Mededeling

**Emphyrio** · 19-07-13, 05:23

Hoi hanswil ,

Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
.

Log enkel in als beheerder met alle rechten.
Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
Volg aandachtig de instructies die door mij worden gegeven.
Volg enkel het door mij gegeven advies op
Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
Als je iets niet weet of verstaat, vraag het dan even aub.
Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
Zet je emoticons (Smileys) uit als je logs plaatst aub .
De logs niet als bijlage, noch tussen codetags zetten aub.

.
Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

Stap 1:

Malware scannen en verwijderen....

Download MalwareBytes' Anti-Malware naar je bureaublad vanuit één van de volgende links:

Dubbelklik op mbam-setup.exe om het programma te installeren.

Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

Zorg dat er na de installatie een vinkje is geplaatst bij:

Update MalwareBytes' Anti-Malware
Start MalwareBytes' Anti-Malware
Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

Zodra het programma gestart is, ga je naar het tabblad "Instellingen".

Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
Ga naar het tabblad "Updates" en Update MBAM.
Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
Druk vervolgens op "Scannen" om de scan te starten.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

Indien MBAM vraagt om een herstart, doe dit dan ook.
Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
In dat geval post je dus de twee logs.

De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Bij problemen!!!

___________________________________________________________

Stap 2:

Controle op slechte toolbars...

Opmerking:Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
Beveiligingssoftware uitschakelen.

Download AdwCleaner by Xplode naar je Bureaublad.

Sluit alle openstaande vensters
Start AdwCleaner en klik op Verwijderen
Klik bij AdwCleaner – Information op OK
Klik bij AdwCleaner – Restart Required op OK

Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner[xx].txt post de inhoud hier op het Forum.

Vergeet niet om je "smileys" uit te schakelen.

Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com

___________________________________________________________

Stap 3:

Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:

DDS is een diagnosetool en maakt gebruik van scripts.
Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.

Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
Beide logfiles sla je op je bureaublad.

Post de inhoud van DDS.txt.

De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.

___________________________________________________________

Stap 4:

Controle op updates...

Download Security Check op je bureaublad via hier of hier

Start Security Check
Volg de Instructies in het scherm
Aan het eind verschijnt een log ( checkup.txt )
Plaats de inhoud ervan in je volgende antwoord.

In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
.

MBAM
AdwCleaner
DDS
checkup.txt

.
Deze logs NIET als bijlage of tussen codetags posten aub.
(Desnoods in meerdere postingen.)

Emphyrio

**hanswil** · 20-07-13, 15:01

Malwarebytes Anti-Malware 1.75.0.1300

Malwarebytes Cyber Security for Home & Business | Anti-Malware

https://www.malwarebytes.org

Protect your home and business PCs, Macs, iOS and Android devices from malware, viruses & cyber threats with Malwarebytes cyber security solutions.

Databaseversie: v2013.07.19.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16635
anja vink :: ANJAVINK-PC [administrator]

19-7-2013 22:01:59
mbam-log-2013-07-19 (22-01-59).txt

Scan type: Volledige scan (C:\|D:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 1054723
Verstreken tijd: 11 uur/uren, 46 minuut/minuten, 54 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 1
C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

**hanswil** · 20-07-13, 15:02

Malwarebytes Anti-Malware 1.75.0.1300

Malwarebytes Cyber Security for Home & Business | Anti-Malware

https://www.malwarebytes.org

Protect your home and business PCs, Macs, iOS and Android devices from malware, viruses & cyber threats with Malwarebytes cyber security solutions.

Databaseversie: v2013.07.20.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16635
anja vink :: ANJAVINK-PC [administrator]

20-7-2013 10:49:29
mbam-log-2013-07-20 (10-49-29).txt

Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 242151
Verstreken tijd: 23 minuut/minuten, 4 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

(einde)

**hanswil** · 20-07-13, 15:03

# AdwCleaner v2.306 - Verslag gemaakt op 20/07/2013 om 11:29:15
# Geactualiseerd op 19/07/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Gebruiker : anja vink - ANJAVINK-PC
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\anja vink\Desktop\adwcleaner.exe
# Optie [Zoeken]

***** [Diensten] *****

Aanwezig : Bandoo Coordinator

***** [Files / Mappen] *****

File Aanwezig : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
Map Aanwezig : C:\Program Files\Bandoo
Map Aanwezig : C:\Program Files\BrowserCompanion
Map Aanwezig : C:\Program Files\Conduit
Map Aanwezig : C:\Program Files\ConduitEngine
Map Aanwezig : C:\Program Files\Linkury
Map Aanwezig : C:\ProgramData\Bandoo
Map Aanwezig : C:\ProgramData\Linkury
Map Aanwezig : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo
Map Aanwezig : C:\ProgramData\Partner
Map Aanwezig : C:\Users\anja vink\AppData\Local\Conduit
Map Aanwezig : C:\Users\anja vink\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp
Map Aanwezig : C:\Users\anja vink\AppData\LocalLow\Bandoo
Map Aanwezig : C:\Users\anja vink\AppData\LocalLow\Conduit
Map Aanwezig : C:\Users\anja vink\AppData\LocalLow\ConduitEngine
Map Aanwezig : C:\Users\anja vink\AppData\LocalLow\PriceGong
Map Aanwezig : C:\Users\anja vink\AppData\Roaming\Bandoo
Map Aanwezig : C:\Users\anja vink\AppData\Roaming\Mozilla\Firefox\Profiles\c7a3kp0r.default\extensions\[email protected]

***** [Register] *****

Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\Conduit
Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\conduitEngine
Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\conduitEngine
Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\Elf_1.13
Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\PriceGong
Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\SmartBar
Sleutel Aanwezig : HKCU\Software\AppDataLow\Toolbar
Sleutel Aanwezig : HKCU\Software\Blabbers
Sleutel Aanwezig : HKCU\Software\BrowserCompanion
Sleutel Aanwezig : HKCU\Software\Conduit
Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Sleutel Aanwezig : HKCU\Software\Softonic
Sleutel Aanwezig : HKLM\Software\Bandoo
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\BandooCoordinator.EXE
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\FlashAnimator.DLL
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Conduit.Engine
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\LinkurySmartBar.BHO
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Toolbar.CT2857572
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Sleutel Aanwezig : HKLM\Software\Conduit
Sleutel Aanwezig : HKLM\Software\conduitEngine
Sleutel Aanwezig : HKLM\Software\conduitEngine
Sleutel Aanwezig : HKLM\Software\Elf_1.13
Sleutel Aanwezig : HKLM\SOFTWARE\Google\Chrome\Extensions\dloejdefkancmfajekobpfoacecnhpgp
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56D7B0EC-ED0F-4A80-8750-433A834F4362}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B80F591E-FE9A-46CF-A13E-180377240586}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Sleutel Aanwezig : HKU\S-1-5-21-4092382292-2273649253-153701524-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Sleutel Aanwezig : HKU\S-1-5-21-4092382292-2273649253-153701524-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B80F591E-FE9A-46CF-A13E-180377240586}]
Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B80F591E-FE9A-46CF-A13E-180377240586}]

***** [Browsers] *****

-\\ Internet Explorer v10.0.9200.16635

[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}

-\\ Mozilla Firefox v19.0.2 (nl)

File : C:\Users\anja vink\AppData\Roaming\Mozilla\Firefox\Profiles\c7a3kp0r.default\prefs.js

[OK] De file bevat geen enkele ongeoorloofde invoer.

-\\ Google Chrome v28.0.1500.72

File : C:\Users\anja vink\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[R1].txt - [15314 octets] - [20/07/2013 11:29:15]

########## EOF - C:\AdwCleaner[R1].txt - [15375 octets] ##########

**hanswil** · 20-07-13, 15:03

# AdwCleaner v2.306 - Verslag gemaakt op 20/07/2013 om 11:32:09
# Geactualiseerd op 19/07/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Gebruiker : anja vink - ANJAVINK-PC
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\anja vink\Desktop\adwcleaner.exe
# Optie [Verwijderen]

***** [Diensten] *****

Gestopt & Verwijdert : Bandoo Coordinator

***** [Files / Mappen] *****

File Verwijderd : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
Map Verwijderd : C:\Program Files\Bandoo
Map Verwijderd : C:\Program Files\BrowserCompanion
Map Verwijderd : C:\Program Files\Conduit
Map Verwijderd : C:\Program Files\ConduitEngine
Map Verwijderd : C:\Program Files\Linkury
Map Verwijderd : C:\ProgramData\Bandoo
Map Verwijderd : C:\ProgramData\Linkury
Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo
Map Verwijderd : C:\ProgramData\Partner
Map Verwijderd : C:\Users\anja vink\AppData\Local\Conduit
Map Verwijderd : C:\Users\anja vink\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp
Map Verwijderd : C:\Users\anja vink\AppData\LocalLow\Bandoo
Map Verwijderd : C:\Users\anja vink\AppData\LocalLow\Conduit
Map Verwijderd : C:\Users\anja vink\AppData\LocalLow\ConduitEngine
Map Verwijderd : C:\Users\anja vink\AppData\LocalLow\PriceGong
Map Verwijderd : C:\Users\anja vink\AppData\Roaming\Bandoo
Map Verwijderd : C:\Users\anja vink\AppData\Roaming\Mozilla\Firefox\Profiles\c7a3kp0r.default\extensions\[email protected]

***** [Register] *****

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\conduitEngine
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Elf_1.13
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\PriceGong
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar
Sleutel Verwijderd : HKCU\Software\AppDataLow\Toolbar
Sleutel Verwijderd : HKCU\Software\Blabbers
Sleutel Verwijderd : HKCU\Software\BrowserCompanion
Sleutel Verwijderd : HKCU\Software\Conduit
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Sleutel Verwijderd : HKCU\Software\Softonic
Sleutel Verwijderd : HKLM\Software\Bandoo
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\BandooCoordinator.EXE
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\FlashAnimator.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Conduit.Engine
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\LinkurySmartBar.BHO
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2857572
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Sleutel Verwijderd : HKLM\Software\Conduit
Sleutel Verwijderd : HKLM\Software\conduitEngine
Sleutel Verwijderd : HKLM\Software\Elf_1.13
Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\dloejdefkancmfajekobpfoacecnhpgp
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56D7B0EC-ED0F-4A80-8750-433A834F4362}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B80F591E-FE9A-46CF-A13E-180377240586}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B80F591E-FE9A-46CF-A13E-180377240586}]
Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B80F591E-FE9A-46CF-A13E-180377240586}]

***** [Browsers] *****

-\\ Internet Explorer v10.0.9200.16635

Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms} --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0.2 (nl)

File : C:\Users\anja vink\AppData\Roaming\Mozilla\Firefox\Profiles\c7a3kp0r.default\prefs.js

[OK] De file bevat geen enkele ongeoorloofde invoer.

-\\ Google Chrome v28.0.1500.72

File : C:\Users\anja vink\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[R1].txt - [15445 octets] - [20/07/2013 11:29:15]
AdwCleaner[R2].txt - [15506 octets] - [20/07/2013 11:31:22]
AdwCleaner[S1].txt - [14585 octets] - [20/07/2013 11:32:09]

########## EOF - C:\AdwCleaner[S1].txt - [14646 octets] ##########

**hanswil** · 20-07-13, 15:05

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
Run by anja vink at 11:39:46 on 2013-07-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3063.1478 [GMT 2:00]
.
AV: Norman Security Suite *Disabled/Updated* {D038CA80-26F3-90BF-94AA-03C4D945E661}
SP: Norman Security Suite *Disabled/Updated* {6B592B64-00C9-9F31-AE1A-38B6A2C2ACDC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norman Security Suite *Enabled* {E8034BA5-6C9C-91E7-BFF5-AAF12796A11A}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Norman\Npm\Bin\elogsvc.exe
C:\Program Files\Norman\Ngs\Bin\Nnf.exe
C:\Program Files\Norman\Ngs\Bin\Nprosec.exe
C:\Windows\system32\atiesrxx.exe
C:\Program Files\Norman\Npm\Bin\Zanda.exe
C:\Program Files\Norman\npm\bin\nvoy.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Prey\platform\windows\cronsvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
C:\Program Files\Norman\Npt\Bin\Npsvc32.exe
C:\Program Files\Norman\Nse\Bin\NSESVC.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Norman\Npm\Bin\zlh.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\AirPort\APAgent.exe
C:\Program Files\Norman\Nvc\bin\nhs.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Norman\Npm\Bin\scheduler.exe
C:\Program Files\Norman\Npm\Bin\Njeeves.exe
C:\Program Files\Norman\nig\bin\nigsvc32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Norman\nig\bin\niguser.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
C:\Program Files\Norman\Nvc\Bin\nvcoas.exe
C:\Program Files\Norman\npf\bin\npfsvc32.exe
C:\Program Files\Norman\Nvc\Bin\cclaw.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Prey\platform\windows\bin\bash.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.startpagina.nl/
uSearch Bar = hxxp://www.bing.com/search?q={searchTerms}
uSearch Page = hxxp://www.bing.com/search?q={searchTerms}
uDefault_Page_URL = hxxp://www.aldi.com
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
BHO: URL Blocker: {00e71626-0bef-11dc-8314-0800200c9a66} - c:\program files\norman\nig\bin\nigbho.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [Java(TM) Platform SEHKCU] c:\users\anja vink\appdata\roaming\system32\taskmgr.exe
uRun: [NETGEARGenie] "c:\program files\netgear genie\bin\NETGEARGenie.exe" -mini -redirect
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
uRun:

c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [RIMDeviceManager] c:\program files\common files\research in motion\rimdevicemanager\RIMDeviceManager.exe" -RunServer
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [NUSB3MON] "c:\program files\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [Norman ZANDA] "c:\program files\norman\npm\bin\ZLH.EXE" /LOAD /SPLASH
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [AirPort Base Station Agent] "c:\program files\airport\APAgent.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\users\anjavi~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\users\anjavi~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{732048A9-7E8D-428F-9AF3-D5BE1F66BC7A} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB}\E45445745414251343 : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~1\bandoo\bndhook.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.72\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\anja vink\appdata\roaming\mozilla\firefox\profiles\c7a3kp0r.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\nero\browserplugin\npBrowserPlugin.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
.
============= SERVICES / DRIVERS ===============
.
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2013-4-30 102448]
R1 ALE_NF;Norman Network Filter ALE driver;c:\windows\system32\drivers\ale_nf.sys [2011-7-13 99088]
R1 NGS;Norman General Security Driver;c:\program files\norman\ngs\bin\ngs.sys [2012-6-11 26744]
R1 NPROSEC;Norman Security driver;c:\program files\norman\ngs\bin\nprosec.sys [2011-7-13 91136]
R1 RapportCerberus_53984;RapportCerberus_53984;c:\programdata\trusteer\rapport\store\exts\rapportcerber us\53984\RapportCerberus32_53984.sys [2013-6-23 317424]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2013-4-30 103120]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2013-4-30 174320]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-5-27 176128]
R2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [2012-11-29 23552]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2010-8-30 13336]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2012-7-13 769432]
R2 Ndiskio;Ndiskio;c:\program files\norman\nse\bin\ndiskio.sys [2011-7-13 22880]
R2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:\program files\netgear genie\bin\NETGEARGenieDaemon.exe [2012-9-25 195400]
R2 NHS;Norman Hash Server;c:\program files\norman\nvc\bin\nhs.exe [2013-2-12 793520]
R2 NNFSVC;Norman Network Filtering service;c:\program files\norman\ngs\bin\nnf.exe [2012-6-11 231216]
R2 Norman ZANDA;Norman ZANDA;c:\program files\norman\npm\bin\zanda.exe [2012-6-11 431320]
R2 NPFSvc32;Norman Personal Firewall Service;c:\program files\norman\npf\bin\npfsvc32.exe [2012-6-11 356904]
R2 NPROSECSVC;Norman Security service;c:\program files\norman\ngs\bin\nprosec.exe [2012-6-11 90144]
R2 npsvc32;Norman Privacy Service;c:\program files\norman\npt\bin\npsvc32.exe [2012-6-11 475864]
R2 nregsec;Norman Registry Security driver;c:\program files\norman\ngs\bin\nregsec.sys [2012-6-11 61496]
R2 NVOY;Norman Resource Provider;c:\program files\norman\npm\bin\nvoy.exe [2012-6-11 100936]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2013-4-30 1124632]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-10-2 3064000]
R3 NIG;Norman Intrusion Guard;c:\program files\norman\nig\bin\nigsvc32.exe [2012-6-11 373424]
R3 nsesvc;Norman Scanner Engine Service;c:\program files\norman\nse\bin\nsesvc.exe [2013-4-4 289048]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-4-27 64904]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-4-27 146568]
R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcv32mf.sys [2012-9-12 48376]
R3 nvcoas;Norman Virus Control on-access component;c:\program files\norman\nvc\bin\nvcoas.exe [2012-7-4 287312]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-8-30 267880]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2010-11-25 603240]
R3 Scheduler;Norman Scheduler Service;c:\program files\norman\npm\bin\scheduler.exe [2012-6-11 99312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-2-6 83864]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-4-7 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 netr73;Conceptronic RT73 stuurprogramma voor draadloze netwerken voor Vista;c:\windows\system32\drivers\netr73.sys [2009-6-10 545792]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-2-6 181784]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-3 52224]
S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-11-30 1343400]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
.
=============== Created Last 30 ================
.
2013-07-20 08:28:21 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5273906f-6506-4d63-bd42-1be88ea29e7a}\offreg.dll
2013-07-19 21:16:58 -------- d-----w- c:\users\anja vink\appdata\local\{D4446C6F-5773-4F9F-960A-4DC5DA373D44}
2013-07-19 19:56:27 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-19 19:56:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-07-19 16:33:45 7143960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5273906f-6506-4d63-bd42-1be88ea29e7a}\mpengine.dll
2013-07-18 16:03:10 -------- d-----w- c:\users\anja vink\appdata\local\{A1FE9281-97F1-44A7-830B-38AD28BAA8D0}
2013-07-16 19:25:54 -------- d-----w- c:\users\anja vink\appdata\local\{A6759BA2-E827-4414-859F-2B08A164C68A}
2013-07-15 15:01:04 -------- d-----w- c:\users\anja vink\appdata\local\{63E2C08E-0B13-4FF5-9D10-D944EA63108D}
2013-07-14 08:48:41 -------- d-----w- c:\users\anja vink\appdata\local\{E9AB98DB-4AA2-48AE-AC2E-32AFFC43C5CD}
2013-07-13 09:23:41 -------- d-----w- c:\users\anja vink\appdata\local\{724459EB-D9F2-4142-83EE-DC606E04631B}
2013-07-12 21:23:16 -------- d-----w- c:\users\anja vink\appdata\local\{B82DA318-CEF7-4083-A466-BD29DEFD7DDA}
2013-07-12 09:22:50 -------- d-----w- c:\users\anja vink\appdata\local\{53BDA561-B884-46AE-BFC8-6D30F97A3B45}
2013-07-11 20:54:23 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-11 20:54:23 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-07-11 20:54:22 509440 ----a-w- c:\windows\system32\qedit.dll
2013-07-11 20:54:22 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-07-11 20:54:17 988672 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2013-07-11 20:54:17 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
2013-07-11 20:54:17 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2013-07-11 20:54:17 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
2013-07-11 20:54:06 680960 ----a-w- c:\program files\windows defender\MpSvc.dll
2013-07-11 20:54:06 392704 ----a-w- c:\program files\windows defender\MpClient.dll
2013-07-11 20:54:06 224768 ----a-w- c:\program files\windows defender\MpCommu.dll
2013-07-11 20:27:22 -------- d-----w- c:\users\anja vink\appdata\local\Albelli Fotoboeken
2013-07-11 16:38:40 -------- d-----w- c:\users\anja vink\appdata\local\{6713C70F-DB2D-4185-B812-F97C67E901E0}
2013-07-09 15:15:39 -------- d-----w- c:\users\anja vink\appdata\local\{9957322D-9019-41A1-AE30-42B1AA218808}
2013-07-08 15:20:43 -------- d-----w- c:\users\anja vink\appdata\local\{AFEB214F-8994-4396-8425-2BF691CB5159}
2013-07-06 20:18:12 -------- d-----w- c:\users\anja vink\appdata\local\{4FD3069C-D99A-4D59-BB25-97B53B220B94}
2013-07-06 08:18:00 -------- d-----w- c:\users\anja vink\appdata\local\{4FD4B799-06EC-4D91-AD75-A69BEE5516E3}
2013-07-05 19:55:42 -------- d-----w- c:\users\anja vink\appdata\local\{A6763541-636D-4F53-9ED0-E3F3C4595A9F}
2013-07-04 14:15:28 -------- d-----w- c:\users\anja vink\appdata\local\{EADE6411-F02C-4EDD-A272-EA2FA1540C08}
2013-07-03 20:32:35 -------- d-----w- c:\users\anja vink\appdata\local\{5AAC1763-A63C-408F-9099-D5BD99B15B5F}
2013-07-02 18:57:16 -------- d-----w- c:\users\anja vink\appdata\local\{7F2073AB-3A63-41E2-BB16-F938B451476D}
2013-07-01 21:21:01 -------- d-----w- c:\program files\Medieval Software
2013-07-01 16:05:17 -------- d-----w- c:\users\anja vink\appdata\local\{6F3A763F-2BDD-4380-94AC-3699AD989703}
2013-06-30 14:14:52 -------- d-----w- c:\users\anja vink\appdata\local\{B39BD3F8-99AE-4BCD-AE12-953D1816ED6A}
2013-06-28 17:15:54 -------- d-----w- c:\users\anja vink\appdata\local\{957EFF73-53E2-43EB-8EB2-A4481FCDA178}
2013-06-27 11:41:09 -------- d-----w- c:\users\anja vink\appdata\local\{17073FD1-85E5-46F2-BD24-A2DE22D65184}
2013-06-26 15:08:43 -------- d-----w- c:\users\anja vink\appdata\local\{B0001EBA-7F66-4AD9-9840-379255038D6D}
2013-06-25 17:36:51 -------- d-----w- c:\users\anja vink\appdata\local\{5973E422-F0E4-47D7-8F44-9185EDE75C12}
2013-06-24 16:16:35 -------- d-----w- c:\users\anja vink\appdata\local\{83F0A825-772B-4B82-A2EE-4EC5FD4EA0DB}
2013-06-23 09:15:31 -------- d-----w- c:\users\anja vink\appdata\local\{896C4A2A-3B4D-49DC-9A31-41AA1273029C}
2013-06-22 21:25:10 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-22 21:24:35 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-22 11:39:28 -------- d-----w- c:\users\anja vink\appdata\local\{7A806967-3714-4A65-B94C-F5C09EBA8F87}
2013-06-21 23:39:03 -------- d-----w- c:\users\anja vink\appdata\local\{91B63B02-4AC1-46B5-AE2C-0771EA48470A}
2013-06-21 11:38:37 -------- d-----w- c:\users\anja vink\appdata\local\{AF24434B-E3EF-4C74-BA40-FD9B0FB399DF}
2013-06-20 16:29:01 -------- d-----w- c:\users\anja vink\appdata\local\{B96D464B-35CD-4F1D-917D-DE746B82BFCB}
.
==================== Find3M ====================
.
2013-07-20 09:39:58 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
2013-06-22 21:24:29 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-12 17:38:41 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-12 17:38:41 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-11 23:43:37 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- c:\windows\system32\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-06-07 02:37:52 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-13 04:45:55 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 03:08:10 903168 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- c:\windows\system32\certenc.dll
2013-05-10 03:20:54 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-08 05:38:00 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-06 05:06:47 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-06 05:06:47 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-02 00:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-05-01 01:59:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2013-05-01 01:59:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
2013-04-29 23:28:50 102448 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2013-04-26 04:55:21 492544 ----a-w- c:\windows\system32\win32spl.dll
2013-04-25 23:30:32 1505280 ----a-w- c:\windows\system32\d3d11.dll
.
============= FINISH: 12:15:59,28 ===============

**hanswil** · 20-07-13, 15:06

Results of screen317's Security Check version 0.99.70
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Norman Security Suite
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java(TM) 6 Update 21
Java 7 Update 25
Adobe Flash Player 11.7.700.224
Adobe Reader 9 Adobe Reader out of Date!
Adobe Reader 10.1.6 Adobe Reader out of Date!
Mozilla Firefox 19.0.2 Firefox out of Date!
Google Chrome 28.0.1500.71
Google Chrome 28.0.1500.72
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

**Emphyrio** · 20-07-13, 16:11

Verwijder volgende via programa's en onderdelen:

Java(TM) 6 Update 21
Adobe Reader 9
Adobe Reader 10.1.6

Update je firefox.

Download of Update Ccleaner

Start CCleaner op.

Run Ccleaner en klik in de linkse kolom op Opties
Selecteer het tabblad Geavanceerd
Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
Haal het vinkje weg voor Verwijder alleen bestanden in de Prullenbak die ouder zijn dan 24 uur
Selecteer het tabblad Instellingen
Haal het vinkje weg bij "Computer automatisch schoonmaken...."
Klik in de linkse kolom op Cleaner.
Klik dan achtereenvolgens op Analyseer en Schoonmaken.
Klik vervolgens in de linkse kolom op Register
Klik op Scan naar problemen.
Als er fouten gevonden worden klik je op Herstel geselecteerde problemen en OK

.

Als je dat alles hebt gedaan doe je het volgende:

Download Combofix en plaats het op je bureaublad.

Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

Als Combofix vraagt om een update, dan staat je dit toe.

Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
Deze kan je vinden als C:\combofix.txt.

Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

Emphyrio

**hanswil** · 20-07-13, 19:25

ComboFix 13-07-20.03 - anja vink 20-07-2013 19:10:43.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3063.1882 [GMT 2:00]
Gestart vanuit: c:\users\anja vink\Desktop\ComboFix.exe
AV: Norman Security Suite *Disabled/Updated* {D038CA80-26F3-90BF-94AA-03C4D945E661}
FW: Norman Security Suite *Enabled* {E8034BA5-6C9C-91E7-BFF5-AAF12796A11A}
SP: Norman Security Suite *Disabled/Updated* {6B592B64-00C9-9F31-AE1A-38B6A2C2ACDC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\2157eaaa-5153-4869-a1c8-b1423a6a8ed6
c:\programdata\windows
c:\users\anja vink\AppData\Local\patchYDG.exe
c:\users\anja vink\AppData\Roaming\IHelper
c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\ArtworkDB
c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\Books.plist
c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\iTunesCDB
c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\iTunesCDB.unzip
c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\MediaLibrary.sqlitedb-shm
c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\MediaLibrary.sqlitedb-wal
c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\MediaLibrary.sqlitedb
c:\users\anja vink\AppData\Roaming\IHelper\ca1ecc226e9668c0150f5b4454bf4b127e4b92ec\system\Purchases.plist
c:\users\anja vink\AppData\Roaming\system32
c:\users\anja vink\setup.exe
c:\windows\system32\Packet.dll
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
c:\windows\system32\wpcap.dll
c:\windows\unin0413.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-06-20 to 2013-07-20 ))))))))))))))))))))))))))))))
.
.
2013-07-20 16:07 . 2013-07-20 16:07 -------- d-----w- c:\program files\CCleaner
2013-07-20 08:28 . 2013-07-20 10:16 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5273906F-6506-4D63-BD42-1BE88EA29E7A}\offreg.dll
2013-07-19 19:56 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-19 19:56 . 2013-07-19 19:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-07-19 16:33 . 2013-07-02 06:54 7143960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5273906F-6506-4D63-BD42-1BE88EA29E7A}\mpengine.dll
2013-07-11 20:54 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-11 20:54 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-07-11 20:54 . 2013-06-05 03:05 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-07-11 20:54 . 2013-06-04 04:53 509440 ----a-w- c:\windows\system32\qedit.dll
2013-07-11 20:54 . 2013-04-10 05:04 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-11 20:54 . 2013-04-10 05:03 936448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 20:54 . 2013-04-10 05:03 988672 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-11 20:54 . 2013-04-10 05:03 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-11 20:54 . 2013-05-27 04:57 680960 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-07-11 20:54 . 2013-05-27 04:57 392704 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-07-11 20:54 . 2013-05-27 04:57 224768 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-07-11 20:27 . 2013-07-12 06:26 -------- d-----w- c:\users\anja vink\AppData\Local\Albelli Fotoboeken
2013-07-01 21:21 . 2013-07-01 21:21 -------- d-----w- c:\program files\Medieval Software
2013-06-22 21:25 . 2013-06-22 21:25 -------- d-----w- c:\program files\Common Files\Java
2013-06-22 21:25 . 2013-06-22 21:24 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-22 21:24 . 2013-06-22 21:24 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-20 17:39 . 2013-02-02 08:39 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
2013-06-22 21:24 . 2010-08-30 10:05 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-12 17:38 . 2012-04-05 15:07 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-12 17:38 . 2011-06-03 06:27 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-13 04:45 . 2013-06-12 09:29 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 09:29 1160192 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 04:45 . 2013-06-12 09:29 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 03:08 . 2013-06-12 09:29 903168 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 09:29 43008 ----a-w- c:\windows\system32\certenc.dll
2013-05-10 03:20 . 2013-06-12 09:29 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-09 20:10 . 2010-06-24 09:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-08 05:38 . 2013-06-12 09:29 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-06 05:06 . 2013-06-12 09:29 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-06 05:06 . 2013-06-12 09:29 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-02 00:06 . 2010-08-30 16:46 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-05-01 01:59 . 2013-05-01 01:59 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59 69632 ----a-w- c:\windows\system32\QuickTime.qts
2013-04-29 23:28 . 2013-04-29 23:28 102448 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2013-04-26 04:55 . 2013-06-12 09:29 492544 ----a-w- c:\windows\system32\win32spl.dll
2013-04-25 23:30 . 2013-06-12 09:29 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-03-07 14:30 . 2013-03-23 15:08 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2013-01-10 844144]
"NETGEARGenie"="c:\program files\NETGEAR Genie\bin\NETGEARGenie.exe" [2012-10-16 1041736]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-01-10 1475952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18708224]
"RIMDeviceManager"="c:\program files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" [2012-11-26 2226264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"Norman ZANDA"="c:\program files\Norman\Npm\Bin\ZLH.EXE" [2013-02-04 350560]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]
"AirPort Base Station Agent"="c:\program files\AirPort\APAgent.exe" [2009-11-11 771360]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-05-31 152392]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\users\anja vink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-10-05 23:52 59240 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-21 19:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
2013-04-05 10:59 59720 ----a-w- c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2013-01-10 09:02 310128 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
2010-10-29 20:06 5915480 ----a-w- c:\program files\Logitech\Vid HD\Vid.exe
.
R2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:\program files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [2012-09-25 195400]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-02-06 83864]
R3 netr73;Conceptronic RT73 stuurprogramma voor draadloze netwerken voor Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 181784]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-30 1343400]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-01-08 161536]
S0 RapportKELL;RapportKELL;c:\windows\System32\Drivers\RapportKELL.sys [2013-04-29 102448]
S1 ALE_NF;Norman Network Filter ALE driver;c:\windows\system32\drivers\ale_nf.sys [2011-12-02 99088]
S1 NGS;Norman General Security Driver;c:\program files\norman\ngs\bin\ngs.sys [2011-07-12 26744]
S1 NPROSEC;Norman Security driver;c:\program files\Norman\Ngs\Bin\nprosec.sys [2011-11-11 91136]
S1 RapportCerberus_53984;RapportCerberus_53984;c:\programdata\Trusteer\Rapport\store\exts\RapportCerber us\53984\RapportCerberus32_53984.sys [2013-06-23 317424]
S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [2013-04-29 103120]
S1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [2013-04-29 174320]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 176128]
S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [2012-11-28 23552]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2012-07-13 769432]
S2 Ndiskio;Ndiskio;c:\program files\Norman\Nse\Bin\NDISKIO.SYS [2010-12-09 22880]
S2 NHS;Norman Hash Server;c:\program files\Norman\Nvc\bin\nhs.exe [2012-05-10 793520]
S2 NNFSVC;Norman Network Filtering service;c:\program files\Norman\Ngs\Bin\Nnf.exe [2011-11-14 231216]
S2 NPFSvc32;Norman Personal Firewall Service;c:\program files\Norman\npf\bin\npfsvc32.exe [2012-05-14 356904]
S2 NPROSECSVC;Norman Security service;c:\program files\Norman\Ngs\Bin\Nprosec.exe [2011-09-30 90144]
S2 npsvc32;Norman Privacy Service;c:\program files\Norman\Npt\Bin\Npsvc32.exe [2011-09-14 475864]
S2 nregsec;Norman Registry Security driver;c:\program files\Norman\Ngs\Bin\nregsec.sys [2011-11-11 61496]
S2 NVOY;Norman Resource Provider;c:\program files\Norman\npm\bin\nvoy.exe [2011-10-19 100936]
S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-04-29 1124632]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S3 NIG;Norman Intrusion Guard;c:\program files\Norman\nig\bin\nigsvc32.exe [2012-05-16 373424]
S3 nsesvc;Norman Scanner Engine Service;c:\program files\Norman\Nse\Bin\NSESVC.EXE [2013-04-02 289048]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 64904]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 146568]
S3 NvcMFlt;NvcMFlt;c:\windows\system32\DRIVERS\nvcv32mf.sys [2012-08-16 48376]
S3 nvcoas;Norman Virus Control on-access component;c:\program files\Norman\Nvc\Bin\nvcoas.exe [2012-06-28 287312]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 603240]
S3 Scheduler;Norman Scheduler Service;c:\program files\Norman\Npm\Bin\scheduler.exe [2011-04-11 99312]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - RAPPORTIASO
*Deregistered* - RapportIaso
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-13 09:19 1173456 ----a-w- c:\program files\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2013-07-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 17:38]
.
2013-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-15 10:07]
.
2013-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-15 10:07]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.startpagina.nl/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
TCP: DhcpNameServer = 10.0.0.1
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\anja vink\AppData\Roaming\Mozilla\Firefox\Profiles\c7a3kp0r.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/
.
- - - - ORPHANS VERWIJDERD - - - -
.
WebBrowser-{38542454-DFB6-44F5-B052-D4E071A3D073} - (no file)
WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file)
c:\users\anja vink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe
SafeBoot-BsScanner
MSConfigStartUp-Browser Infrastructure Helper - c:\users\anja vink\AppData\Local\Smartbar\Application\Smartbar.exe
MSConfigStartUp-KiesHelper - c:\program files\Samsung\Kies\KiesHelper.exe
MSConfigStartUp-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe
MSConfigStartUp-PlusService - c:\program files\Yuna Software\Messenger Plus!\PlusService.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-4092382292-2273649253-153701524-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-4092382292-2273649253-153701524-1001)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-4092382292-2273649253-153701524-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-4092382292-2273649253-153701524-1001)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'Explorer.exe'(8168)
c:\program files\WinSCP\DragExt.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Norman\Npm\Bin\elogsvc.exe
c:\program files\Norman\Npm\Bin\Zanda.exe
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Norman\Npm\Bin\Njeeves.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Voltooingstijd: 2013-07-20 19:45:01 - machine werd herstart
ComboFix-quarantined-files.txt 2013-07-20 17:44
.
Pre-Run: 765.239.316.480 bytes beschikbaar
Post-Run: 764.675.698.688 bytes beschikbaar
.
- - End Of File - - F21E682D16D5113890CE272182F27F6E
5D949EEA3BEEC2DF38A2D7900AD89A60

**hanswil** · 20-07-13, 19:26

ik wil dds,com of src of pif downloaden maar dat kan niet?

**hanswil** · 20-07-13, 21:05

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
Run by anja vink at 21:31:51 on 2013-07-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3063.1827 [GMT 2:00]
.
AV: Norman Security Suite *Disabled/Updated* {D038CA80-26F3-90BF-94AA-03C4D945E661}
SP: Norman Security Suite *Disabled/Updated* {6B592B64-00C9-9F31-AE1A-38B6A2C2ACDC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norman Security Suite *Enabled* {E8034BA5-6C9C-91E7-BFF5-AAF12796A11A}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Norman\Npm\Bin\elogsvc.exe
C:\Program Files\Norman\Ngs\Bin\Nnf.exe
C:\Program Files\Norman\Ngs\Bin\Nprosec.exe
C:\Windows\system32\atiesrxx.exe
C:\Program Files\Norman\Npm\Bin\Zanda.exe
C:\Program Files\Norman\npm\bin\nvoy.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Prey\platform\windows\cronsvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Norman\Npt\Bin\Npsvc32.exe
C:\Program Files\Norman\Nse\Bin\NSESVC.EXE
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Norman\Npm\Bin\zlh.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\AirPort\APAgent.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Norman\Nvc\bin\nhs.exe
C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Norman\Npm\Bin\scheduler.exe
C:\Program Files\Norman\Npm\Bin\Njeeves.exe
C:\Program Files\Norman\nig\bin\nigsvc32.exe
C:\Program Files\Norman\nig\bin\niguser.exe
C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Norman\npf\bin\npfsvc32.exe
C:\Program Files\Norman\Nvc\Bin\nvcoas.exe
C:\Program Files\Norman\Nvc\Bin\cclaw.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.startpagina.nl/
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
BHO: URL Blocker: {00e71626-0bef-11dc-8314-0800200c9a66} - c:\program files\norman\nig\bin\nigbho.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [NETGEARGenie] "c:\program files\netgear genie\bin\NETGEARGenie.exe" -mini -redirect
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [RIMDeviceManager] c:\program files\common files\research in motion\rimdevicemanager\RIMDeviceManager.exe" -RunServer
uRun:

c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [NUSB3MON] "c:\program files\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [Norman ZANDA] "c:\program files\norman\npm\bin\ZLH.EXE" /LOAD /SPLASH
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [AirPort Base Station Agent] "c:\program files\airport\APAgent.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\users\anjavi~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{732048A9-7E8D-428F-9AF3-D5BE1F66BC7A} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{9A295CD5-A244-421C-A8EF-9E3A343737CB}\E45445745414251343 : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.72\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\anja vink\appdata\roaming\mozilla\firefox\profiles\c7a3kp0r.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/
.
============= SERVICES / DRIVERS ===============
.
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2013-4-30 102448]
R1 ALE_NF;Norman Network Filter ALE driver;c:\windows\system32\drivers\ale_nf.sys [2011-7-13 99088]
R1 NGS;Norman General Security Driver;c:\program files\norman\ngs\bin\ngs.sys [2012-6-11 26744]
R1 NPROSEC;Norman Security driver;c:\program files\norman\ngs\bin\nprosec.sys [2011-7-13 91136]
R1 RapportCerberus_53984;RapportCerberus_53984;c:\programdata\trusteer\rapport\store\exts\rapportcerber us\53984\RapportCerberus32_53984.sys [2013-6-23 317424]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2013-4-30 103120]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2013-4-30 174320]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-5-27 176128]
R2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [2012-11-29 23552]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2010-8-30 13336]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2012-7-13 769432]
R2 Ndiskio;Ndiskio;c:\program files\norman\nse\bin\ndiskio.sys [2011-7-13 22880]
R2 NHS;Norman Hash Server;c:\program files\norman\nvc\bin\nhs.exe [2013-2-12 793520]
R2 NNFSVC;Norman Network Filtering service;c:\program files\norman\ngs\bin\nnf.exe [2012-6-11 231216]
R2 Norman ZANDA;Norman ZANDA;c:\program files\norman\npm\bin\zanda.exe [2012-6-11 431320]
R2 NPFSvc32;Norman Personal Firewall Service;c:\program files\norman\npf\bin\npfsvc32.exe [2012-6-11 356904]
R2 NPROSECSVC;Norman Security service;c:\program files\norman\ngs\bin\nprosec.exe [2012-6-11 90144]
R2 npsvc32;Norman Privacy Service;c:\program files\norman\npt\bin\npsvc32.exe [2012-6-11 475864]
R2 nregsec;Norman Registry Security driver;c:\program files\norman\ngs\bin\nregsec.sys [2012-6-11 61496]
R2 NVOY;Norman Resource Provider;c:\program files\norman\npm\bin\nvoy.exe [2012-6-11 100936]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2013-4-30 1124632]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-10-2 3064000]
R3 NIG;Norman Intrusion Guard;c:\program files\norman\nig\bin\nigsvc32.exe [2012-6-11 373424]
R3 nsesvc;Norman Scanner Engine Service;c:\program files\norman\nse\bin\nsesvc.exe [2013-4-4 289048]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-4-27 64904]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-4-27 146568]
R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcv32mf.sys [2012-9-12 48376]
R3 nvcoas;Norman Virus Control on-access component;c:\program files\norman\nvc\bin\nvcoas.exe [2012-7-4 287312]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-8-30 267880]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2010-11-25 603240]
R3 Scheduler;Norman Scheduler Service;c:\program files\norman\npm\bin\scheduler.exe [2012-6-11 99312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:\program files\netgear genie\bin\NETGEARGenieDaemon.exe [2012-9-25 195400]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-2-6 83864]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-4-7 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 netr73;Conceptronic RT73 stuurprogramma voor draadloze netwerken voor Vista;c:\windows\system32\drivers\netr73.sys [2009-6-10 545792]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-2-6 181784]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-3 52224]
S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-11-30 1343400]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
.
=============== Created Last 30 ================
.
2013-07-20 17:38:13 -------- d-sh--w- C:\$RECYCLE.BIN
2013-07-20 17:34:03 -------- d-----w- c:\users\anja vink\appdata\local\temp
2013-07-20 17:08:57 98816 ----a-w- c:\windows\sed.exe
2013-07-20 17:08:57 256000 ----a-w- c:\windows\PEV.exe
2013-07-20 17:08:57 208896 ----a-w- c:\windows\MBR.exe
2013-07-20 16:07:42 -------- d-----w- c:\program files\CCleaner
2013-07-20 10:38:46 -------- d-----w- c:\users\anja vink\appdata\local\{93E1CFBB-2A2C-4CC5-A57B-E10CD74FF42F}
2013-07-20 08:28:21 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5273906f-6506-4d63-bd42-1be88ea29e7a}\offreg.dll
2013-07-19 21:16:58 -------- d-----w- c:\users\anja vink\appdata\local\{D4446C6F-5773-4F9F-960A-4DC5DA373D44}
2013-07-19 19:56:27 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-19 19:56:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-07-19 16:33:45 7143960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5273906f-6506-4d63-bd42-1be88ea29e7a}\mpengine.dll
2013-07-18 16:03:10 -------- d-----w- c:\users\anja vink\appdata\local\{A1FE9281-97F1-44A7-830B-38AD28BAA8D0}
2013-07-16 19:25:54 -------- d-----w- c:\users\anja vink\appdata\local\{A6759BA2-E827-4414-859F-2B08A164C68A}
2013-07-15 15:01:04 -------- d-----w- c:\users\anja vink\appdata\local\{63E2C08E-0B13-4FF5-9D10-D944EA63108D}
2013-07-14 08:48:41 -------- d-----w- c:\users\anja vink\appdata\local\{E9AB98DB-4AA2-48AE-AC2E-32AFFC43C5CD}
2013-07-13 09:23:41 -------- d-----w- c:\users\anja vink\appdata\local\{724459EB-D9F2-4142-83EE-DC606E04631B}
2013-07-12 21:23:16 -------- d-----w- c:\users\anja vink\appdata\local\{B82DA318-CEF7-4083-A466-BD29DEFD7DDA}
2013-07-12 09:22:50 -------- d-----w- c:\users\anja vink\appdata\local\{53BDA561-B884-46AE-BFC8-6D30F97A3B45}
2013-07-11 20:54:23 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-11 20:54:23 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-07-11 20:54:22 509440 ----a-w- c:\windows\system32\qedit.dll
2013-07-11 20:54:22 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-07-11 20:54:17 988672 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2013-07-11 20:54:17 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
2013-07-11 20:54:17 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2013-07-11 20:54:17 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
2013-07-11 20:54:06 680960 ----a-w- c:\program files\windows defender\MpSvc.dll
2013-07-11 20:54:06 392704 ----a-w- c:\program files\windows defender\MpClient.dll
2013-07-11 20:54:06 224768 ----a-w- c:\program files\windows defender\MpCommu.dll
2013-07-11 20:27:22 -------- d-----w- c:\users\anja vink\appdata\local\Albelli Fotoboeken
2013-07-11 16:38:40 -------- d-----w- c:\users\anja vink\appdata\local\{6713C70F-DB2D-4185-B812-F97C67E901E0}
2013-07-09 15:15:39 -------- d-----w- c:\users\anja vink\appdata\local\{9957322D-9019-41A1-AE30-42B1AA218808}
2013-07-08 15:20:43 -------- d-----w- c:\users\anja vink\appdata\local\{AFEB214F-8994-4396-8425-2BF691CB5159}
2013-07-06 20:18:12 -------- d-----w- c:\users\anja vink\appdata\local\{4FD3069C-D99A-4D59-BB25-97B53B220B94}
2013-07-06 08:18:00 -------- d-----w- c:\users\anja vink\appdata\local\{4FD4B799-06EC-4D91-AD75-A69BEE5516E3}
2013-07-05 19:55:42 -------- d-----w- c:\users\anja vink\appdata\local\{A6763541-636D-4F53-9ED0-E3F3C4595A9F}
2013-07-04 14:15:28 -------- d-----w- c:\users\anja vink\appdata\local\{EADE6411-F02C-4EDD-A272-EA2FA1540C08}
2013-07-03 20:32:35 -------- d-----w- c:\users\anja vink\appdata\local\{5AAC1763-A63C-408F-9099-D5BD99B15B5F}
2013-07-02 18:57:16 -------- d-----w- c:\users\anja vink\appdata\local\{7F2073AB-3A63-41E2-BB16-F938B451476D}
2013-07-01 21:21:01 -------- d-----w- c:\program files\Medieval Software
2013-07-01 16:05:17 -------- d-----w- c:\users\anja vink\appdata\local\{6F3A763F-2BDD-4380-94AC-3699AD989703}
2013-06-30 14:14:52 -------- d-----w- c:\users\anja vink\appdata\local\{B39BD3F8-99AE-4BCD-AE12-953D1816ED6A}
2013-06-28 17:15:54 -------- d-----w- c:\users\anja vink\appdata\local\{957EFF73-53E2-43EB-8EB2-A4481FCDA178}
2013-06-27 11:41:09 -------- d-----w- c:\users\anja vink\appdata\local\{17073FD1-85E5-46F2-BD24-A2DE22D65184}
2013-06-26 15:08:43 -------- d-----w- c:\users\anja vink\appdata\local\{B0001EBA-7F66-4AD9-9840-379255038D6D}
2013-06-25 17:36:51 -------- d-----w- c:\users\anja vink\appdata\local\{5973E422-F0E4-47D7-8F44-9185EDE75C12}
2013-06-24 16:16:35 -------- d-----w- c:\users\anja vink\appdata\local\{83F0A825-772B-4B82-A2EE-4EC5FD4EA0DB}
2013-06-23 09:15:31 -------- d-----w- c:\users\anja vink\appdata\local\{896C4A2A-3B4D-49DC-9A31-41AA1273029C}
2013-06-22 21:25:10 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-22 21:24:35 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-22 11:39:28 -------- d-----w- c:\users\anja vink\appdata\local\{7A806967-3714-4A65-B94C-F5C09EBA8F87}
2013-06-21 23:39:03 -------- d-----w- c:\users\anja vink\appdata\local\{91B63B02-4AC1-46B5-AE2C-0771EA48470A}
2013-06-21 11:38:37 -------- d-----w- c:\users\anja vink\appdata\local\{AF24434B-E3EF-4C74-BA40-FD9B0FB399DF}
.
==================== Find3M ====================
.
2013-07-20 19:30:51 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
2013-06-22 21:24:29 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-12 17:38:41 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-12 17:38:41 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-11 23:43:37 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- c:\windows\system32\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-06-07 02:37:52 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-13 04:45:55 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 03:08:10 903168 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- c:\windows\system32\certenc.dll
2013-05-10 03:20:54 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-08 05:38:00 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-06 05:06:47 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-06 05:06:47 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-02 00:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-05-01 01:59:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2013-05-01 01:59:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
2013-04-29 23:28:50 102448 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2013-04-26 04:55:21 492544 ----a-w- c:\windows\system32\win32spl.dll
2013-04-25 23:30:32 1505280 ----a-w- c:\windows\system32\d3d11.dll
.
============= FINISH: 21:47:33,13 ===============

**Emphyrio** · 20-07-13, 23:04

Dat was een flinke opkuis

Hoe gaat het nu?

**hanswil** · 21-07-13, 09:49

Het ratelen doet hij nog steeds, echter het scherm is 10x sneller geworden. Ook het inladen van een site gaat snel en meerdere schermen is nu mogelijk.
Ik ben erg blij.
Zit alleen met een (domme) vraag hoe kan die rotzooi er allemaal opkomen?
norman virusscanner , schijfopruiming elke week en defragmenteren ook elke week.
Ook 3x per week malwarebytes met update.
Maar al met al het werkt weer als een speer.
Ik denk dat ik elke maand deze handelingen opnieuw uitvoert zonder op het bord te plaatsen.
Ik bedank iedereen die heeft geholpen.

**hanswil** · 21-07-13, 09:52

super en nogmaals bedankt.

Mededeling

verplaatst uit forum windows7

verplaatst uit forum windows7

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment