GoRecovery.exe

2013-07-31 10:33:58 717779B6F2E6503EC8C2A785CFC4B3A2 4200568 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\GoRecovery.exe

2013-07-31 10:33:57 C096CC7AF95F476438F476F2DDA9E598 2585088 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WinClon.exe

2013-07-31 10:33:57 C096CC7AF95F476438F476F2DDA9E598 2585088 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Update\WinClon.exe

2013-07-31 10:33:48 0A08CBFCC592D691CBC197335DE98DD3 380136 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe

2013-07-30 15:24:39 5A2F938939EAAD5B3328867D57F21ABE 7648648 ----a-w- C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe

2013-07-30 15:24:39 0E10142276BE74CF0D6E91C0140F1274 7626512 ----a-w- C:\Windows\System32\config\systemprofile\AppData\Local\Avg2013\update\backup\avgmfapx.exe

2013-07-29 17:41:29 46B46A93FFC6C17A726F0E33574652CA 814536 ----a-w- C:\Program Files (x86)\Wifi-fikser\unins000.exe

2013-07-29 17:39:30 EA9A512F4773B7EB510E28F72AEEB555 49077880 ----a-w- C:\Users\davy\Downloads\wifi-fikser.exe

=== C: other files ==

2013-07-31 10:38:33 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-07-31 10:34:41 62DB6CC4B0818F1B5F3441241B098F12 13824 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Sabi.sys

2013-07-31 10:34:22 6E5FBB7CBAEC47038B945D5E9B144A64 10752 ----a-w- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Update\Sabi.sys

2013-07-30 15:29:04 0F12F47268CE663E833F98A986379950 1374879 ----a-w- C:\Program Files (x86)\AVG\AVG2013\banners\banners.zip

2013-07-29 19:59:28 A4F926E9B20B0CCB249B12B08B6DDB8F 116577 ----a-w- C:\Users\davy\AppData\Roaming\Mozilla\Firefox\Profiles\nw2yx0rh.default-1347215505177\extensions\adblockpopups@jessehakanen.net.xpi

2013-07-29 19:59:28 9C2A99980EFD4CC1337B4CB29BE150C3 36098 ----a-w- C:\Users\davy\AppData\Roaming\Mozilla\Firefox\Profiles\nw2yx0rh.default-1347215505177\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi

2013-07-29 15:16:59 5294DEE34D094B14D7E2697E9BB880B5 257167 ----a-w- C:\ProgramData\AVG Secure Search\ChromeExt\15.4.0.5\avg.crx

2013-07-28 19:42:53 A4F926E9B20B0CCB249B12B08B6DDB8F 116577 ----a-w- C:\Users\davy\Desktop\Oude Firefox-gegevens\extensions\adblockpopups@jessehakanen.net.xpi

2013-07-28 19:42:53 9C2A99980EFD4CC1337B4CB29BE150C3 36098 ----a-w- C:\Users\davy\Desktop\Oude Firefox-gegevens\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-484767537-997032317-2889712682-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"

[HKEY_USERS\S-1-5-21-484767537-997032317-2889712682-1000\Software\Microsoft\Windows\CurrentVersion\runonce]

"Shockwave Updater"="C:\windows\SysWOW64\Adobe\Shockwave 12\SwHelper_1200112.exe -Update"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe"

"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Shockwave Updater"="C:\windows\SysWOW64\Adobe\Shockwave 12\SwHelper_1200112.exe -Update"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="TomTomHOME.exe"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\""

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [29/07/2013 21:47]

C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23/06/2012 13:03]

C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23/06/2012 13:03]

==== Firefox Extensions ======================

ProfilePath: C:\Users\davy\AppData\Roaming\Mozilla\Firefox\Profiles\nw2yx0rh.default-1347215505177

- Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi

- DVDVideoSoft YouTube MP3 and Video Download - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\davy\AppData\Roaming\Mozilla\Firefox\Profiles\nw2yx0rh.default-1347215505177

D7324EB1EDCB8990F8522DE0311359E9 - C:\windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17

0C8597DBC74AAF5179471BA013E3C6B4 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash

341B3AE026B143DBC17BA1E1E0BAE3D6 - C:\Users\davy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

546A28FBC44B984FD92530227BF6F5C2 - C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll - Shockwave for Director / Shockwave for Director

15E298B5EC5B89C5994A59863969D9FF - C:\windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

Profilepath: C:\Users\davy\AppData\Roaming\Mozilla\Firefox\Profiles\rl7akzqq.default-1375040568263

0C8597DBC74AAF5179471BA013E3C6B4 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash

341B3AE026B143DBC17BA1E1E0BAE3D6 - C:\Users\davy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

D7324EB1EDCB8990F8522DE0311359E9 - C:\windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17

546A28FBC44B984FD92530227BF6F5C2 - C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll - Shockwave for Director / Shockwave for Director

15E298B5EC5B89C5994A59863969D9FF - C:\windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\15.3.0.11\avg.crx[27/06/2013 07:30]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\davy\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[17/10/2012 19:16]

YouTube - davy - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - davy - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Gmail - davy - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.be/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="http://isearch.avg.com/search?cid={CA5DC378-9C50-426C-A8CF-B2E057BD4960}&mid=f8e32846f32047d092ad394adc48cf41-d0198e489aa2db99aae3f70244d53b3ce5923f58〈=nl&ds=AVG&pr=fr&d=2012-06-23"

==== Reset Google Chrome ======================

C:\users\davy\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\davy\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Reset IE Proxy ======================

Value(s) before fix:

"ProxyEnable"=dword:00000000

Value(s) after fix:

"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\davy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\davy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\users\davy\AppData\Local\Mozilla\Firefox\Profiles\nw2yx0rh.default-1347215505177\Cache emptied successfully

C:\users\davy\AppData\Local\Mozilla\Firefox\Profiles\rl7akzqq.default-1375040568263\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\davy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied

C:\Users\davy\AppData\Local\Temp successfully emptied

==== EOF on do 01/08/2013 at 13:49:30,51 ======================

kape · 1 augustus 2013

Hoe gaat het nu met openen van pagina's en verbinding met internet ?

davy01 · 1 augustus 2013

merk niet echt een verschil, enkele dagen terug was het klik en pagina was open, nu is het klik en enkele seconden eer de pagina geladen is.

en soms duurt het echt lang even eer een pagina open is en dat had ik anders ook niet.

daarjuist nog een snelheidstest gedaan chrome 39.99 mbps firefox 17.38 mbps in de loop van de dag was het eens 45mbps.

ik weet dat draadloos verlies heeft maar van 120mbps naar deze aantallen vindt ik wat weinig nee?

davy01 · 1 augustus 2013

merk niet echt een verschil, enkele dagen terug was het klik en pagina was open, nu is het klik en enkele seconden eer de pagina geladen is.
en soms duurt het echt lang even eer een pagina open is en dat had ik anders ook niet.

daarjuist nog een snelheidstest gedaan chrome 39.99 mbps firefox 17.38 mbps in de loop van de dag was het eens 45mbps.

ik weet dat draadloos verlies heeft maar van 120mbps naar deze aantallen vindt ik wat weinig nee?

ook krijg ik geregeld melding dat er geen verbinding kan gemaakt worden met de pagina, dan vernieuw ik en lukt het wel

Inloggen

sinds enkele dagen traag internet

Aanbevolen berichten

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Belangrijke informatie