Mededeling

Collapse
No announcement yet.

verplaatst uit forum windows7

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • verplaatst uit forum windows7

    zZou iemand kunnen kijken naar dit dds bestand, ik heb een soort ratelende computer.Het is niet de harde schijf maar het lijkt erop dat er allemaal bestanden werken waarvan ik niks van weet.
    DE computer is traag .
    Alvast bedankt.






    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
    Run by anja vink at 21:44:40 on 2013-07-16
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3063.1554 [GMT 2:00]
    .
    AV: Norman Security Suite *Disabled/Updated* {D038CA80-26F3-90BF-94AA-03C4D945E661}
    SP: Norman Security Suite *Disabled/Updated* {6B592B64-00C9-9F31-AE1A-38B6A2C2ACDC}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Norman Security Suite *Disabled* {E8034BA5-6C9C-91E7-BFF5-AAF12796A11A}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Program Files\Norman\Npm\Bin\elogsvc.exe
    C:\Program Files\Norman\Ngs\Bin\Nnf.exe
    C:\Program Files\Norman\Ngs\Bin\Nprosec.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Program Files\Norman\Npm\Bin\Zanda.exe
    C:\Program Files\Norman\npm\bin\nvoy.exe
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Prey\platform\windows\cronsvc.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
    C:\Program Files\Norman\Npt\Bin\Npsvc32.exe
    c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Bandoo\Bandoo.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files\Norman\Npm\Bin\scheduler.exe
    C:\Program Files\Norman\Npm\Bin\Njeeves.exe
    C:\Program Files\Norman\nig\bin\nigsvc32.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    C:\Program Files\Norman\Npm\Bin\zlh.exe
    C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    C:\Program Files\AirPort\APAgent.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
    C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
    C:\Program Files\Samsung\Kies\Kies.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Norman\nig\bin\niguser.exe
    C:\Program Files\Norman\npf\bin\npfsvc32.exe
    C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files\Nero\Update\NASvc.exe
    C:\Program Files\Norman\Nse\Bin\NSESVC.EXE
    C:\Program Files\Norman\Nvc\Bin\nvcoas.exe
    C:\Program Files\Norman\Nvc\bin\nhs.exe
    C:\Program Files\Norman\Nvc\Bin\cclaw.exe
    C:\Program Files\Bandoo\BndCore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Windows\System32\svchost.exe -k secsvcs
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.startpagina.nl/
    uSearch Bar = hxxp://www.bing.com/search?q={searchTerms}
    uSearch Page = hxxp://www.bing.com/search?q={searchTerms}
    uDefault_Page_URL = hxxp://www.aldi.com
    uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
    mURLSearchHooks: {b80f591e-fe9a-46cf-a13e-180377240586} - <orphaned>
    BHO: URL Blocker: {00e71626-0bef-11dc-8314-0800200c9a66} - c:\program files\norman\nig\bin\nigbho.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\ConduitEngine.dll
    BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: {b80f591e-fe9a-46cf-a13e-180377240586} - <orphaned>
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    BHO: BandooIEPlugin Class: {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - c:\program files\bandoo\plugins\ie\ieplugin.dll
    TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\ConduitEngine.dll
    TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\ConduitEngine.dll
    TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
    uRun: [Java(TM) Platform SEHKCU] c:\users\anja vink\appdata\roaming\system32\taskmgr.exe
    uRun: [NETGEARGenie] "c:\program files\netgear genie\bin\NETGEARGenie.exe" -mini -redirect
    uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
    uRun: c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
    uRun: [RIMDeviceManager] c:\program files\common files\research in motion\rimdevicemanager\RIMDeviceManager.exe" -RunServer
    mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
    mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
    mRun: [NUSB3MON] "c:\program files\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
    mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"
    mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
    mRun: [Norman ZANDA] "c:\program files\norman\npm\bin\ZLH.EXE" /LOAD /SPLASH
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
    mRun: [AirPort Base Station Agent] "c:\program files\airport\APAgent.exe"
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    StartupFolder: c:\users\anjavi~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
    StartupFolder: c:\users\anjavi~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
    TCP: NameServer = 10.0.0.1
    TCP: Interfaces\{732048A9-7E8D-428F-9AF3-D5BE1F66BC7A} : DHCPNameServer = 10.0.0.1
    TCP: Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB} : DHCPNameServer = 10.0.0.1
    TCP: Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB}\E45445745414251343 : DHCPNameServer = 192.168.1.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs= c:\progra~1\bandoo\bndhook.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.72\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\anja vink\appdata\roaming\mozilla\firefox\profiles\c7a3kp0r.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\common files\nero\browserplugin\npBrowserPlugin.dll
    FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
    FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    P2 NPFSvc32;Norman Personal Firewall Service;c:\program files\norman\npf\bin\npfsvc32.exe [2012-6-11 356904]
    R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2013-4-30 102448]
    R1 ALE_NF;Norman Network Filter ALE driver;c:\windows\system32\drivers\ale_nf.sys [2011-7-13 99088]
    R1 NGS;Norman General Security Driver;c:\program files\norman\ngs\bin\ngs.sys [2012-6-11 26744]
    R1 NPROSEC;Norman Security driver;c:\program files\norman\ngs\bin\nprosec.sys [2011-7-13 91136]
    R1 RapportCerberus_53984;RapportCerberus_53984;c:\programdata\trusteer\rapport\store\exts\rapportcerber us\53984\RapportCerberus32_53984.sys [2013-6-23 317424]
    R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2013-4-30 103120]
    R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2013-4-30 174320]
    R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-5-27 176128]
    R2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [2012-11-29 23552]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2010-8-30 13336]
    R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2012-7-13 769432]
    R2 Ndiskio;Ndiskio;c:\program files\norman\nse\bin\ndiskio.sys [2011-7-13 22880]
    R2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:\program files\netgear genie\bin\NETGEARGenieDaemon.exe [2012-9-25 195400]
    R2 NHS;Norman Hash Server;c:\program files\norman\nvc\bin\nhs.exe [2013-2-12 793520]
    R2 NNFSVC;Norman Network Filtering service;c:\program files\norman\ngs\bin\nnf.exe [2012-6-11 231216]
    R2 Norman ZANDA;Norman ZANDA;c:\program files\norman\npm\bin\zanda.exe [2012-6-11 431320]
    R2 NPROSECSVC;Norman Security service;c:\program files\norman\ngs\bin\nprosec.exe [2012-6-11 90144]
    R2 npsvc32;Norman Privacy Service;c:\program files\norman\npt\bin\npsvc32.exe [2012-6-11 475864]
    R2 nregsec;Norman Registry Security driver;c:\program files\norman\ngs\bin\nregsec.sys [2012-6-11 61496]
    R2 NVOY;Norman Resource Provider;c:\program files\norman\npm\bin\nvoy.exe [2012-6-11 100936]
    R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2013-4-30 1124632]
    R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-10-2 3064000]
    R3 NIG;Norman Intrusion Guard;c:\program files\norman\nig\bin\nigsvc32.exe [2012-6-11 373424]
    R3 nsesvc;Norman Scanner Engine Service;c:\program files\norman\nse\bin\nsesvc.exe [2013-4-4 289048]
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-4-27 64904]
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-4-27 146568]
    R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcv32mf.sys [2012-9-12 48376]
    R3 nvcoas;Norman Virus Control on-access component;c:\program files\norman\nvc\bin\nvcoas.exe [2012-7-4 287312]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-8-30 267880]
    R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2010-11-25 603240]
    R3 Scheduler;Norman Scheduler Service;c:\program files\norman\npm\bin\scheduler.exe [2012-6-11 99312]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-2-6 83864]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-4-7 39272]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
    S3 netr73;Conceptronic RT73 stuurprogramma voor draadloze netwerken voor Vista;c:\windows\system32\drivers\netr73.sys [2009-6-10 545792]
    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-2-6 181784]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-3 52224]
    S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-11-30 1343400]
    S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
    .
    =============== Created Last 30 ================
    .
    2013-07-16 19:25:54 -------- d-----w- c:\users\anja vink\appdata\local\{A6759BA2-E827-4414-859F-2B08A164C68A}
    2013-07-16 15:38:15 7143960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{41356c8e-63f5-4561-afae-9de472586b6f}\mpengine.dll
    2013-07-15 15:01:04 -------- d-----w- c:\users\anja vink\appdata\local\{63E2C08E-0B13-4FF5-9D10-D944EA63108D}
    2013-07-14 08:48:41 -------- d-----w- c:\users\anja vink\appdata\local\{E9AB98DB-4AA2-48AE-AC2E-32AFFC43C5CD}
    2013-07-13 09:23:41 -------- d-----w- c:\users\anja vink\appdata\local\{724459EB-D9F2-4142-83EE-DC606E04631B}
    2013-07-12 21:23:16 -------- d-----w- c:\users\anja vink\appdata\local\{B82DA318-CEF7-4083-A466-BD29DEFD7DDA}
    2013-07-12 09:22:50 -------- d-----w- c:\users\anja vink\appdata\local\{53BDA561-B884-46AE-BFC8-6D30F97A3B45}
    2013-07-11 20:54:23 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL
    2013-07-11 20:54:23 1247744 ----a-w- c:\windows\system32\DWrite.dll
    2013-07-11 20:54:22 509440 ----a-w- c:\windows\system32\qedit.dll
    2013-07-11 20:54:22 2347520 ----a-w- c:\windows\system32\win32k.sys
    2013-07-11 20:54:17 988672 ----a-w- c:\program files\windows journal\JNTFiltr.dll
    2013-07-11 20:54:17 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
    2013-07-11 20:54:17 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
    2013-07-11 20:54:17 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
    2013-07-11 20:54:06 680960 ----a-w- c:\program files\windows defender\MpSvc.dll
    2013-07-11 20:54:06 392704 ----a-w- c:\program files\windows defender\MpClient.dll
    2013-07-11 20:54:06 224768 ----a-w- c:\program files\windows defender\MpCommu.dll
    2013-07-11 20:27:22 -------- d-----w- c:\users\anja vink\appdata\local\Albelli Fotoboeken
    2013-07-11 16:38:40 -------- d-----w- c:\users\anja vink\appdata\local\{6713C70F-DB2D-4185-B812-F97C67E901E0}
    2013-07-09 15:15:39 -------- d-----w- c:\users\anja vink\appdata\local\{9957322D-9019-41A1-AE30-42B1AA218808}
    2013-07-08 15:20:43 -------- d-----w- c:\users\anja vink\appdata\local\{AFEB214F-8994-4396-8425-2BF691CB5159}
    2013-07-06 20:18:12 -------- d-----w- c:\users\anja vink\appdata\local\{4FD3069C-D99A-4D59-BB25-97B53B220B94}
    2013-07-06 08:18:00 -------- d-----w- c:\users\anja vink\appdata\local\{4FD4B799-06EC-4D91-AD75-A69BEE5516E3}
    2013-07-05 19:55:42 -------- d-----w- c:\users\anja vink\appdata\local\{A6763541-636D-4F53-9ED0-E3F3C4595A9F}
    2013-07-04 14:15:28 -------- d-----w- c:\users\anja vink\appdata\local\{EADE6411-F02C-4EDD-A272-EA2FA1540C08}
    2013-07-03 20:32:35 -------- d-----w- c:\users\anja vink\appdata\local\{5AAC1763-A63C-408F-9099-D5BD99B15B5F}
    2013-07-02 18:57:16 -------- d-----w- c:\users\anja vink\appdata\local\{7F2073AB-3A63-41E2-BB16-F938B451476D}
    2013-07-01 21:21:01 -------- d-----w- c:\program files\Medieval Software
    2013-07-01 16:05:17 -------- d-----w- c:\users\anja vink\appdata\local\{6F3A763F-2BDD-4380-94AC-3699AD989703}
    2013-06-30 14:14:52 -------- d-----w- c:\users\anja vink\appdata\local\{B39BD3F8-99AE-4BCD-AE12-953D1816ED6A}
    2013-06-28 17:15:54 -------- d-----w- c:\users\anja vink\appdata\local\{957EFF73-53E2-43EB-8EB2-A4481FCDA178}
    2013-06-27 11:41:09 -------- d-----w- c:\users\anja vink\appdata\local\{17073FD1-85E5-46F2-BD24-A2DE22D65184}
    2013-06-26 15:08:43 -------- d-----w- c:\users\anja vink\appdata\local\{B0001EBA-7F66-4AD9-9840-379255038D6D}
    2013-06-25 17:36:51 -------- d-----w- c:\users\anja vink\appdata\local\{5973E422-F0E4-47D7-8F44-9185EDE75C12}
    2013-06-24 16:16:35 -------- d-----w- c:\users\anja vink\appdata\local\{83F0A825-772B-4B82-A2EE-4EC5FD4EA0DB}
    2013-06-23 09:15:31 -------- d-----w- c:\users\anja vink\appdata\local\{896C4A2A-3B4D-49DC-9A31-41AA1273029C}
    2013-06-22 21:25:10 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
    2013-06-22 21:24:35 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2013-06-22 11:39:28 -------- d-----w- c:\users\anja vink\appdata\local\{7A806967-3714-4A65-B94C-F5C09EBA8F87}
    2013-06-21 23:39:03 -------- d-----w- c:\users\anja vink\appdata\local\{91B63B02-4AC1-46B5-AE2C-0771EA48470A}
    2013-06-21 11:38:37 -------- d-----w- c:\users\anja vink\appdata\local\{AF24434B-E3EF-4C74-BA40-FD9B0FB399DF}
    2013-06-20 16:29:01 -------- d-----w- c:\users\anja vink\appdata\local\{B96D464B-35CD-4F1D-917D-DE746B82BFCB}
    2013-06-19 15:30:43 -------- d-----w- c:\users\anja vink\appdata\local\{1CB60CE6-4E0B-4A8F-9FDD-DCF4F3F412E5}
    2013-06-18 18:14:59 -------- d-----w- c:\users\anja vink\appdata\local\{2B3E506B-4FA1-47CC-AAED-B720CCD3E3D5}
    2013-06-17 17:38:11 -------- d-----w- c:\users\anja vink\appdata\local\{5928725E-5274-4DAB-BBB1-8E69FAB6EA1E}
    .
    ==================== Find3M ====================
    .
    2013-07-16 19:44:29 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
    2013-06-22 21:24:29 789416 ----a-w- c:\windows\system32\deployJava1.dll
    2013-06-12 17:38:41 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-06-12 17:38:41 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-06-11 23:43:37 1767936 ----a-w- c:\windows\system32\wininet.dll
    2013-06-11 23:43:00 2877440 ----a-w- c:\windows\system32\jscript9.dll
    2013-06-11 23:42:58 61440 ----a-w- c:\windows\system32\iesetup.dll
    2013-06-11 23:42:58 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2013-06-11 22:51:45 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2013-06-07 02:37:52 2706432 ----a-w- c:\windows\system32\mshtml.tlb
    2013-05-13 04:45:55 140288 ----a-w- c:\windows\system32\cryptsvc.dll
    2013-05-13 04:45:55 1160192 ----a-w- c:\windows\system32\crypt32.dll
    2013-05-13 04:45:55 103936 ----a-w- c:\windows\system32\cryptnet.dll
    2013-05-13 03:08:10 903168 ----a-w- c:\windows\system32\certutil.exe
    2013-05-13 03:08:06 43008 ----a-w- c:\windows\system32\certenc.dll
    2013-05-10 03:20:54 24576 ----a-w- c:\windows\system32\cryptdlg.dll
    2013-05-08 05:38:00 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2013-05-06 05:06:47 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2013-05-06 05:06:47 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-05-02 00:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe
    2013-05-01 01:59:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2013-05-01 01:59:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2013-04-29 23:28:50 102448 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
    2013-04-26 04:55:21 492544 ----a-w- c:\windows\system32\win32spl.dll
    2013-04-25 23:30:32 1505280 ----a-w- c:\windows\system32\d3d11.dll
    .
    ============= FINISH: 22:15:58,31 ===============

  • #2
    Hoi hanswil ,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub .
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Stap 1:

    Malware scannen en verwijderen....


    Download MalwareBytes' Anti-Malware naar je bureaublad vanuit één van de volgende links: Dubbelklik op mbam-setup.exe om het programma te installeren.

    Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
    Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

    Zorg dat er na de installatie een vinkje is geplaatst bij:
    • Update MalwareBytes' Anti-Malware
    • Start MalwareBytes' Anti-Malware
    • Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.



    Zodra het programma gestart is, ga je naar het tabblad "Instellingen".
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
    • Ga naar het tabblad "Updates" en Update MBAM.
    • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
    • Druk vervolgens op "Scannen" om de scan te starten.
    • Het scannen kan een tijdje duren, dus wees geduldig.
    • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    Indien MBAM vraagt om een herstart, doe dit dan ook.
    Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
    In dat geval post je dus de twee logs.

    De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


    Bij problemen!!!

    ___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Opmerking:Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    Beveiligingssoftware uitschakelen.

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner en klik op Verwijderen

    • KLIK HIER voor een vergroting! 
    • Klik bij AdwCleaner – Information op OK
    • Klik bij AdwCleaner – Restart Required op OK

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner[xx].txt post de inhoud hier op het Forum.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com

    ___________________________________________________________

    Stap 3:

    Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


    DDS is een diagnosetool en maakt gebruik van scripts.
    Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


    Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
    Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
    Beide logfiles sla je op je bureaublad.

    Post de inhoud van DDS.txt.

    De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.

    ___________________________________________________________

    Stap 4:

    Controle op updates...

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.

    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Malwarebytes Anti-Malware 1.75.0.1300
      www.malwarebytes.org

      Databaseversie: v2013.07.19.09

      Windows 7 Service Pack 1 x86 NTFS
      Internet Explorer 10.0.9200.16635
      anja vink :: ANJAVINK-PC [administrator]

      19-7-2013 22:01:59
      mbam-log-2013-07-19 (22-01-59).txt

      Scan type: Volledige scan (C:\|D:\|)
      Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
      Uitgeschakelde scan opties: P2P
      Objecten gescand: 1054723
      Verstreken tijd: 11 uur/uren, 46 minuut/minuten, 54 seconde(n)

      Geheugenprocessen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Geheugenmodulen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registersleutels gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerwaarden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerdata gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Mappen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Bestanden gedetecteerd: 1
      C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

      (einde)

      Comment


      • #4
        Malwarebytes Anti-Malware 1.75.0.1300
        www.malwarebytes.org

        Databaseversie: v2013.07.20.03

        Windows 7 Service Pack 1 x86 NTFS
        Internet Explorer 10.0.9200.16635
        anja vink :: ANJAVINK-PC [administrator]

        20-7-2013 10:49:29
        mbam-log-2013-07-20 (10-49-29).txt

        Scan type: Snelle scan
        Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
        Uitgeschakelde scan opties: P2P
        Objecten gescand: 242151
        Verstreken tijd: 23 minuut/minuten, 4 seconde(n)

        Geheugenprocessen gedetecteerd: 0
        (Geen kwaadaardige objecten gedetecteerd)

        Geheugenmodulen gedetecteerd: 0
        (Geen kwaadaardige objecten gedetecteerd)

        Registersleutels gedetecteerd: 0
        (Geen kwaadaardige objecten gedetecteerd)

        Registerwaarden gedetecteerd: 0
        (Geen kwaadaardige objecten gedetecteerd)

        Registerdata gedetecteerd: 0
        (Geen kwaadaardige objecten gedetecteerd)

        Mappen gedetecteerd: 0
        (Geen kwaadaardige objecten gedetecteerd)

        Bestanden gedetecteerd: 0
        (Geen kwaadaardige objecten gedetecteerd)

        (einde)

        Comment


        • #5
          # AdwCleaner v2.306 - Verslag gemaakt op 20/07/2013 om 11:29:15
          # Geactualiseerd op 19/07/2013 door Xplode
          # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (32 bits)
          # Gebruiker : anja vink - ANJAVINK-PC
          # Opstarten Modus : Normale modus
          # Gelanceerd vanaf : C:\Users\anja vink\Desktop\adwcleaner.exe
          # Optie [Zoeken]


          ***** [Diensten] *****

          Aanwezig : Bandoo Coordinator

          ***** [Files / Mappen] *****

          File Aanwezig : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
          Map Aanwezig : C:\Program Files\Bandoo
          Map Aanwezig : C:\Program Files\BrowserCompanion
          Map Aanwezig : C:\Program Files\Conduit
          Map Aanwezig : C:\Program Files\ConduitEngine
          Map Aanwezig : C:\Program Files\Linkury
          Map Aanwezig : C:\ProgramData\Bandoo
          Map Aanwezig : C:\ProgramData\Linkury
          Map Aanwezig : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo
          Map Aanwezig : C:\ProgramData\Partner
          Map Aanwezig : C:\Users\anja vink\AppData\Local\Conduit
          Map Aanwezig : C:\Users\anja vink\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp
          Map Aanwezig : C:\Users\anja vink\AppData\LocalLow\Bandoo
          Map Aanwezig : C:\Users\anja vink\AppData\LocalLow\Conduit
          Map Aanwezig : C:\Users\anja vink\AppData\LocalLow\ConduitEngine
          Map Aanwezig : C:\Users\anja vink\AppData\LocalLow\PriceGong
          Map Aanwezig : C:\Users\anja vink\AppData\Roaming\Bandoo
          Map Aanwezig : C:\Users\anja vink\AppData\Roaming\Mozilla\Firefox\Profiles\c7a3kp0r.default\extensions\[email protected]

          ***** [Register] *****

          Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\Conduit
          Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\conduitEngine
          Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\conduitEngine
          Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\Elf_1.13
          Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\PriceGong
          Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\SmartBar
          Sleutel Aanwezig : HKCU\Software\AppDataLow\Toolbar
          Sleutel Aanwezig : HKCU\Software\Blabbers
          Sleutel Aanwezig : HKCU\Software\BrowserCompanion
          Sleutel Aanwezig : HKCU\Software\Conduit
          Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
          Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
          Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
          Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
          Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
          Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
          Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
          Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
          Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
          Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
          Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
          Sleutel Aanwezig : HKCU\Software\Softonic
          Sleutel Aanwezig : HKLM\Software\Bandoo
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\BandooCoordinator.EXE
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\FlashAnimator.DLL
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\secman.DLL
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator.1
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI.1
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult.1
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier.1
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin.1
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Conduit.Engine
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\LinkurySmartBar.BHO
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Toolbar.CT2857572
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
          Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
          Sleutel Aanwezig : HKLM\Software\Conduit
          Sleutel Aanwezig : HKLM\Software\conduitEngine
          Sleutel Aanwezig : HKLM\Software\conduitEngine
          Sleutel Aanwezig : HKLM\Software\Elf_1.13
          Sleutel Aanwezig : HKLM\SOFTWARE\Google\Chrome\Extensions\dloejdefkancmfajekobpfoacecnhpgp
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56D7B0EC-ED0F-4A80-8750-433A834F4362}
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B80F591E-FE9A-46CF-A13E-180377240586}
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
          Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
          Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
          Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
          Sleutel Aanwezig : HKU\S-1-5-21-4092382292-2273649253-153701524-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
          Sleutel Aanwezig : HKU\S-1-5-21-4092382292-2273649253-153701524-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
          Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
          Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
          Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
          Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
          Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
          Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B80F591E-FE9A-46CF-A13E-180377240586}]
          Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B80F591E-FE9A-46CF-A13E-180377240586}]

          ***** [Browsers] *****

          -\\ Internet Explorer v10.0.9200.16635

          [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}

          -\\ Mozilla Firefox v19.0.2 (nl)

          File : C:\Users\anja vink\AppData\Roaming\Mozilla\Firefox\Profiles\c7a3kp0r.default\prefs.js

          [OK] De file bevat geen enkele ongeoorloofde invoer.

          -\\ Google Chrome v28.0.1500.72

          File : C:\Users\anja vink\AppData\Local\Google\Chrome\User Data\Default\Preferences

          [OK] De file bevat geen enkele ongeoorloofde invoer.

          *************************

          AdwCleaner[R1].txt - [15314 octets] - [20/07/2013 11:29:15]

          ########## EOF - C:\AdwCleaner[R1].txt - [15375 octets] ##########

          Comment


          • #6
            # AdwCleaner v2.306 - Verslag gemaakt op 20/07/2013 om 11:32:09
            # Geactualiseerd op 19/07/2013 door Xplode
            # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (32 bits)
            # Gebruiker : anja vink - ANJAVINK-PC
            # Opstarten Modus : Normale modus
            # Gelanceerd vanaf : C:\Users\anja vink\Desktop\adwcleaner.exe
            # Optie [Verwijderen]


            ***** [Diensten] *****

            Gestopt & Verwijdert : Bandoo Coordinator

            ***** [Files / Mappen] *****

            File Verwijderd : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
            Map Verwijderd : C:\Program Files\Bandoo
            Map Verwijderd : C:\Program Files\BrowserCompanion
            Map Verwijderd : C:\Program Files\Conduit
            Map Verwijderd : C:\Program Files\ConduitEngine
            Map Verwijderd : C:\Program Files\Linkury
            Map Verwijderd : C:\ProgramData\Bandoo
            Map Verwijderd : C:\ProgramData\Linkury
            Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo
            Map Verwijderd : C:\ProgramData\Partner
            Map Verwijderd : C:\Users\anja vink\AppData\Local\Conduit
            Map Verwijderd : C:\Users\anja vink\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp
            Map Verwijderd : C:\Users\anja vink\AppData\LocalLow\Bandoo
            Map Verwijderd : C:\Users\anja vink\AppData\LocalLow\Conduit
            Map Verwijderd : C:\Users\anja vink\AppData\LocalLow\ConduitEngine
            Map Verwijderd : C:\Users\anja vink\AppData\LocalLow\PriceGong
            Map Verwijderd : C:\Users\anja vink\AppData\Roaming\Bandoo
            Map Verwijderd : C:\Users\anja vink\AppData\Roaming\Mozilla\Firefox\Profiles\c7a3kp0r.default\extensions\[email protected]

            ***** [Register] *****

            Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit
            Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\conduitEngine
            Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Elf_1.13
            Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\PriceGong
            Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar
            Sleutel Verwijderd : HKCU\Software\AppDataLow\Toolbar
            Sleutel Verwijderd : HKCU\Software\Blabbers
            Sleutel Verwijderd : HKCU\Software\BrowserCompanion
            Sleutel Verwijderd : HKCU\Software\Conduit
            Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
            Sleutel Verwijderd : HKCU\Software\Softonic
            Sleutel Verwijderd : HKLM\Software\Bandoo
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\BandooCoordinator.EXE
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\FlashAnimator.DLL
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\secman.DLL
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator.1
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI.1
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult.1
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier.1
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin.1
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Conduit.Engine
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\LinkurySmartBar.BHO
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2857572
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
            Sleutel Verwijderd : HKLM\Software\Conduit
            Sleutel Verwijderd : HKLM\Software\conduitEngine
            Sleutel Verwijderd : HKLM\Software\Elf_1.13
            Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\dloejdefkancmfajekobpfoacecnhpgp
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56D7B0EC-ED0F-4A80-8750-433A834F4362}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B80F591E-FE9A-46CF-A13E-180377240586}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
            Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
            Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
            Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
            Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
            Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
            Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B80F591E-FE9A-46CF-A13E-180377240586}]
            Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B80F591E-FE9A-46CF-A13E-180377240586}]

            ***** [Browsers] *****

            -\\ Internet Explorer v10.0.9200.16635

            Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms} --> hxxp://www.google.com

            -\\ Mozilla Firefox v19.0.2 (nl)

            File : C:\Users\anja vink\AppData\Roaming\Mozilla\Firefox\Profiles\c7a3kp0r.default\prefs.js

            [OK] De file bevat geen enkele ongeoorloofde invoer.

            -\\ Google Chrome v28.0.1500.72

            File : C:\Users\anja vink\AppData\Local\Google\Chrome\User Data\Default\Preferences

            [OK] De file bevat geen enkele ongeoorloofde invoer.

            *************************

            AdwCleaner[R1].txt - [15445 octets] - [20/07/2013 11:29:15]
            AdwCleaner[R2].txt - [15506 octets] - [20/07/2013 11:31:22]
            AdwCleaner[S1].txt - [14585 octets] - [20/07/2013 11:32:09]

            ########## EOF - C:\AdwCleaner[S1].txt - [14646 octets] ##########

            Comment


            • #7
              DDS (Ver_2012-11-20.01) - NTFS_x86
              Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
              Run by anja vink at 11:39:46 on 2013-07-20
              Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3063.1478 [GMT 2:00]
              .
              AV: Norman Security Suite *Disabled/Updated* {D038CA80-26F3-90BF-94AA-03C4D945E661}
              SP: Norman Security Suite *Disabled/Updated* {6B592B64-00C9-9F31-AE1A-38B6A2C2ACDC}
              SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
              FW: Norman Security Suite *Enabled* {E8034BA5-6C9C-91E7-BFF5-AAF12796A11A}
              .
              ============== Running Processes ================
              .
              C:\Windows\system32\wininit.exe
              C:\Windows\system32\lsm.exe
              C:\Program Files\Norman\Npm\Bin\elogsvc.exe
              C:\Program Files\Norman\Ngs\Bin\Nnf.exe
              C:\Program Files\Norman\Ngs\Bin\Nprosec.exe
              C:\Windows\system32\atiesrxx.exe
              C:\Program Files\Norman\Npm\Bin\Zanda.exe
              C:\Program Files\Norman\npm\bin\nvoy.exe
              C:\Windows\system32\atieclxx.exe
              C:\Windows\System32\spoolsv.exe
              C:\Windows\system32\taskhost.exe
              C:\Windows\system32\Dwm.exe
              C:\Windows\Explorer.EXE
              C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
              C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
              C:\Windows\system32\taskeng.exe
              C:\Prey\platform\windows\cronsvc.exe
              C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
              C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
              C:\Program Files\Norman\Npt\Bin\Npsvc32.exe
              C:\Program Files\Norman\Nse\Bin\NSESVC.EXE
              C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
              c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
              C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
              C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
              C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
              C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
              C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
              C:\Program Files\Norman\Npm\Bin\zlh.exe
              C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
              C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
              C:\Program Files\AirPort\APAgent.exe
              C:\Program Files\Norman\Nvc\bin\nhs.exe
              C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
              C:\Program Files\iTunes\iTunesHelper.exe
              C:\Windows\System32\WUDFHost.exe
              C:\Program Files\Norman\Npm\Bin\scheduler.exe
              C:\Program Files\Norman\Npm\Bin\Njeeves.exe
              C:\Program Files\Norman\nig\bin\nigsvc32.exe
              C:\Program Files\Common Files\Java\Java Update\jusched.exe
              C:\Program Files\Norman\nig\bin\niguser.exe
              C:\Program Files\iPod\bin\iPodService.exe
              C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
              C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
              C:\Program Files\Samsung\Kies\Kies.exe
              C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
              C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
              C:\Program Files\Norman\Nvc\Bin\nvcoas.exe
              C:\Program Files\Norman\npf\bin\npfsvc32.exe
              C:\Program Files\Norman\Nvc\Bin\cclaw.exe
              C:\Program Files\Windows Media Player\wmpnetwk.exe
              C:\Program Files\Internet Explorer\iexplore.exe
              C:\Windows\servicing\TrustedInstaller.exe
              C:\Windows\system32\DllHost.exe
              C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
              C:\Program Files\Nero\Update\NASvc.exe
              C:\Windows\system32\sppsvc.exe
              C:\Windows\system32\wbem\wmiprvse.exe
              C:\Program Files\Internet Explorer\iexplore.exe
              C:\Program Files\Internet Explorer\iexplore.exe
              C:\Windows\system32\DllHost.exe
              C:\Windows\system32\DllHost.exe
              C:\Windows\system32\conhost.exe
              C:\Windows\system32\wbem\wmiprvse.exe
              C:\Prey\platform\windows\bin\bash.exe
              C:\Windows\system32\conhost.exe
              C:\Windows\system32\svchost.exe -k DcomLaunch
              C:\Windows\system32\svchost.exe -k RPCSS
              C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
              C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
              C:\Windows\system32\svchost.exe -k LocalService
              C:\Windows\system32\svchost.exe -k netsvcs
              C:\Windows\system32\svchost.exe -k NetworkService
              C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
              C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
              C:\Windows\system32\svchost.exe -k imgsvc
              C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
              C:\Windows\System32\svchost.exe -k LocalServicePeerNet
              C:\Windows\System32\svchost.exe -k secsvcs
              C:\Windows\system32\svchost.exe -k SDRSVC
              .
              ============== Pseudo HJT Report ===============
              .
              uStart Page = hxxp://www.startpagina.nl/
              uSearch Bar = hxxp://www.bing.com/search?q={searchTerms}
              uSearch Page = hxxp://www.bing.com/search?q={searchTerms}
              uDefault_Page_URL = hxxp://www.aldi.com
              uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
              BHO: URL Blocker: {00e71626-0bef-11dc-8314-0800200c9a66} - c:\program files\norman\nig\bin\nigbho.dll
              BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
              BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
              BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
              BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
              BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
              BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
              TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
              uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
              uRun: [Java(TM) Platform SEHKCU] c:\users\anja vink\appdata\roaming\system32\taskmgr.exe
              uRun: [NETGEARGenie] "c:\program files\netgear genie\bin\NETGEARGenie.exe" -mini -redirect
              uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
              uRun: c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
              uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
              uRun: [RIMDeviceManager] c:\program files\common files\research in motion\rimdevicemanager\RIMDeviceManager.exe" -RunServer
              mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
              mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
              mRun: [NUSB3MON] "c:\program files\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
              mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"
              mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
              mRun: [Norman ZANDA] "c:\program files\norman\npm\bin\ZLH.EXE" /LOAD /SPLASH
              mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
              mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
              mRun: [AirPort Base Station Agent] "c:\program files\airport\APAgent.exe"
              mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
              mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
              mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
              mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
              StartupFolder: c:\users\anjavi~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
              StartupFolder: c:\users\anjavi~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
              mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
              mPolicies-System: ConsentPromptBehaviorUser = dword:3
              mPolicies-System: EnableUIADesktopToggle = dword:0
              IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
              IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
              IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
              IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
              IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
              DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
              TCP: NameServer = 10.0.0.1
              TCP: Interfaces\{732048A9-7E8D-428F-9AF3-D5BE1F66BC7A} : DHCPNameServer = 10.0.0.1
              TCP: Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB} : DHCPNameServer = 10.0.0.1
              TCP: Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB}\E45445745414251343 : DHCPNameServer = 192.168.1.1
              Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
              Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
              Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
              AppInit_DLLs= c:\progra~1\bandoo\bndhook.dll
              SSODL: WebCheck - <orphaned>
              mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.72\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
              .
              ================= FIREFOX ===================
              .
              FF - ProfilePath - c:\users\anja vink\appdata\roaming\mozilla\firefox\profiles\c7a3kp0r.default\
              FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/
              FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
              FF - plugin: c:\program files\common files\nero\browserplugin\npBrowserPlugin.dll
              FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
              FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
              FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
              FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
              FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
              FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
              FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
              .
              ============= SERVICES / DRIVERS ===============
              .
              R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2013-4-30 102448]
              R1 ALE_NF;Norman Network Filter ALE driver;c:\windows\system32\drivers\ale_nf.sys [2011-7-13 99088]
              R1 NGS;Norman General Security Driver;c:\program files\norman\ngs\bin\ngs.sys [2012-6-11 26744]
              R1 NPROSEC;Norman Security driver;c:\program files\norman\ngs\bin\nprosec.sys [2011-7-13 91136]
              R1 RapportCerberus_53984;RapportCerberus_53984;c:\programdata\trusteer\rapport\store\exts\rapportcerber us\53984\RapportCerberus32_53984.sys [2013-6-23 317424]
              R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2013-4-30 103120]
              R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2013-4-30 174320]
              R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-5-27 176128]
              R2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [2012-11-29 23552]
              R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2010-8-30 13336]
              R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2012-7-13 769432]
              R2 Ndiskio;Ndiskio;c:\program files\norman\nse\bin\ndiskio.sys [2011-7-13 22880]
              R2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:\program files\netgear genie\bin\NETGEARGenieDaemon.exe [2012-9-25 195400]
              R2 NHS;Norman Hash Server;c:\program files\norman\nvc\bin\nhs.exe [2013-2-12 793520]
              R2 NNFSVC;Norman Network Filtering service;c:\program files\norman\ngs\bin\nnf.exe [2012-6-11 231216]
              R2 Norman ZANDA;Norman ZANDA;c:\program files\norman\npm\bin\zanda.exe [2012-6-11 431320]
              R2 NPFSvc32;Norman Personal Firewall Service;c:\program files\norman\npf\bin\npfsvc32.exe [2012-6-11 356904]
              R2 NPROSECSVC;Norman Security service;c:\program files\norman\ngs\bin\nprosec.exe [2012-6-11 90144]
              R2 npsvc32;Norman Privacy Service;c:\program files\norman\npt\bin\npsvc32.exe [2012-6-11 475864]
              R2 nregsec;Norman Registry Security driver;c:\program files\norman\ngs\bin\nregsec.sys [2012-6-11 61496]
              R2 NVOY;Norman Resource Provider;c:\program files\norman\npm\bin\nvoy.exe [2012-6-11 100936]
              R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2013-4-30 1124632]
              R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-10-2 3064000]
              R3 NIG;Norman Intrusion Guard;c:\program files\norman\nig\bin\nigsvc32.exe [2012-6-11 373424]
              R3 nsesvc;Norman Scanner Engine Service;c:\program files\norman\nse\bin\nsesvc.exe [2013-4-4 289048]
              R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-4-27 64904]
              R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-4-27 146568]
              R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcv32mf.sys [2012-9-12 48376]
              R3 nvcoas;Norman Virus Control on-access component;c:\program files\norman\nvc\bin\nvcoas.exe [2012-7-4 287312]
              R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-8-30 267880]
              R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2010-11-25 603240]
              R3 Scheduler;Norman Scheduler Service;c:\program files\norman\npm\bin\scheduler.exe [2012-6-11 99312]
              S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
              S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
              S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-2-6 83864]
              S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-4-7 39272]
              S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
              S3 netr73;Conceptronic RT73 stuurprogramma voor draadloze netwerken voor Vista;c:\windows\system32\drivers\netr73.sys [2009-6-10 545792]
              S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-2-6 181784]
              S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-3 52224]
              S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-11-30 1343400]
              S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
              .
              =============== Created Last 30 ================
              .
              2013-07-20 08:28:21 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5273906f-6506-4d63-bd42-1be88ea29e7a}\offreg.dll
              2013-07-19 21:16:58 -------- d-----w- c:\users\anja vink\appdata\local\{D4446C6F-5773-4F9F-960A-4DC5DA373D44}
              2013-07-19 19:56:27 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
              2013-07-19 19:56:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
              2013-07-19 16:33:45 7143960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5273906f-6506-4d63-bd42-1be88ea29e7a}\mpengine.dll
              2013-07-18 16:03:10 -------- d-----w- c:\users\anja vink\appdata\local\{A1FE9281-97F1-44A7-830B-38AD28BAA8D0}
              2013-07-16 19:25:54 -------- d-----w- c:\users\anja vink\appdata\local\{A6759BA2-E827-4414-859F-2B08A164C68A}
              2013-07-15 15:01:04 -------- d-----w- c:\users\anja vink\appdata\local\{63E2C08E-0B13-4FF5-9D10-D944EA63108D}
              2013-07-14 08:48:41 -------- d-----w- c:\users\anja vink\appdata\local\{E9AB98DB-4AA2-48AE-AC2E-32AFFC43C5CD}
              2013-07-13 09:23:41 -------- d-----w- c:\users\anja vink\appdata\local\{724459EB-D9F2-4142-83EE-DC606E04631B}
              2013-07-12 21:23:16 -------- d-----w- c:\users\anja vink\appdata\local\{B82DA318-CEF7-4083-A466-BD29DEFD7DDA}
              2013-07-12 09:22:50 -------- d-----w- c:\users\anja vink\appdata\local\{53BDA561-B884-46AE-BFC8-6D30F97A3B45}
              2013-07-11 20:54:23 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL
              2013-07-11 20:54:23 1247744 ----a-w- c:\windows\system32\DWrite.dll
              2013-07-11 20:54:22 509440 ----a-w- c:\windows\system32\qedit.dll
              2013-07-11 20:54:22 2347520 ----a-w- c:\windows\system32\win32k.sys
              2013-07-11 20:54:17 988672 ----a-w- c:\program files\windows journal\JNTFiltr.dll
              2013-07-11 20:54:17 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
              2013-07-11 20:54:17 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
              2013-07-11 20:54:17 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
              2013-07-11 20:54:06 680960 ----a-w- c:\program files\windows defender\MpSvc.dll
              2013-07-11 20:54:06 392704 ----a-w- c:\program files\windows defender\MpClient.dll
              2013-07-11 20:54:06 224768 ----a-w- c:\program files\windows defender\MpCommu.dll
              2013-07-11 20:27:22 -------- d-----w- c:\users\anja vink\appdata\local\Albelli Fotoboeken
              2013-07-11 16:38:40 -------- d-----w- c:\users\anja vink\appdata\local\{6713C70F-DB2D-4185-B812-F97C67E901E0}
              2013-07-09 15:15:39 -------- d-----w- c:\users\anja vink\appdata\local\{9957322D-9019-41A1-AE30-42B1AA218808}
              2013-07-08 15:20:43 -------- d-----w- c:\users\anja vink\appdata\local\{AFEB214F-8994-4396-8425-2BF691CB5159}
              2013-07-06 20:18:12 -------- d-----w- c:\users\anja vink\appdata\local\{4FD3069C-D99A-4D59-BB25-97B53B220B94}
              2013-07-06 08:18:00 -------- d-----w- c:\users\anja vink\appdata\local\{4FD4B799-06EC-4D91-AD75-A69BEE5516E3}
              2013-07-05 19:55:42 -------- d-----w- c:\users\anja vink\appdata\local\{A6763541-636D-4F53-9ED0-E3F3C4595A9F}
              2013-07-04 14:15:28 -------- d-----w- c:\users\anja vink\appdata\local\{EADE6411-F02C-4EDD-A272-EA2FA1540C08}
              2013-07-03 20:32:35 -------- d-----w- c:\users\anja vink\appdata\local\{5AAC1763-A63C-408F-9099-D5BD99B15B5F}
              2013-07-02 18:57:16 -------- d-----w- c:\users\anja vink\appdata\local\{7F2073AB-3A63-41E2-BB16-F938B451476D}
              2013-07-01 21:21:01 -------- d-----w- c:\program files\Medieval Software
              2013-07-01 16:05:17 -------- d-----w- c:\users\anja vink\appdata\local\{6F3A763F-2BDD-4380-94AC-3699AD989703}
              2013-06-30 14:14:52 -------- d-----w- c:\users\anja vink\appdata\local\{B39BD3F8-99AE-4BCD-AE12-953D1816ED6A}
              2013-06-28 17:15:54 -------- d-----w- c:\users\anja vink\appdata\local\{957EFF73-53E2-43EB-8EB2-A4481FCDA178}
              2013-06-27 11:41:09 -------- d-----w- c:\users\anja vink\appdata\local\{17073FD1-85E5-46F2-BD24-A2DE22D65184}
              2013-06-26 15:08:43 -------- d-----w- c:\users\anja vink\appdata\local\{B0001EBA-7F66-4AD9-9840-379255038D6D}
              2013-06-25 17:36:51 -------- d-----w- c:\users\anja vink\appdata\local\{5973E422-F0E4-47D7-8F44-9185EDE75C12}
              2013-06-24 16:16:35 -------- d-----w- c:\users\anja vink\appdata\local\{83F0A825-772B-4B82-A2EE-4EC5FD4EA0DB}
              2013-06-23 09:15:31 -------- d-----w- c:\users\anja vink\appdata\local\{896C4A2A-3B4D-49DC-9A31-41AA1273029C}
              2013-06-22 21:25:10 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
              2013-06-22 21:24:35 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
              2013-06-22 11:39:28 -------- d-----w- c:\users\anja vink\appdata\local\{7A806967-3714-4A65-B94C-F5C09EBA8F87}
              2013-06-21 23:39:03 -------- d-----w- c:\users\anja vink\appdata\local\{91B63B02-4AC1-46B5-AE2C-0771EA48470A}
              2013-06-21 11:38:37 -------- d-----w- c:\users\anja vink\appdata\local\{AF24434B-E3EF-4C74-BA40-FD9B0FB399DF}
              2013-06-20 16:29:01 -------- d-----w- c:\users\anja vink\appdata\local\{B96D464B-35CD-4F1D-917D-DE746B82BFCB}
              .
              ==================== Find3M ====================
              .
              2013-07-20 09:39:58 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
              2013-06-22 21:24:29 789416 ----a-w- c:\windows\system32\deployJava1.dll
              2013-06-12 17:38:41 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
              2013-06-12 17:38:41 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
              2013-06-11 23:43:37 1767936 ----a-w- c:\windows\system32\wininet.dll
              2013-06-11 23:43:00 2877440 ----a-w- c:\windows\system32\jscript9.dll
              2013-06-11 23:42:58 61440 ----a-w- c:\windows\system32\iesetup.dll
              2013-06-11 23:42:58 109056 ----a-w- c:\windows\system32\iesysprep.dll
              2013-06-11 22:51:45 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
              2013-06-07 02:37:52 2706432 ----a-w- c:\windows\system32\mshtml.tlb
              2013-05-13 04:45:55 140288 ----a-w- c:\windows\system32\cryptsvc.dll
              2013-05-13 04:45:55 1160192 ----a-w- c:\windows\system32\crypt32.dll
              2013-05-13 04:45:55 103936 ----a-w- c:\windows\system32\cryptnet.dll
              2013-05-13 03:08:10 903168 ----a-w- c:\windows\system32\certutil.exe
              2013-05-13 03:08:06 43008 ----a-w- c:\windows\system32\certenc.dll
              2013-05-10 03:20:54 24576 ----a-w- c:\windows\system32\cryptdlg.dll
              2013-05-08 05:38:00 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
              2013-05-06 05:06:47 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe
              2013-05-06 05:06:47 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe
              2013-05-02 00:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe
              2013-05-01 01:59:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
              2013-05-01 01:59:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
              2013-04-29 23:28:50 102448 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
              2013-04-26 04:55:21 492544 ----a-w- c:\windows\system32\win32spl.dll
              2013-04-25 23:30:32 1505280 ----a-w- c:\windows\system32\d3d11.dll
              .
              ============= FINISH: 12:15:59,28 ===============

              Comment


              • #8
                Results of screen317's Security Check version 0.99.70
                Windows 7 Service Pack 1 x86 (UAC is enabled)
                Internet Explorer 10
                ``````````````Antivirus/Firewall Check:``````````````
                Norman Security Suite
                Antivirus up to date!
                `````````Anti-malware/Other Utilities Check:`````````
                Java(TM) 6 Update 21
                Java 7 Update 25
                Adobe Flash Player 11.7.700.224
                Adobe Reader 9 Adobe Reader out of Date!
                Adobe Reader 10.1.6 Adobe Reader out of Date!
                Mozilla Firefox 19.0.2 Firefox out of Date!
                Google Chrome 28.0.1500.71
                Google Chrome 28.0.1500.72
                ````````Process Check: objlist.exe by Laurent````````
                `````````````````System Health check`````````````````
                Total Fragmentation on Drive C:
                ````````````````````End of Log``````````````````````

                Comment


                • #9
                  Verwijder volgende via programa's en onderdelen:
                  • Java(TM) 6 Update 21
                  • Adobe Reader 9
                  • Adobe Reader 10.1.6



                  Update je firefox.


                  Download of Update Ccleaner

                  Start CCleaner op.
                  • Run Ccleaner en klik in de linkse kolom op Opties
                  • Selecteer het tabblad Geavanceerd
                  • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                  • Haal het vinkje weg voor Verwijder alleen bestanden in de Prullenbak die ouder zijn dan 24 uur
                  • Selecteer het tabblad Instellingen
                  • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                  • Klik in de linkse kolom op Cleaner.
                  • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                  • Klik vervolgens in de linkse kolom op Register
                  • Klik op Scan naar problemen.
                  • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen en OK

                  .

                  Als je dat alles hebt gedaan doe je het volgende
                  :


                  Download Combofix en plaats het op je bureaublad.

                  Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
                  Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.


                  Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.


                  Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
                  Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

                  Als Combofix vraagt om een update, dan staat je dit toe.

                  Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                  Deze kan je vinden als C:\combofix.txt.

                  Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

                  Emphyrio
                  Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                  E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                  Comment


                  • #10
                    ComboFix 13-07-20.03 - anja vink 20-07-2013 19:10:43.1.4 - x86
                    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3063.1882 [GMT 2:00]
                    Gestart vanuit: c:\users\anja vink\Desktop\ComboFix.exe
                    AV: Norman Security Suite *Disabled/Updated* {D038CA80-26F3-90BF-94AA-03C4D945E661}
                    FW: Norman Security Suite *Enabled* {E8034BA5-6C9C-91E7-BFF5-AAF12796A11A}
                    SP: Norman Security Suite *Disabled/Updated* {6B592B64-00C9-9F31-AE1A-38B6A2C2ACDC}
                    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                    .
                    .
                    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    .
                    c:\programdata\2157eaaa-5153-4869-a1c8-b1423a6a8ed6
                    c:\programdata\windows
                    c:\users\anja vink\AppData\Local\patchYDG.exe
                    c:\users\anja vink\AppData\Roaming\IHelper
                    c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\ArtworkDB
                    c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\Books.plist
                    c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\iTunesCDB
                    c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\iTunesCDB.unzip
                    c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\MediaLibrary.sqlitedb-shm
                    c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\MediaLibrary.sqlitedb-wal
                    c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\MediaLibrary.sqlitedb
                    c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\Purchases.plist
                    c:\users\anja vink\AppData\Roaming\system32
                    c:\users\anja vink\setup.exe
                    c:\windows\system32\Packet.dll
                    c:\windows\system32\System32\MASetupCleaner.exe
                    c:\windows\system32\System32\muzapp.exe
                    c:\windows\system32\wpcap.dll
                    c:\windows\unin0413.exe
                    .
                    .
                    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    .
                    -------\Legacy_NPF
                    -------\Service_NPF
                    .
                    .
                    (((((((((((((((((((( Bestanden Gemaakt van 2013-06-20 to 2013-07-20 ))))))))))))))))))))))))))))))
                    .
                    .
                    2013-07-20 16:07 . 2013-07-20 16:07 -------- d-----w- c:\program files\CCleaner
                    2013-07-20 08:28 . 2013-07-20 10:16 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5273906F-6506-4D63-BD42-1BE88EA29E7A}\offreg.dll
                    2013-07-19 19:56 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
                    2013-07-19 19:56 . 2013-07-19 19:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
                    2013-07-19 16:33 . 2013-07-02 06:54 7143960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5273906F-6506-4D63-BD42-1BE88EA29E7A}\mpengine.dll
                    2013-07-11 20:54 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL
                    2013-07-11 20:54 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\system32\DWrite.dll
                    2013-07-11 20:54 . 2013-06-05 03:05 2347520 ----a-w- c:\windows\system32\win32k.sys
                    2013-07-11 20:54 . 2013-06-04 04:53 509440 ----a-w- c:\windows\system32\qedit.dll
                    2013-07-11 20:54 . 2013-04-10 05:04 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
                    2013-07-11 20:54 . 2013-04-10 05:03 936448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
                    2013-07-11 20:54 . 2013-04-10 05:03 988672 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
                    2013-07-11 20:54 . 2013-04-10 05:03 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
                    2013-07-11 20:54 . 2013-05-27 04:57 680960 ----a-w- c:\program files\Windows Defender\MpSvc.dll
                    2013-07-11 20:54 . 2013-05-27 04:57 392704 ----a-w- c:\program files\Windows Defender\MpClient.dll
                    2013-07-11 20:54 . 2013-05-27 04:57 224768 ----a-w- c:\program files\Windows Defender\MpCommu.dll
                    2013-07-11 20:27 . 2013-07-12 06:26 -------- d-----w- c:\users\anja vink\AppData\Local\Albelli Fotoboeken
                    2013-07-01 21:21 . 2013-07-01 21:21 -------- d-----w- c:\program files\Medieval Software
                    2013-06-22 21:25 . 2013-06-22 21:25 -------- d-----w- c:\program files\Common Files\Java
                    2013-06-22 21:25 . 2013-06-22 21:24 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
                    2013-06-22 21:24 . 2013-06-22 21:24 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
                    .
                    .
                    .
                    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    2013-07-20 17:39 . 2013-02-02 08:39 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
                    2013-06-22 21:24 . 2010-08-30 10:05 789416 ----a-w- c:\windows\system32\deployJava1.dll
                    2013-06-12 17:38 . 2012-04-05 15:07 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
                    2013-06-12 17:38 . 2011-06-03 06:27 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
                    2013-05-13 04:45 . 2013-06-12 09:29 140288 ----a-w- c:\windows\system32\cryptsvc.dll
                    2013-05-13 04:45 . 2013-06-12 09:29 1160192 ----a-w- c:\windows\system32\crypt32.dll
                    2013-05-13 04:45 . 2013-06-12 09:29 103936 ----a-w- c:\windows\system32\cryptnet.dll
                    2013-05-13 03:08 . 2013-06-12 09:29 903168 ----a-w- c:\windows\system32\certutil.exe
                    2013-05-13 03:08 . 2013-06-12 09:29 43008 ----a-w- c:\windows\system32\certenc.dll
                    2013-05-10 03:20 . 2013-06-12 09:29 24576 ----a-w- c:\windows\system32\cryptdlg.dll
                    2013-05-09 20:10 . 2010-06-24 09:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
                    2013-05-08 05:38 . 2013-06-12 09:29 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
                    2013-05-06 05:06 . 2013-06-12 09:29 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe
                    2013-05-06 05:06 . 2013-06-12 09:29 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe
                    2013-05-02 00:06 . 2010-08-30 16:46 238872 ------w- c:\windows\system32\MpSigStub.exe
                    2013-05-01 01:59 . 2013-05-01 01:59 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
                    2013-05-01 01:59 . 2013-05-01 01:59 69632 ----a-w- c:\windows\system32\QuickTime.qts
                    2013-04-29 23:28 . 2013-04-29 23:28 102448 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
                    2013-04-26 04:55 . 2013-06-12 09:29 492544 ----a-w- c:\windows\system32\win32spl.dll
                    2013-04-25 23:30 . 2013-06-12 09:29 1505280 ----a-w- c:\windows\system32\d3d11.dll
                    2013-03-07 14:30 . 2013-03-23 15:08 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
                    .
                    .
                    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    .
                    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                    REGEDIT4
                    .
                    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                    "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2013-01-10 844144]
                    "NETGEARGenie"="c:\program files\NETGEAR Genie\bin\NETGEARGenie.exe" [2012-10-16 1041736]
                    "KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-01-10 1475952]
                    "Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18708224]
                    "RIMDeviceManager"="c:\program files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" [2012-11-26 2226264]
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                    "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
                    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
                    "NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
                    "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
                    "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
                    "Norman ZANDA"="c:\program files\Norman\Npm\Bin\ZLH.EXE" [2013-02-04 350560]
                    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
                    "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]
                    "AirPort Base Station Agent"="c:\program files\AirPort\APAgent.exe" [2009-11-11 771360]
                    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
                    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
                    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-05-31 152392]
                    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
                    .
                    c:\users\anja vink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
                    OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                    "ConsentPromptBehaviorAdmin"= 5 (0x5)
                    "ConsentPromptBehaviorUser"= 3 (0x3)
                    "EnableUIADesktopToggle"= 0 (0x0)
                    "EnableLinkedConnections"= 1 (0x1)
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
                    2011-10-05 23:52 59240 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
                    2013-04-21 19:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
                    2013-04-05 10:59 59720 ----a-w- c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
                    2013-01-10 09:02 310128 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
                    2010-10-29 20:06 5915480 ----a-w- c:\program files\Logitech\Vid HD\Vid.exe
                    .
                    R2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:\program files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [2012-09-25 195400]
                    R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-02-06 83864]
                    R3 netr73;Conceptronic RT73 stuurprogramma voor draadloze netwerken voor Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
                    R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 181784]
                    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
                    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-30 1343400]
                    R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-01-08 161536]
                    S0 RapportKELL;RapportKELL;c:\windows\System32\Drivers\RapportKELL.sys [2013-04-29 102448]
                    S1 ALE_NF;Norman Network Filter ALE driver;c:\windows\system32\drivers\ale_nf.sys [2011-12-02 99088]
                    S1 NGS;Norman General Security Driver;c:\program files\norman\ngs\bin\ngs.sys [2011-07-12 26744]
                    S1 NPROSEC;Norman Security driver;c:\program files\Norman\Ngs\Bin\nprosec.sys [2011-11-11 91136]
                    S1 RapportCerberus_53984;RapportCerberus_53984;c:\programdata\Trusteer\Rapport\store\exts\RapportCerber us\53984\RapportCerberus32_53984.sys [2013-06-23 317424]
                    S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [2013-04-29 103120]
                    S1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [2013-04-29 174320]
                    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 176128]
                    S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [2012-11-28 23552]
                    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
                    S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2012-07-13 769432]
                    S2 Ndiskio;Ndiskio;c:\program files\Norman\Nse\Bin\NDISKIO.SYS [2010-12-09 22880]
                    S2 NHS;Norman Hash Server;c:\program files\Norman\Nvc\bin\nhs.exe [2012-05-10 793520]
                    S2 NNFSVC;Norman Network Filtering service;c:\program files\Norman\Ngs\Bin\Nnf.exe [2011-11-14 231216]
                    S2 NPFSvc32;Norman Personal Firewall Service;c:\program files\Norman\npf\bin\npfsvc32.exe [2012-05-14 356904]
                    S2 NPROSECSVC;Norman Security service;c:\program files\Norman\Ngs\Bin\Nprosec.exe [2011-09-30 90144]
                    S2 npsvc32;Norman Privacy Service;c:\program files\Norman\Npt\Bin\Npsvc32.exe [2011-09-14 475864]
                    S2 nregsec;Norman Registry Security driver;c:\program files\Norman\Ngs\Bin\nregsec.sys [2011-11-11 61496]
                    S2 NVOY;Norman Resource Provider;c:\program files\Norman\npm\bin\nvoy.exe [2011-10-19 100936]
                    S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-04-29 1124632]
                    S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
                    S3 NIG;Norman Intrusion Guard;c:\program files\Norman\nig\bin\nigsvc32.exe [2012-05-16 373424]
                    S3 nsesvc;Norman Scanner Engine Service;c:\program files\Norman\Nse\Bin\NSESVC.EXE [2013-04-02 289048]
                    S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 64904]
                    S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 146568]
                    S3 NvcMFlt;NvcMFlt;c:\windows\system32\DRIVERS\nvcv32mf.sys [2012-08-16 48376]
                    S3 nvcoas;Norman Virus Control on-access component;c:\program files\Norman\Nvc\Bin\nvcoas.exe [2012-06-28 287312]
                    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880]
                    S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 603240]
                    S3 Scheduler;Norman Scheduler Service;c:\program files\Norman\Npm\Bin\scheduler.exe [2011-04-11 99312]
                    .
                    .
                    --- Andere Services/Drivers In Geheugen ---
                    .
                    *NewlyCreated* - RAPPORTIASO
                    *Deregistered* - RapportIaso
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
                    2013-07-13 09:19 1173456 ----a-w- c:\program files\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
                    .
                    Inhoud van de 'Gedeelde Taken' map
                    .
                    2013-07-20 c:\windows\Tasks\Adobe Flash Player Updater.job
                    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 17:38]
                    .
                    2013-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                    - c:\program files\Google\Update\GoogleUpdate.exe [2011-05-15 10:07]
                    .
                    2013-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                    - c:\program files\Google\Update\GoogleUpdate.exe [2011-05-15 10:07]
                    .
                    .
                    ------- Bijkomende Scan -------
                    .
                    uStart Page = hxxp://www.startpagina.nl/
                    uInternet Settings,ProxyOverride = *.local
                    uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
                    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
                    IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
                    TCP: DhcpNameServer = 10.0.0.1
                    DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
                    FF - ProfilePath - c:\users\anja vink\AppData\Roaming\Mozilla\Firefox\Profiles\c7a3kp0r.default\
                    FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/
                    .
                    - - - - ORPHANS VERWIJDERD - - - -
                    .
                    WebBrowser-{38542454-DFB6-44F5-B052-D4E071A3D073} - (no file)
                    WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file)
                    c:\users\anja vink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe
                    SafeBoot-BsScanner
                    MSConfigStartUp-Browser Infrastructure Helper - c:\users\anja vink\AppData\Local\Smartbar\Application\Smartbar.exe
                    MSConfigStartUp-KiesHelper - c:\program files\Samsung\Kies\KiesHelper.exe
                    MSConfigStartUp-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe
                    MSConfigStartUp-PlusService - c:\program files\Yuna Software\Messenger Plus!\PlusService.exe
                    AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
                    AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
                    AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
                    AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
                    AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
                    AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
                    AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
                    AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
                    AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
                    AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
                    AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
                    AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
                    AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
                    AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
                    AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
                    AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
                    AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
                    AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
                    AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
                    .
                    .
                    .
                    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                    .
                    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
                    @Denied: (2) (LocalSystem)
                    "Progid"="ChromeHTML"
                    .
                    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
                    @Denied: (2) (LocalSystem)
                    "Progid"="ChromeHTML"
                    .
                    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
                    @Denied: (2) (LocalSystem)
                    "Progid"="ChromeHTML"
                    .
                    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
                    @Denied: (2) (LocalSystem)
                    "Progid"="ChromeHTML"
                    .
                    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
                    @Denied: (2) (LocalSystem)
                    "Progid"="ChromeHTML"
                    .
                    [HKEY_USERS\S-1-5-21-4092382292-2273649253-153701524-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
                    @Denied: (2) (S-1-5-21-4092382292-2273649253-153701524-1001)
                    @Denied: (2) (LocalSystem)
                    "Progid"="WindowsLiveMail.Email.1"
                    .
                    [HKEY_USERS\S-1-5-21-4092382292-2273649253-153701524-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
                    @Denied: (2) (S-1-5-21-4092382292-2273649253-153701524-1001)
                    @Denied: (2) (LocalSystem)
                    "Progid"="WindowsLiveMail.VCard.1"
                    .
                    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
                    @Denied: (A) (Users)
                    @Denied: (A) (Everyone)
                    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                    "BlindDial"=dword:00000000
                    .
                    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
                    @Denied: (A) (Users)
                    @Denied: (A) (Everyone)
                    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                    "BlindDial"=dword:00000000
                    .
                    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
                    @Denied: (A) (Users)
                    @Denied: (A) (Everyone)
                    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                    "BlindDial"=dword:00000000
                    .
                    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
                    @Denied: (Full) (Everyone)
                    .
                    --------------------- DLLs Geladen Onder Lopende Processen ---------------------
                    .
                    - - - - - - - > 'Explorer.exe'(8168)
                    c:\program files\WinSCP\DragExt.dll
                    .
                    ------------------------ Andere Aktieve Processen ------------------------
                    .
                    c:\program files\Norman\Npm\Bin\elogsvc.exe
                    c:\program files\Norman\Npm\Bin\Zanda.exe
                    c:\windows\system32\atieclxx.exe
                    c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
                    c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
                    c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
                    c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
                    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
                    c:\windows\system32\taskhost.exe
                    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                    c:\windows\system32\conhost.exe
                    c:\windows\System32\WUDFHost.exe
                    c:\program files\Norman\Npm\Bin\Njeeves.exe
                    c:\windows\system32\sppsvc.exe
                    c:\program files\Windows Media Player\wmpnetwk.exe
                    .
                    **************************************************************************
                    .
                    Voltooingstijd: 2013-07-20 19:45:01 - machine werd herstart
                    ComboFix-quarantined-files.txt 2013-07-20 17:44
                    .
                    Pre-Run: 765.239.316.480 bytes beschikbaar
                    Post-Run: 764.675.698.688 bytes beschikbaar
                    .
                    - - End Of File - - F21E682D16D5113890CE272182F27F6E
                    5D949EEA3BEEC2DF38A2D7900AD89A60

                    Comment


                    • #11
                      ik wil dds,com of src of pif downloaden maar dat kan niet?

                      Comment


                      • #12
                        DDS (Ver_2012-11-20.01) - NTFS_x86
                        Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
                        Run by anja vink at 21:31:51 on 2013-07-20
                        Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3063.1827 [GMT 2:00]
                        .
                        AV: Norman Security Suite *Disabled/Updated* {D038CA80-26F3-90BF-94AA-03C4D945E661}
                        SP: Norman Security Suite *Disabled/Updated* {6B592B64-00C9-9F31-AE1A-38B6A2C2ACDC}
                        SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                        FW: Norman Security Suite *Enabled* {E8034BA5-6C9C-91E7-BFF5-AAF12796A11A}
                        .
                        ============== Running Processes ================
                        .
                        C:\Windows\system32\wininit.exe
                        C:\Windows\system32\lsm.exe
                        C:\Program Files\Norman\Npm\Bin\elogsvc.exe
                        C:\Program Files\Norman\Ngs\Bin\Nnf.exe
                        C:\Program Files\Norman\Ngs\Bin\Nprosec.exe
                        C:\Windows\system32\atiesrxx.exe
                        C:\Program Files\Norman\Npm\Bin\Zanda.exe
                        C:\Program Files\Norman\npm\bin\nvoy.exe
                        C:\Windows\system32\atieclxx.exe
                        C:\Windows\System32\spoolsv.exe
                        C:\Windows\system32\Dwm.exe
                        C:\Windows\Explorer.EXE
                        C:\Windows\system32\taskhost.exe
                        C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
                        C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
                        C:\Prey\platform\windows\cronsvc.exe
                        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
                        C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
                        C:\Program Files\Norman\Npt\Bin\Npsvc32.exe
                        C:\Program Files\Norman\Nse\Bin\NSESVC.EXE
                        c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
                        C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
                        C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
                        C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
                        C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
                        C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
                        C:\Program Files\Norman\Npm\Bin\zlh.exe
                        C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
                        C:\Program Files\AirPort\APAgent.exe
                        C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
                        C:\Program Files\iTunes\iTunesHelper.exe
                        C:\Program Files\Common Files\Java\Java Update\jusched.exe
                        C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
                        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                        C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
                        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                        C:\Program Files\Norman\Nvc\bin\nhs.exe
                        C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
                        C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
                        C:\Program Files\Samsung\Kies\Kies.exe
                        C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
                        C:\Program Files\iPod\bin\iPodService.exe
                        C:\Windows\System32\WUDFHost.exe
                        C:\Program Files\Norman\Npm\Bin\scheduler.exe
                        C:\Program Files\Norman\Npm\Bin\Njeeves.exe
                        C:\Program Files\Norman\nig\bin\nigsvc32.exe
                        C:\Program Files\Norman\nig\bin\niguser.exe
                        C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
                        C:\Program Files\Windows Media Player\wmpnetwk.exe
                        C:\Program Files\Norman\npf\bin\npfsvc32.exe
                        C:\Program Files\Norman\Nvc\Bin\nvcoas.exe
                        C:\Program Files\Norman\Nvc\Bin\cclaw.exe
                        C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
                        C:\Program Files\Nero\Update\NASvc.exe
                        C:\Program Files\Internet Explorer\iexplore.exe
                        C:\Program Files\Internet Explorer\iexplore.exe
                        C:\Windows\system32\wbem\wmiprvse.exe
                        C:\Program Files\Internet Explorer\iexplore.exe
                        C:\Windows\system32\conhost.exe
                        C:\Windows\system32\svchost.exe -k DcomLaunch
                        C:\Windows\system32\svchost.exe -k RPCSS
                        C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                        C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                        C:\Windows\system32\svchost.exe -k LocalService
                        C:\Windows\system32\svchost.exe -k netsvcs
                        C:\Windows\system32\svchost.exe -k NetworkService
                        C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                        C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                        C:\Windows\system32\svchost.exe -k imgsvc
                        C:\Windows\System32\svchost.exe -k secsvcs
                        C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
                        C:\Windows\System32\svchost.exe -k LocalServicePeerNet
                        C:\Windows\system32\svchost.exe -k SDRSVC
                        .
                        ============== Pseudo HJT Report ===============
                        .
                        uStart Page = hxxp://www.startpagina.nl/
                        uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
                        BHO: URL Blocker: {00e71626-0bef-11dc-8314-0800200c9a66} - c:\program files\norman\nig\bin\nigbho.dll
                        BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
                        BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
                        BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
                        BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
                        BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
                        BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
                        TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
                        uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
                        uRun: [NETGEARGenie] "c:\program files\netgear genie\bin\NETGEARGenie.exe" -mini -redirect
                        uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
                        uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
                        uRun: [RIMDeviceManager] c:\program files\common files\research in motion\rimdevicemanager\RIMDeviceManager.exe" -RunServer
                        uRun: c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
                        mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
                        mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
                        mRun: [NUSB3MON] "c:\program files\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
                        mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"
                        mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
                        mRun: [Norman ZANDA] "c:\program files\norman\npm\bin\ZLH.EXE" /LOAD /SPLASH
                        mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
                        mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
                        mRun: [AirPort Base Station Agent] "c:\program files\airport\APAgent.exe"
                        mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
                        mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
                        mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
                        mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
                        StartupFolder: c:\users\anjavi~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
                        uPolicies-Explorer: NoDrives = dword:0
                        mPolicies-Explorer: NoDrives = dword:0
                        mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
                        mPolicies-System: ConsentPromptBehaviorUser = dword:3
                        mPolicies-System: EnableUIADesktopToggle = dword:0
                        IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
                        IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
                        IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
                        IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
                        IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
                        DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
                        TCP: NameServer = 10.0.0.1
                        TCP: Interfaces\{732048A9-7E8D-428F-9AF3-D5BE1F66BC7A} : DHCPNameServer = 10.0.0.1
                        TCP: Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB} : DHCPNameServer = 10.0.0.1
                        TCP: Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB}\E45445745414251343 : DHCPNameServer = 192.168.1.1
                        Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
                        Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
                        Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
                        SSODL: WebCheck - <orphaned>
                        mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.72\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
                        .
                        ================= FIREFOX ===================
                        .
                        FF - ProfilePath - c:\users\anja vink\appdata\roaming\mozilla\firefox\profiles\c7a3kp0r.default\
                        FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/
                        .
                        ============= SERVICES / DRIVERS ===============
                        .
                        R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2013-4-30 102448]
                        R1 ALE_NF;Norman Network Filter ALE driver;c:\windows\system32\drivers\ale_nf.sys [2011-7-13 99088]
                        R1 NGS;Norman General Security Driver;c:\program files\norman\ngs\bin\ngs.sys [2012-6-11 26744]
                        R1 NPROSEC;Norman Security driver;c:\program files\norman\ngs\bin\nprosec.sys [2011-7-13 91136]
                        R1 RapportCerberus_53984;RapportCerberus_53984;c:\programdata\trusteer\rapport\store\exts\rapportcerber us\53984\RapportCerberus32_53984.sys [2013-6-23 317424]
                        R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2013-4-30 103120]
                        R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2013-4-30 174320]
                        R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-5-27 176128]
                        R2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [2012-11-29 23552]
                        R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2010-8-30 13336]
                        R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2012-7-13 769432]
                        R2 Ndiskio;Ndiskio;c:\program files\norman\nse\bin\ndiskio.sys [2011-7-13 22880]
                        R2 NHS;Norman Hash Server;c:\program files\norman\nvc\bin\nhs.exe [2013-2-12 793520]
                        R2 NNFSVC;Norman Network Filtering service;c:\program files\norman\ngs\bin\nnf.exe [2012-6-11 231216]
                        R2 Norman ZANDA;Norman ZANDA;c:\program files\norman\npm\bin\zanda.exe [2012-6-11 431320]
                        R2 NPFSvc32;Norman Personal Firewall Service;c:\program files\norman\npf\bin\npfsvc32.exe [2012-6-11 356904]
                        R2 NPROSECSVC;Norman Security service;c:\program files\norman\ngs\bin\nprosec.exe [2012-6-11 90144]
                        R2 npsvc32;Norman Privacy Service;c:\program files\norman\npt\bin\npsvc32.exe [2012-6-11 475864]
                        R2 nregsec;Norman Registry Security driver;c:\program files\norman\ngs\bin\nregsec.sys [2012-6-11 61496]
                        R2 NVOY;Norman Resource Provider;c:\program files\norman\npm\bin\nvoy.exe [2012-6-11 100936]
                        R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2013-4-30 1124632]
                        R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-10-2 3064000]
                        R3 NIG;Norman Intrusion Guard;c:\program files\norman\nig\bin\nigsvc32.exe [2012-6-11 373424]
                        R3 nsesvc;Norman Scanner Engine Service;c:\program files\norman\nse\bin\nsesvc.exe [2013-4-4 289048]
                        R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-4-27 64904]
                        R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-4-27 146568]
                        R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcv32mf.sys [2012-9-12 48376]
                        R3 nvcoas;Norman Virus Control on-access component;c:\program files\norman\nvc\bin\nvcoas.exe [2012-7-4 287312]
                        R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-8-30 267880]
                        R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2010-11-25 603240]
                        R3 Scheduler;Norman Scheduler Service;c:\program files\norman\npm\bin\scheduler.exe [2012-6-11 99312]
                        S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
                        S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:\program files\netgear genie\bin\NETGEARGenieDaemon.exe [2012-9-25 195400]
                        S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
                        S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-2-6 83864]
                        S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-4-7 39272]
                        S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
                        S3 netr73;Conceptronic RT73 stuurprogramma voor draadloze netwerken voor Vista;c:\windows\system32\drivers\netr73.sys [2009-6-10 545792]
                        S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-2-6 181784]
                        S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-3 52224]
                        S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-11-30 1343400]
                        S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
                        .
                        =============== Created Last 30 ================
                        .
                        2013-07-20 17:38:13 -------- d-sh--w- C:\$RECYCLE.BIN
                        2013-07-20 17:34:03 -------- d-----w- c:\users\anja vink\appdata\local\temp
                        2013-07-20 17:08:57 98816 ----a-w- c:\windows\sed.exe
                        2013-07-20 17:08:57 256000 ----a-w- c:\windows\PEV.exe
                        2013-07-20 17:08:57 208896 ----a-w- c:\windows\MBR.exe
                        2013-07-20 16:07:42 -------- d-----w- c:\program files\CCleaner
                        2013-07-20 10:38:46 -------- d-----w- c:\users\anja vink\appdata\local\{93E1CFBB-2A2C-4CC5-A57B-E10CD74FF42F}
                        2013-07-20 08:28:21 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5273906f-6506-4d63-bd42-1be88ea29e7a}\offreg.dll
                        2013-07-19 21:16:58 -------- d-----w- c:\users\anja vink\appdata\local\{D4446C6F-5773-4F9F-960A-4DC5DA373D44}
                        2013-07-19 19:56:27 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
                        2013-07-19 19:56:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
                        2013-07-19 16:33:45 7143960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5273906f-6506-4d63-bd42-1be88ea29e7a}\mpengine.dll
                        2013-07-18 16:03:10 -------- d-----w- c:\users\anja vink\appdata\local\{A1FE9281-97F1-44A7-830B-38AD28BAA8D0}
                        2013-07-16 19:25:54 -------- d-----w- c:\users\anja vink\appdata\local\{A6759BA2-E827-4414-859F-2B08A164C68A}
                        2013-07-15 15:01:04 -------- d-----w- c:\users\anja vink\appdata\local\{63E2C08E-0B13-4FF5-9D10-D944EA63108D}
                        2013-07-14 08:48:41 -------- d-----w- c:\users\anja vink\appdata\local\{E9AB98DB-4AA2-48AE-AC2E-32AFFC43C5CD}
                        2013-07-13 09:23:41 -------- d-----w- c:\users\anja vink\appdata\local\{724459EB-D9F2-4142-83EE-DC606E04631B}
                        2013-07-12 21:23:16 -------- d-----w- c:\users\anja vink\appdata\local\{B82DA318-CEF7-4083-A466-BD29DEFD7DDA}
                        2013-07-12 09:22:50 -------- d-----w- c:\users\anja vink\appdata\local\{53BDA561-B884-46AE-BFC8-6D30F97A3B45}
                        2013-07-11 20:54:23 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL
                        2013-07-11 20:54:23 1247744 ----a-w- c:\windows\system32\DWrite.dll
                        2013-07-11 20:54:22 509440 ----a-w- c:\windows\system32\qedit.dll
                        2013-07-11 20:54:22 2347520 ----a-w- c:\windows\system32\win32k.sys
                        2013-07-11 20:54:17 988672 ----a-w- c:\program files\windows journal\JNTFiltr.dll
                        2013-07-11 20:54:17 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
                        2013-07-11 20:54:17 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
                        2013-07-11 20:54:17 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
                        2013-07-11 20:54:06 680960 ----a-w- c:\program files\windows defender\MpSvc.dll
                        2013-07-11 20:54:06 392704 ----a-w- c:\program files\windows defender\MpClient.dll
                        2013-07-11 20:54:06 224768 ----a-w- c:\program files\windows defender\MpCommu.dll
                        2013-07-11 20:27:22 -------- d-----w- c:\users\anja vink\appdata\local\Albelli Fotoboeken
                        2013-07-11 16:38:40 -------- d-----w- c:\users\anja vink\appdata\local\{6713C70F-DB2D-4185-B812-F97C67E901E0}
                        2013-07-09 15:15:39 -------- d-----w- c:\users\anja vink\appdata\local\{9957322D-9019-41A1-AE30-42B1AA218808}
                        2013-07-08 15:20:43 -------- d-----w- c:\users\anja vink\appdata\local\{AFEB214F-8994-4396-8425-2BF691CB5159}
                        2013-07-06 20:18:12 -------- d-----w- c:\users\anja vink\appdata\local\{4FD3069C-D99A-4D59-BB25-97B53B220B94}
                        2013-07-06 08:18:00 -------- d-----w- c:\users\anja vink\appdata\local\{4FD4B799-06EC-4D91-AD75-A69BEE5516E3}
                        2013-07-05 19:55:42 -------- d-----w- c:\users\anja vink\appdata\local\{A6763541-636D-4F53-9ED0-E3F3C4595A9F}
                        2013-07-04 14:15:28 -------- d-----w- c:\users\anja vink\appdata\local\{EADE6411-F02C-4EDD-A272-EA2FA1540C08}
                        2013-07-03 20:32:35 -------- d-----w- c:\users\anja vink\appdata\local\{5AAC1763-A63C-408F-9099-D5BD99B15B5F}
                        2013-07-02 18:57:16 -------- d-----w- c:\users\anja vink\appdata\local\{7F2073AB-3A63-41E2-BB16-F938B451476D}
                        2013-07-01 21:21:01 -------- d-----w- c:\program files\Medieval Software
                        2013-07-01 16:05:17 -------- d-----w- c:\users\anja vink\appdata\local\{6F3A763F-2BDD-4380-94AC-3699AD989703}
                        2013-06-30 14:14:52 -------- d-----w- c:\users\anja vink\appdata\local\{B39BD3F8-99AE-4BCD-AE12-953D1816ED6A}
                        2013-06-28 17:15:54 -------- d-----w- c:\users\anja vink\appdata\local\{957EFF73-53E2-43EB-8EB2-A4481FCDA178}
                        2013-06-27 11:41:09 -------- d-----w- c:\users\anja vink\appdata\local\{17073FD1-85E5-46F2-BD24-A2DE22D65184}
                        2013-06-26 15:08:43 -------- d-----w- c:\users\anja vink\appdata\local\{B0001EBA-7F66-4AD9-9840-379255038D6D}
                        2013-06-25 17:36:51 -------- d-----w- c:\users\anja vink\appdata\local\{5973E422-F0E4-47D7-8F44-9185EDE75C12}
                        2013-06-24 16:16:35 -------- d-----w- c:\users\anja vink\appdata\local\{83F0A825-772B-4B82-A2EE-4EC5FD4EA0DB}
                        2013-06-23 09:15:31 -------- d-----w- c:\users\anja vink\appdata\local\{896C4A2A-3B4D-49DC-9A31-41AA1273029C}
                        2013-06-22 21:25:10 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
                        2013-06-22 21:24:35 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
                        2013-06-22 11:39:28 -------- d-----w- c:\users\anja vink\appdata\local\{7A806967-3714-4A65-B94C-F5C09EBA8F87}
                        2013-06-21 23:39:03 -------- d-----w- c:\users\anja vink\appdata\local\{91B63B02-4AC1-46B5-AE2C-0771EA48470A}
                        2013-06-21 11:38:37 -------- d-----w- c:\users\anja vink\appdata\local\{AF24434B-E3EF-4C74-BA40-FD9B0FB399DF}
                        .
                        ==================== Find3M ====================
                        .
                        2013-07-20 19:30:51 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
                        2013-06-22 21:24:29 789416 ----a-w- c:\windows\system32\deployJava1.dll
                        2013-06-12 17:38:41 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
                        2013-06-12 17:38:41 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
                        2013-06-11 23:43:37 1767936 ----a-w- c:\windows\system32\wininet.dll
                        2013-06-11 23:43:00 2877440 ----a-w- c:\windows\system32\jscript9.dll
                        2013-06-11 23:42:58 61440 ----a-w- c:\windows\system32\iesetup.dll
                        2013-06-11 23:42:58 109056 ----a-w- c:\windows\system32\iesysprep.dll
                        2013-06-11 22:51:45 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
                        2013-06-07 02:37:52 2706432 ----a-w- c:\windows\system32\mshtml.tlb
                        2013-05-13 04:45:55 140288 ----a-w- c:\windows\system32\cryptsvc.dll
                        2013-05-13 04:45:55 1160192 ----a-w- c:\windows\system32\crypt32.dll
                        2013-05-13 04:45:55 103936 ----a-w- c:\windows\system32\cryptnet.dll
                        2013-05-13 03:08:10 903168 ----a-w- c:\windows\system32\certutil.exe
                        2013-05-13 03:08:06 43008 ----a-w- c:\windows\system32\certenc.dll
                        2013-05-10 03:20:54 24576 ----a-w- c:\windows\system32\cryptdlg.dll
                        2013-05-08 05:38:00 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
                        2013-05-06 05:06:47 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe
                        2013-05-06 05:06:47 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe
                        2013-05-02 00:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe
                        2013-05-01 01:59:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
                        2013-05-01 01:59:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
                        2013-04-29 23:28:50 102448 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
                        2013-04-26 04:55:21 492544 ----a-w- c:\windows\system32\win32spl.dll
                        2013-04-25 23:30:32 1505280 ----a-w- c:\windows\system32\d3d11.dll
                        .
                        ============= FINISH: 21:47:33,13 ===============

                        Comment


                        • #13
                          Dat was een flinke opkuis

                          Hoe gaat het nu?
                          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                          Comment


                          • #14
                            Het ratelen doet hij nog steeds, echter het scherm is 10x sneller geworden. Ook het inladen van een site gaat snel en meerdere schermen is nu mogelijk.
                            Ik ben erg blij.
                            Zit alleen met een (domme) vraag hoe kan die rotzooi er allemaal opkomen?
                            norman virusscanner , schijfopruiming elke week en defragmenteren ook elke week.
                            Ook 3x per week malwarebytes met update.
                            Maar al met al het werkt weer als een speer.
                            Ik denk dat ik elke maand deze handelingen opnieuw uitvoert zonder op het bord te plaatsen.
                            Ik bedank iedereen die heeft geholpen.

                            Comment


                            • #15
                              super en nogmaals bedankt.

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X