hijackhislog

[misteragga]

hallo mensen ik heb een probleem

het duurd lang voor dat mij computer op start ik heb het met soluto na gekeken als nog het zelfde

ik heb ccleaner er over heen gehaald als nog het zelfde ik heb me vaste schijven schoon gemaakt als nog

het zelfde als ik internet explorer start werk de start pagina wel maar waneer ik een andere site wil openen zoals

pchelpforum.be dan gaat het niet dan word er een melding gegeven zie bijlagen zou het tog een virus kunnen

zijn? ik stuur bij deze alvast al een hijackthislogje ik heb internet explorer al naar standaard hersteld zonder goed

resultaat alvast bedankt voor het mee denken.

bijlagen.

hijackthislog.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 3:51:21, on 13-10-2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe

C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe

C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe

C:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Brian\Downloads\HijackThis.exe

c:\PROGRA~2\mcafee\SITEAD~1\saui.exe

C:\Users\Brian\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121010045635.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

O4 - HKLM\..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe

O4 - HKLM\..\Run: [bATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11489 bytes

[kape]

Logje ziet er probleemloos uit. Heb je de PC al eens teruggezet naar een oud herstelpunt via systeemherstel ? Lijkt me het beste om dat eerst te proberen, vóór we andere programma's laten scannen.

[misteragga]

Ik kan mij computer niet herstellen de herstel punten zijn beschadigd

[misteragga]

wat kan ik er nu aan doen?

[Asus]

Breng je Internet Explorer eens terug naar zijn standaardinstellingen:

- Open Internet explorer.

- Druk op de Alt toets op je toetsenbord. Er verschijnt een menu.

- Ga naar het menu Extra en kies Internetopties.

- Op de tab Geavanceerd klik je onderaan op de knop Opnieuw instellen...

- Klik nogmaals op Opnieuw instellen.

- Klik op Sluiten en herstart internet explorer.

Opmerking:

Bovenstaande procedure kan ook volautomatisch gebeuren, door dit programma te downloaden en uit te voeren: reset IE naar standaardinstellingen (klik erop).

Meer info over het opnieuw instellen van IE, vindt u hier.

[misteragga]

oke ik heb het uitgevoerd maar als nog het zelfde probleem.

[misteragga]

oke ik heb het probleem gevonden www.ing.nl heeft een software gemaakt voor hun klanten

om tojans paarden tegen te houden dus ik dacht hey laat ik het eens proberen kijken of het werk

nou sinds gister is me internet browser traag ik heb toen Trusteer Rapport uitgeschakeld en alles ik weer goed

maar ben ik verplicht om Trusteer Rapport te houden want het werkt aleen maar traag op me systeem om het

wat uitgebreider te laten zien zal ik de website bij plaatsen wat trusteer rapport precies is en doet.

http://www.ing.nl/de-ing/veilig-bankieren/veilig-internetbankieren/ing-trusteer-rapport/index.aspx?bid=0034_HPP_Internetbankieren_Veilig_bankieren_Trusteer_BB2

[misteragga]

ik had ook nog combofix laten draaien om dat mij systeem heel traag reageerde

wilde het graag laten bekijken of alles goed is gelukt.

combofix.

ComboFix 12-10-13.03 - Brian 14-10-2012 0:02.5.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3959.1900 [GMT 2:00]

Gestart vanuit: c:\users\Brian\Desktop\ComboFix.exe

AV: McAfee Antivirus en antispyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

SP: McAfee Antivirus en antispyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\zip.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-09-13 to 2012-10-13 ))))))))))))))))))))))))))))))

.

.

2012-10-13 21:56 . 2012-10-13 21:56 -------- dc-h--w- c:\programdata\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}

2012-10-13 21:15 . 2012-10-13 21:15 -------- d--h--w- c:\programdata\Common Files

2012-10-13 19:19 . 2012-10-13 19:19 61440 ----a-w- c:\windows\SysWow64\drivers\bfhg.sys

2012-10-13 19:19 . 2012-10-13 19:19 574 ----a-w- C:\cleanup.bat

2012-10-10 17:31 . 2012-10-10 17:31 -------- d-----w- c:\programdata\Ask

2012-10-10 03:24 . 2012-10-10 03:24 -------- d-----w- c:\windows\SysWow64\wbem\Logs

2012-10-10 03:04 . 2012-10-10 03:04 -------- d-----w- c:\program files (x86)\Trend Micro

2012-10-10 02:31 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys

2012-10-10 02:31 . 2012-08-30 18:03 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-10-10 02:31 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-10-10 02:31 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-10-10 02:29 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll

2012-10-10 02:29 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll

2012-10-10 02:29 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll

2012-10-10 02:29 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll

2012-10-10 02:29 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll

2012-10-10 02:29 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll

2012-10-10 02:29 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll

2012-10-10 02:29 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

2012-10-09 00:29 . 2012-10-09 00:29 -------- d-----w- c:\program files\HitmanPro

2012-10-09 00:29 . 2012-10-09 00:30 -------- d-----w- c:\programdata\HitmanPro

2012-10-08 23:04 . 2012-09-07 09:07 101688 ----a-w- c:\windows\system32\drivers\RapportKE64.sys

2012-10-08 23:03 . 2012-10-08 23:03 -------- d-----w- c:\program files (x86)\Trusteer

2012-10-08 22:58 . 2012-10-08 22:58 -------- d-----w- c:\programdata\Trusteer

2012-10-05 23:08 . 2012-10-05 23:08 -------- d-----w- c:\windows\nl

2012-10-05 23:07 . 2012-10-05 23:07 -------- d-----w- c:\windows\en

2012-10-05 23:06 . 2012-10-05 23:06 -------- d-----w- c:\program files\Windows Live

2012-10-05 22:55 . 2012-10-05 22:56 -------- d-----w- c:\program files\Soluto

2012-09-28 00:36 . 2012-04-20 14:40 196440 ----a-w- c:\windows\system32\drivers\HipShieldK.sys

2012-09-27 23:58 . 2012-09-27 23:58 -------- d-----w- c:\program files\Macrium

2012-09-25 17:08 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2012-09-24 17:31 . 2012-09-24 17:31 -------- d-----w- c:\programdata\WinBar

2012-09-24 17:31 . 2012-09-24 17:31 -------- d-----w- c:\program files (x86)\WinBar

2012-09-24 15:29 . 2012-09-24 15:29 -------- d-----w- c:\program files\Western Digital

2012-09-24 15:29 . 2012-09-24 15:29 -------- d-----w- c:\program files (x86)\Western Digital

2012-09-23 00:15 . 2012-09-23 00:15 -------- d-----w- c:\programdata\F-Secure

2012-09-22 23:53 . 2012-09-22 23:53 56016 ----a-w- c:\windows\system32\drivers\fsbts.sys

2012-09-22 02:00 . 2012-09-22 02:00 -------- d-----w- c:\program files\VideoLAN

2012-09-21 21:20 . 2012-09-21 21:21 -------- d-----w- c:\program files (x86)\Common Files\Adobe

2012-09-20 22:47 . 2012-10-04 18:25 54728 ----a-w- c:\windows\system32\drivers\Soluto.sys

2012-09-15 19:20 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll

2012-09-15 19:20 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll

2012-09-15 19:10 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys

2012-09-15 19:10 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys

2012-09-15 19:09 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-09-15 19:09 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys

2012-09-15 19:09 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-09-15 18:46 . 2012-06-22 05:35 76736 ----a-w- c:\windows\system32\drivers\mfenlfk.sys

2012-09-15 18:15 . 2012-09-15 18:15 -------- d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2

2012-09-15 18:04 . 2012-09-15 18:04 -------- d-----w- c:\windows\system32\SPReview

2012-09-15 18:02 . 2012-09-15 18:02 -------- d-----w- c:\windows\system32\EventProviders

2012-09-15 17:25 . 2010-11-20 13:27 680960 ----a-w- c:\windows\system32\termsrv.dll

2012-09-15 17:24 . 2010-11-20 13:33 31104 ----a-w- c:\windows\system32\drivers\msahci.sys

2012-09-15 17:23 . 2010-11-20 13:25 109568 ----a-w- c:\windows\system32\nslookup.exe

2012-09-15 17:22 . 2010-11-20 13:27 37376 ----a-w- c:\windows\system32\shimgvw.dll

2012-09-15 17:21 . 2010-11-20 13:02 6656 ----a-w- c:\windows\system32\KBDGEO.DLL

2012-09-15 17:20 . 2010-11-20 13:27 3072 ----a-w- c:\windows\system32\drivers\nl-NL\Dot4usb.sys.mui

2012-09-15 17:20 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll

2012-09-15 17:20 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll

2012-09-15 17:20 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\sqmapi.dll

2012-09-15 17:20 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll

2012-09-15 17:20 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll

2012-09-15 17:20 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll

2012-09-15 17:19 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll

2012-09-15 17:19 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll

2012-09-15 17:19 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll

2012-09-14 22:26 . 2012-06-22 05:37 10288 ----a-w- c:\windows\system32\drivers\mfeclnk.sys

2012-09-14 22:26 . 2012-09-14 22:26 -------- d-----w- c:\program files (x86)\Common Files\McAfee

2012-09-14 22:26 . 2012-06-22 05:40 69672 ----a-w- c:\windows\system32\drivers\cfwids.sys

2012-09-14 22:26 . 2012-06-22 05:36 106112 ----a-w- c:\windows\system32\drivers\mferkdet.sys

2012-09-14 22:26 . 2012-06-22 05:35 513456 ----a-w- c:\windows\system32\drivers\mfefirek.sys

2012-09-14 22:26 . 2012-06-22 05:34 300392 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2012-09-14 22:26 . 2012-09-28 00:41 -------- d-----w- c:\program files\Common Files\McAfee

2012-09-14 22:26 . 2012-09-14 22:27 -------- d-----w- c:\program files\McAfee

2012-09-14 22:26 . 2012-09-28 19:06 -------- d-----w- c:\program files (x86)\McAfee

2012-09-14 21:00 . 2012-10-05 22:53 -------- d-----w- c:\program files (x86)\uTorrent

2012-09-14 17:29 . 2012-09-14 17:29 -------- d-----r- c:\program files (x86)\Skype

2012-09-14 17:29 . 2012-09-14 17:29 -------- d-----w- c:\program files (x86)\Common Files\Skype

2012-09-14 17:24 . 2012-09-28 23:59 -------- d-----w- c:\programdata\Skype

2012-09-14 16:54 . 2012-09-14 16:54 -------- d-----w- c:\program files\Microsoft Silverlight

2012-09-14 16:54 . 2012-09-14 16:54 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

2012-09-14 16:53 . 2012-09-14 16:53 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-09-14 16:53 . 2012-09-14 16:52 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-09-14 16:53 . 2012-09-14 16:52 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-09-14 16:53 . 2012-09-14 16:52 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-09-14 16:52 . 2012-10-13 01:30 -------- d-----w- c:\program files (x86)\Java

2012-09-14 16:51 . 2012-09-14 16:51 289768 ----a-w- c:\windows\system32\javaws.exe

2012-09-14 16:51 . 2012-09-14 16:51 916456 ----a-w- c:\windows\system32\deployJava1.dll

2012-09-14 16:51 . 2012-09-14 16:51 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-09-14 16:51 . 2012-09-14 16:51 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll

2012-09-14 16:51 . 2012-09-14 16:51 189416 ----a-w- c:\windows\system32\javaw.exe

2012-09-14 16:51 . 2012-09-14 16:51 188904 ----a-w- c:\windows\system32\java.exe

2012-09-14 16:51 . 2012-09-14 16:51 -------- d-----w- c:\program files\Java

2012-09-14 16:50 . 2012-10-08 22:36 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-09-14 16:50 . 2012-10-08 22:36 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-09-14 16:50 . 2012-09-14 16:50 -------- d-----w- c:\windows\system32\Macromed

2012-09-14 16:44 . 2012-09-14 16:44 -------- d-----w- c:\programdata\LogiShrd

2012-09-14 16:40 . 2012-09-14 16:40 -------- d-----w- c:\windows\SysWow64\logishrd

2012-09-14 16:40 . 2012-09-14 16:40 -------- d-----w- c:\windows\system32\logishrd

2012-09-14 16:40 . 2012-09-14 16:40 -------- d-----w- c:\programdata\Logitech

2012-09-14 16:40 . 2012-10-04 22:33 -------- d-----w- c:\program files (x86)\Common Files\LWS

2012-09-14 16:40 . 2012-10-04 22:33 -------- d-----w- c:\program files (x86)\Logitech

2012-09-14 16:39 . 2012-10-04 22:35 -------- d-----w- c:\program files (x86)\Common Files\logishrd

2012-09-14 16:39 . 2012-10-04 22:33 -------- d-----w- c:\program files\Common Files\logishrd

2012-09-14 16:36 . 2012-09-14 16:36 -------- d-----w- c:\programdata\Western Digital

2012-09-14 16:27 . 2012-10-05 22:55 -------- dc----w- c:\windows\system32\DRVSTORE

2012-09-14 16:21 . 2012-09-30 22:57 -------- d-----w- c:\program files (x86)\Vuze

2012-09-14 16:17 . 2010-06-02 02:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll

2012-09-14 16:17 . 2010-06-02 02:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll

2012-09-14 16:17 . 2010-06-02 02:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll

2012-09-14 16:17 . 2010-06-02 02:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll

2012-09-14 16:17 . 2010-05-26 09:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll

2012-09-14 16:17 . 2010-05-26 09:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll

2012-09-14 16:17 . 2010-05-26 09:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll

2012-09-14 16:17 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll

2012-09-14 16:13 . 2012-09-14 16:13 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\d2f02b761cd929306\DSETUP.dll

2012-09-14 16:13 . 2012-09-14 16:13 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\d2f02b761cd929306\DXSETUP.exe

2012-09-14 16:13 . 2012-09-14 16:13 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\d2f02b761cd929306\dsetup32.dll

2012-09-14 16:13 . 2012-09-14 16:13 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\d18b1d0d1cd929304\DSETUP.dll

2012-09-14 16:13 . 2012-09-14 16:13 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\d18b1d0d1cd929304\DXSETUP.exe

2012-09-14 16:13 . 2012-09-14 16:13 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\d18b1d0d1cd929304\dsetup32.dll

2012-09-14 16:12 . 2012-09-14 16:12 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\cd9512d81cd929301\DSETUP.dll

2012-09-14 16:12 . 2012-09-14 16:12 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\cd9512d81cd929301\DXSETUP.exe

2012-09-14 16:12 . 2012-09-14 16:12 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\cd9512d81cd929301\dsetup32.dll

2012-09-14 16:12 . 2012-10-05 22:56 -------- d-----w- c:\programdata\Soluto

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-09-15 18:36 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2012-09-15 18:36 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2012-09-14 16:18 . 2010-06-24 19:33 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-09-12 16:11 . 2012-09-12 16:11 13504 ----a-w- c:\windows\system32\drivers\PSVolAcc.sys

2012-09-12 16:10 . 2012-09-12 16:10 57024 ----a-w- c:\windows\system32\drivers\psmounterex.sys

2012-09-12 14:07 . 2012-09-12 14:07 58368 ----a-w- c:\windows\SysWow64\sirenacm.dll

2012-09-12 13:57 . 2012-09-12 13:57 322048 ----a-w- c:\windows\WLXPGSS.SCR

2012-08-20 17:38 . 2012-10-10 02:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-07-26 17:08 . 2012-07-26 17:08 862664 ----a-w- c:\windows\SysWow64\msvcr110.dll

2012-07-26 17:08 . 2012-07-26 17:08 534480 ----a-w- c:\windows\SysWow64\msvcp110.dll

2012-07-26 17:08 . 2012-07-26 17:08 251864 ----a-w- c:\windows\SysWow64\vccorlib110.dll

2012-07-26 17:08 . 2012-07-26 17:08 153536 ----a-w- c:\windows\SysWow64\atl110.dll

2012-07-26 17:08 . 2012-07-26 17:08 115656 ----a-w- c:\windows\SysWow64\vcomp110.dll

2012-07-26 13:22 . 2012-07-26 13:22 828872 ----a-w- c:\windows\system32\msvcr110.dll

2012-07-26 13:22 . 2012-07-26 13:22 661448 ----a-w- c:\windows\system32\msvcp110.dll

2012-07-26 13:22 . 2012-07-26 13:22 354264 ----a-w- c:\windows\system32\vccorlib110.dll

2012-07-26 13:22 . 2012-07-26 13:22 177096 ----a-w- c:\windows\system32\atl110.dll

2012-07-26 13:22 . 2012-07-26 13:22 124360 ----a-w- c:\windows\system32\vcomp110.dll

2012-07-17 13:14 . 2012-07-17 13:14 253184 ----a-w- c:\windows\system32\LIVESSP.DLL

2012-07-17 12:49 . 2012-07-17 12:49 209648 ----a-w- c:\windows\SysWow64\LIVESSP.DLL

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1535112]

"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]

"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2119488]

WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"HideFastUserSwitching"= 0 (0x0)

"UacDisableNotify"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"EnableShellExecuteHooks"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux3"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R0 savhyjjk;savhyjjk;c:\windows\system32\drivers\bfhg.sys [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14 116648]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14 116648]

R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]

R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2010-05-14 271712]

R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-06-22 106112]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-14 1255736]

R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 250808]

R4 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-08-06 681528]

R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R4 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]

S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-09-22 56016]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-06-22 335784]

S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys [2012-09-07 101688]

S0 Soluto;Soluto;c:\windows\system32\Drivers\Soluto.sys [2012-10-04 54728]

S1 A2DDA;A2 Direct Disk Access Support Driver;c:\users\Brian\Desktop\virus scanner\virus scanners\emsisoft\Run\a2ddax64.sys [2012-06-12 23208]

S1 RapportCerberus_42020;RapportCerberus_42020;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_42020.sys [2012-10-08 397720]

S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2012-09-07 55096]

S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2012-09-07 297240]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-06-22 218320]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-06-22 177144]

S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2012-09-07 976728]

S2 ReflectService.exe;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2012-09-12 301760]

S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2012-10-04 604728]

S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]

S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048]

S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]

S3 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-23 203264]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-11-23 7886848]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-11-23 285696]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-06-22 69672]

S3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]

S3 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

S3 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]

S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]

S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-06-22 513456]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800]

S3 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - mfeavfk01

.

Inhoud van de 'Gedeelde Taken' map

.

2012-10-09 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-14 22:36]

.

2012-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14 16:29]

.

2012-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14 16:29]

.

2012-10-05 c:\windows\Tasks\HPCeeScheduleForBRIAN-PC$.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]

.

2012-09-21 c:\windows\Tasks\HPCeeScheduleForBrian.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-07-26 2782096]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]

"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://google.nl/

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 192.168.1.1

.

- - - - ORPHANS VERWIJDERD - - - -

.

AddRemove-{D40EB009-0499-459c-A8AF-C9C110766215} - c:\program files (x86)\Common Files\LogiShrd\Installer\{D40EB009-0499-459c-A8AF-C9C110766215}\setup.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-4085980671-1877415730-1580475011-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-4085980671-1877415730-1580475011-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]

"v5Licence0"="15-BDQC-7UK5-EXJX-PX69-4H1M-NKYDU2H"

"Activated"="N"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-10-14 00:10:41

ComboFix-quarantined-files.txt 2012-10-13 22:10

.

Pre-Run: 1.440.325.758.976 bytes beschikbaar

Post-Run: 1.440.677.892.096 bytes beschikbaar

.

- - End Of File - - 7F4564F78FA711EA4FEB67205E80ED8D

[misteragga]

en ook nog eens mij opstart items

[ATTACH]21769[/ATTACH]

startup.txt

[kape]

Deze vetgedrukte mappen mag je nog verwijderen:

c:\programdata\Ask

c:\programdata\WinBar

c:\program files (x86)\WinBar

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht/Programma’s en bestanden zoeken en typ daar: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.