software is traag, krijg voortdurend "reageert niet"

dedeka · 5 februari 2013

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:27:32, on 4-2-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16457)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files (x86)\Fuji Fotoservice\Fuji Fotoservice\dd.exe

C:\Program Files (x86)\SwyxIt!\SwyxIt!.exe

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe

C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe

C:\Program Files (x86)\SwyxIt!\CLMgr.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files (x86)\SwyxIt!\ODialer.exe

C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Users\daisy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VA3R3IG\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1261\6.6.1089\TmIEPlg32.dll

O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60

O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start

O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

O4 - HKLM\..\Run: [HP HD Webcam Driver_Monitor] C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe

O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe

O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe

O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe

O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [Device Detection] C:\Program Files (x86)\Fuji Fotoservice\Fuji Fotoservice\dd.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: SwyxIt!.lnk = C:\Program Files (x86)\SwyxIt!\SwyxIt!.exe

O8 - Extra context menu item: Bel geselecteerde nummer / URI - C:\Program Files (x86)\SwyxIt!\IEDial.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra button: SwyxIt! Phone Dialer - {F8E553C6-4C00-11D3-80BC-00105A653379} - C:\Program Files (x86)\SwyxIt!\IEDial.htm

O9 - Extra 'Tools' menuitem: SwyxIt! Phone Dialer - {F8E553C6-4C00-11D3-80BC-00105A653379} - C:\Program Files (x86)\SwyxIt!\IEDial.htm

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = man.local

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = man.local

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = man.local

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1261\6.6.1089\TmIEPlg32.dll

O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Security Agent\UIFramework\ProToolbarIMRatingActiveX.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)

O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\windows\system32\CISVC.EXE (file missing)

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)

O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe

O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe

O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe

O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: Trend Micro Security Agent Communicator (TmListen) - Trend Micro Inc. - C:\Program Files\Trend Micro\Security Agent\tmlisten.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--

End of file - 14990 bytes

Asus · 5 februari 2013

Hoi dedeka,

welkom op PCH.

Je topic werd verplaatst naar Bestrijding spyware, virussen, zo word je sneller geholpen door een malware-specialist.

Neem in afwachting van de analyse van je logje deze (klik er op) Welkom Gids eens door, dan ben je helemaal "mee"...

kape · 6 februari 2013

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht, samen met een nieuw log van HijackThis.

dedeka · 6 februari 2013

ComboFix 13-02-03.03 - daisy 06-02-2013 18:35:54.1.4 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.32.1043.18.3979.1765 [GMT 1:00]

Gestart vanuit: c:\users\daisy\Desktop\ComboFix.exe

AV: Trend Micro Security Agent *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}

SP: Trend Micro Security Agent *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Aanwezig AV is actief

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\daisy\AppData\Local\Temp\7zS3151\HPSLPSVC64.DLL

c:\windows\AutoRun.ini

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_HPSLPSVC

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-01-06 to 2013-02-06 ))))))))))))))))))))))))))))))

.

2013-02-06 17:13 . 2013-02-06 17:13 388096 ----a-r- c:\users\daisy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-02-06 17:13 . 2013-02-06 17:13 -------- d-----w- c:\program files (x86)\Trend Micro

2013-02-05 20:44 . 2013-02-05 20:44 -------- d-----w- c:\program files (x86)\blekko

2013-02-05 15:27 . 2013-02-05 15:27 -------- d-----w- c:\programdata\Sync App Settings

2013-02-05 15:24 . 2013-02-06 11:05 -------- d-----w- c:\program files (x86)\Allway Sync

2013-02-05 15:13 . 2013-02-05 15:16 7352232 ----a-w- c:\program files\allwaysync-12-14-2.exe

2013-02-05 09:11 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{889EDA40-F9E8-45F1-9612-5AD828AAEE84}\mpengine.dll

2013-02-03 14:32 . 2013-02-03 15:35 -------- d-----w- c:\users\daisy\.dia

2013-02-03 14:29 . 2013-02-03 14:30 -------- d-----w- c:\program files (x86)\Dia

2013-01-31 12:01 . 2013-01-31 12:01 -------- d-----w- c:\users\administrator\AppData\Roaming\PC Suite

2013-01-31 11:01 . 2013-01-31 11:01 -------- d-----w- c:\programdata\Swyx

2013-01-31 11:01 . 2013-01-31 11:01 -------- d-----w- c:\program files (x86)\Common Files\Swyx

2013-01-31 11:01 . 2013-01-31 11:01 -------- d-----w- c:\program files (x86)\SwyxIt!

2013-01-29 22:23 . 2007-03-12 15:42 3495784 ----a-w- c:\windows\SysWow64\d3dx9_33.dll

2013-01-29 22:22 . 2013-01-29 22:22 -------- d-----w- c:\users\daisy\AppData\Local\Fuji Fotoservice

2013-01-29 22:21 . 2013-01-29 22:21 -------- d-----w- c:\programdata\Fuji Fotoservice

2013-01-29 22:20 . 2013-01-29 22:20 -------- d-----w- c:\program files (x86)\Fuji Fotoservice

2013-01-29 16:59 . 2013-01-29 16:59 -------- d-----w- c:\users\daisy\AppData\Roaming\eTeks

2013-01-23 14:47 . 2013-01-26 17:20 -------- d-----w- c:\users\daisy\AppData\Local\Deployment

2013-01-23 14:47 . 2013-01-23 14:47 -------- d-----w- c:\users\daisy\AppData\Local\Apps

2013-01-22 20:16 . 2013-01-22 20:16 -------- d-----w- c:\programdata\TomTom

2013-01-22 20:16 . 2013-01-22 20:16 -------- d-----w- c:\users\daisy\AppData\Roaming\TomTom

2013-01-22 20:16 . 2013-01-22 20:16 -------- d-----w- c:\users\daisy\AppData\Local\TomTom

2013-01-22 20:14 . 2013-01-22 20:14 -------- d-----w- c:\program files (x86)\TomTom International B.V

2013-01-22 20:13 . 2013-01-24 07:51 -------- d-----w- c:\program files (x86)\TomTom HOME 2

2013-01-22 06:40 . 2013-01-22 06:40 -------- d-----w- c:\users\daisy\AppData\Roaming\TeamViewer

2013-01-21 18:49 . 2013-01-21 18:49 -------- d-----w- c:\windows\system32\20-20 Technologies

2013-01-21 12:42 . 2013-01-21 12:42 -------- d-----w- c:\program files (x86)\TeamViewer

2013-01-21 12:36 . 2013-01-21 12:36 -------- d-----w- C:\team viewer

2013-01-11 08:30 . 2013-02-05 20:40 -------- d-----r- C:\Nieuwe werkmap

2013-01-09 22:18 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe

2013-01-09 22:18 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys

2013-01-09 22:16 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll

2013-01-08 12:25 . 2013-01-20 12:46 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll

2013-01-08 12:25 . 2013-01-15 13:51 704136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe

2013-01-16 20:22 . 2012-12-26 12:14 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll

2013-01-13 15:03 . 2012-12-26 12:14 704136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2013-01-10 07:47 . 2012-11-29 07:35 67599240 ----a-w- c:\windows\system32\MRT.exe

2013-01-07 13:43 . 2012-04-16 05:20 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-01-07 13:43 . 2012-04-16 05:20 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-01-04 19:57 . 2013-01-04 19:57 448312 ----a-w- c:\windows\system32\drivers\SynTP.sys

2013-01-04 19:57 . 2013-01-04 19:57 228664 ----a-w- c:\windows\system32\SynTPAPI.dll

2013-01-04 19:57 . 2013-01-04 19:57 177976 ----a-w- c:\windows\system32\SynTPCo13.dll

2013-01-04 19:57 . 2013-01-04 19:57 113976 ----a-w- c:\windows\SysWow64\SynTPCOM.dll

2013-01-04 19:57 . 2013-01-04 19:57 535864 ----a-w- c:\windows\SysWow64\SynCOM.dll

2013-01-04 19:57 . 2012-03-09 03:55 1046328 ----a-w- c:\windows\system32\SynCOM.dll

2013-01-04 19:57 . 2013-01-04 19:57 175928 ----a-w- c:\windows\system32\drivers\jmcr.sys

2013-01-04 19:56 . 2013-01-04 19:56 74344 ----a-w- c:\windows\system32\RtNicProp64.dll

2013-01-04 19:56 . 2013-01-04 19:56 708200 ----a-w- c:\windows\system32\drivers\Rt64win7.sys

2013-01-04 19:56 . 2012-04-16 05:29 107552 ----a-w- c:\windows\system32\RTNUninst64.dll

2013-01-04 19:53 . 2012-10-06 21:10 3584 ----a-w- c:\windows\SysWow64\sigfile.exe

2013-01-04 19:53 . 2012-10-06 21:10 1064184 ----a-w- c:\windows\system32\drivers\SPUVCBv_x64.sys

2013-01-04 19:53 . 2012-10-06 21:10 231800 ----a-w- c:\windows\system32\DextUVCB_x64.ax

2013-01-04 19:53 . 2012-10-06 21:10 210808 ----a-w- c:\windows\SysWow64\DextUVCB.ax

2013-01-04 19:51 . 2013-01-04 18:59 1664000 ----a-w- c:\windows\sttray64.exe

2013-01-04 19:51 . 2013-01-04 18:57 6102016 ----a-w- c:\windows\system32\stlang64.dll

2013-01-04 19:51 . 2013-01-04 18:54 499200 ----a-w- c:\windows\system32\stcplx64.dll

2013-01-04 19:51 . 2013-01-04 18:54 672256 ------w- c:\windows\system32\stapi64.dll

2013-01-04 19:50 . 2012-10-06 21:29 464384 ----a-w- c:\windows\system32\slapoi64.dll

2013-01-04 19:50 . 2013-01-04 18:57 8013312 ----a-w- c:\windows\system32\IDTNHP.dll

2013-01-04 19:50 . 2013-01-04 18:57 253952 ----a-w- c:\windows\system32\IDTNJ.exe

2013-01-04 19:50 . 2013-01-04 18:57 2214912 ----a-w- c:\windows\system32\IDTNX.dll

2013-01-04 19:50 . 2013-01-04 18:57 8003072 ----a-w- c:\windows\system32\IDTNGUI.exe

2013-01-04 19:50 . 2013-01-04 18:57 1821184 ----a-w- c:\windows\system32\IDTNC64.cpl

2013-01-04 19:50 . 2013-01-04 18:57 224256 ----a-w- c:\windows\system32\HPToneCtrls64.dll

2013-01-04 19:43 . 2012-12-26 09:48 252176 ----a-w- c:\windows\SysWow64\MSRD2X35.DLL

2013-01-04 19:43 . 2012-12-26 09:48 1045776 ----a-w- c:\windows\SysWow64\MSJET35.DLL

2013-01-04 19:43 . 2012-12-26 09:48 123664 ----a-w- c:\windows\SysWow64\MSJINT35.DLL

2013-01-04 19:43 . 2012-12-26 09:48 24848 ----a-w- c:\windows\SysWow64\MSJTER35.DLL

2013-01-04 18:56 . 2013-01-04 18:57 38400 ----a-w- c:\windows\system32\suhlp64.exe

2013-01-04 18:56 . 2013-01-04 18:57 1425408 ----a-w- c:\windows\system32\sttray64.exe

2013-01-04 18:56 . 2013-01-04 18:57 255488 ------w- c:\windows\system32\staco64.dll

2013-01-04 18:56 . 2013-01-04 18:57 318464 ----a-w- c:\windows\system32\stacsv64.exe

2013-01-04 18:56 . 2013-01-04 18:57 182600 ----a-w- c:\windows\system32\slviq64.dll

2013-01-04 18:56 . 2013-01-04 18:57 169800 ----a-w- c:\windows\system32\slvipp64.dll

2013-01-04 18:56 . 2013-01-04 18:57 295240 ----a-w- c:\windows\system32\sluapo64.dll

2013-01-04 18:56 . 2013-01-04 18:57 577352 ----a-w- c:\windows\system32\slprop64.dll

2013-01-04 18:56 . 2013-01-04 18:57 245576 ----a-w- c:\windows\system32\slmaxv64.dll

2013-01-04 18:56 . 2013-01-04 18:57 202056 ----a-w- c:\windows\system32\slInit64.dll

2013-01-04 18:56 . 2013-01-04 18:57 177992 ----a-w- c:\windows\system32\slcshp64.dll

2013-01-04 18:56 . 2013-01-04 18:57 167752 ----a-w- c:\windows\system32\slhlim64.dll

2013-01-04 18:56 . 2013-01-04 18:57 155976 ----a-w- c:\windows\system32\slh36064.dll

2013-01-04 18:56 . 2013-01-04 18:57 140104 ----a-w- c:\windows\system32\sltshd64.dll

2013-01-04 18:56 . 2013-01-04 18:57 139592 ----a-w- c:\windows\system32\slcsii64.dll

2013-01-04 18:56 . 2013-01-04 18:57 131912 ----a-w- c:\windows\system32\slgeq64.dll

2013-01-04 18:56 . 2013-01-04 18:57 158536 ----a-w- c:\windows\system32\slcc3d64.dll

2013-01-04 18:56 . 2013-01-04 18:57 88576 ----a-w- c:\windows\system32\IDTPMA64.exe

2013-01-04 18:56 . 2013-01-04 18:57 148133 ----a-w- c:\windows\system32\Presets.bin

2013-01-04 18:56 . 2013-01-04 18:57 90624 ----a-w- c:\windows\system32\AESTCo64.dll

2013-01-04 18:56 . 2013-01-04 18:57 89600 ----a-w- c:\windows\system32\AESTSr64.exe

2013-01-04 18:56 . 2013-01-04 18:57 74336 ----a-w- c:\windows\system32\AESTAR64.dll

2013-01-04 18:56 . 2013-01-04 18:57 442368 ----a-w- c:\windows\system32\AESTEC64.dll

2013-01-04 18:56 . 2013-01-04 18:57 200288 ----a-w- c:\windows\system32\AESTAC64.dll

2013-01-04 18:53 . 2013-01-04 18:54 543744 ----a-w- c:\windows\system32\drivers\stwrt64.sys

2013-01-04 18:53 . 2013-01-04 18:54 2188800 ----a-w- c:\windows\system32\stapo64.dll

2013-01-04 18:53 . 2013-01-04 18:54 255488 ----a-w- c:\windows\system32\st646428.dll

2013-01-03 07:52 . 2013-01-03 07:52 44672 ----a-w- c:\windows\system32\drivers\a38usb.sys

2013-01-03 07:52 . 2013-01-03 07:52 137216 ----a-w- c:\windows\system32\usbr38.dll

2012-12-16 17:11 . 2012-12-21 11:34 46080 ----a-w- c:\windows\system32\atmlib.dll

2012-12-16 14:45 . 2012-12-21 11:34 367616 ----a-w- c:\windows\system32\atmfd.dll

2012-12-16 14:13 . 2012-12-21 11:34 295424 ----a-w- c:\windows\SysWow64\atmfd.dll

2012-12-16 14:13 . 2012-12-21 11:34 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2012-12-04 10:56 . 2012-12-04 10:56 644400 ----a-w- c:\windows\SysWow64\mscomct2.ocx

2012-11-30 04:45 . 2013-01-09 22:17 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-11-14 07:06 . 2012-12-13 04:17 17811968 ----a-w- c:\windows\system32\mshtml.dll

2012-11-14 06:32 . 2012-12-13 04:17 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-11-14 06:11 . 2012-12-13 04:17 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-11-14 06:04 . 2012-12-13 04:17 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-11-14 06:04 . 2012-12-13 04:17 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-11-14 06:02 . 2012-12-13 04:17 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-14 06:02 . 2012-12-13 04:17 237056 ----a-w- c:\windows\system32\url.dll

2012-11-14 05:59 . 2012-12-13 04:17 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-11-14 05:58 . 2012-12-13 04:17 816640 ----a-w- c:\windows\system32\jscript.dll

2012-11-14 05:57 . 2012-12-13 04:17 599040 ----a-w- c:\windows\system32\vbscript.dll

2012-11-14 05:57 . 2012-12-13 04:17 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-14 05:55 . 2012-12-13 04:17 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-11-14 05:55 . 2012-12-13 04:17 729088 ----a-w- c:\windows\system32\msfeeds.dll

2012-11-14 05:53 . 2012-12-13 04:17 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-11-14 05:52 . 2012-12-13 04:17 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-11-14 05:46 . 2012-12-13 04:17 248320 ----a-w- c:\windows\system32\ieui.dll

2012-11-14 02:09 . 2012-12-13 04:17 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-11-14 01:58 . 2012-12-13 04:17 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-11-14 01:57 . 2012-12-13 04:17 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-11-14 01:49 . 2012-12-13 04:17 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-11-14 01:48 . 2012-12-13 04:17 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-11-14 01:44 . 2012-12-13 04:17 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-11-09 05:45 . 2012-12-12 07:18 2048 ----a-w- c:\windows\system32\tzres.dll

2012-11-09 04:42 . 2012-12-12 07:18 2048 ----a-w- c:\windows\SysWow64\tzres.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}]

2012-10-15 16:28 251360 ----a-w- c:\program files (x86)\blekko\spamfreesearch\1.8.3.9\bh\spamfreesearch.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{EECF410C-006C-4A05-AD13-6741A0814DBF}"= "c:\program files (x86)\blekko\spamfreesearch\1.8.3.9\spamfreesearchTlbr.dll" [2012-10-15 325600]

.

[HKEY_CLASSES_ROOT\clsid\{eecf410c-006c-4a05-ad13-6741a0814dbf}]

[HKEY_CLASSES_ROOT\spamfreesearch.dskBnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]

[HKEY_CLASSES_ROOT\spamfreesearch.dskBnd]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]

"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2012-10-13 1088424]

"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728]

"Device Detection"="c:\program files (x86)\Fuji Fotoservice\Fuji Fotoservice\dd.exe" [2012-12-10 797656]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-11-23 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-03-01 56088]

"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2012-03-07 684024]

"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2012-08-28 334240]

"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-27 291608]

"HP HD Webcam Driver_Monitor"="c:\program files (x86)\HP HD Webcam Driver\monitor.exe" [2012-07-26 303480]

"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2010-11-24 517456]

"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2012-03-15 184704]

"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2012-03-22 12310616]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

SwyxIt!.lnk - c:\program files (x86)\SwyxIt!\SwyxIt!.exe [2011-11-16 4177744]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

"DisableCAD"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Notification Packages REG_MULTI_SZ DPPassFilter scecli

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3478581271-1066936697-1148581013-1919\Scripts\Logon\0\0]

"Script"=login.vbs

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3478581271-1066936697-1148581013-500\Scripts\Logon\0\0]

"Script"=login.vbs

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-14 152992]

R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2013-01-03 44672]

R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2012-08-08 88728]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2012-08-08 344216]

R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2012-08-08 114840]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2012-08-08 178840]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2012-08-08 77464]

R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2012-08-08 135832]

R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2012-08-08 574616]

R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [2012-01-31 64312]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]

R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe [2012-01-31 477056]

R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-03-15 1420160]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-22 1255736]

R4 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552]

S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]

S0 MfeEpeOpal;MfeEpeOpal; [x]

S0 MfeEpePc;MfeEpePc; [x]

S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]

S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2012-08-08 211072]

S2 BotkindSyncService;Botkind Service;c:\program files (x86)\Allway Sync\Bin\SyncService.exe service [x]

S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040]

S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-03-22 372824]

S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-08-28 523680]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2012-09-07 33600]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-01 13592]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]

S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-03-28 128280]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-03-28 165144]

S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2012-07-11 1327104]

S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2012-03-07 1134584]

S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]

S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2012-09-24 77184]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592]

S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2012-04-05 498352]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-03-28 363800]

S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2012-07-19 2714232]

S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-08-08 323584]

S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2012-02-03 42816]

S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2012-08-08 33944]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]

S3 iusb3hub;Intel® USB 3.0 hub-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]

S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]

S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2013-01-04 175928]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2013-01-04 708200]

S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys [2013-01-04 1064184]

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-02-01 17:37 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-23 21:27]

.

2013-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-23 21:27]

.

2013-02-06 c:\windows\Tasks\HPCeeScheduleFordaisy.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]

.

2013-01-31 c:\windows\Tasks\HPCeeScheduleForLPB125$.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-08-08 763520]

"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-08-08 127616]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-04-02 170264]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-04-02 398616]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-04-02 439064]

"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2012-03-14 15232]

"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2012-11-01 219512]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-01-04 1664000]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Bel geselecteerde nummer / URI - c:\program files (x86)\SwyxIt!\IEDial.htm

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

IE: {{F8E553C6-4C00-11D3-80BC-00105A653379} - c:\program files (x86)\SwyxIt!\IEDial.htm

TCP: DhcpNameServer = 195.130.130.2 195.130.131.2

.

- - - - ORPHANS VERWIJDERD - - - -

.

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

Wow6432Node-HKLM-Run-beid - c:\program files (x86)\Belgium Identity Card\beid35gui.exe

HKLM_Wow6432Node-ActiveSetup-{438363A8-F486-4C37-834C-4955773CB3D3} - msiexec

WebBrowser-{C1036F99-E666-4AAD-A079-5A20AD04E477} - (no file)

HKLM-Run-MfeEpePcMonitor - c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]

"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]

"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Allway Sync\Bin\SyncService.exe

c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe

c:\program files (x86)\SwyxIt!\CLMgr.exe

c:\program files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

.

**************************************************************************

.

Voltooingstijd: 2013-02-06 21:25:07 - machine werd herstart

ComboFix-quarantined-files.txt 2013-02-06 20:25

.

Pre-Run: 224.600.825.856 bytes beschikbaar

Post-Run: 226.847.952.896 bytes beschikbaar

.

- - End Of File - - D13F2E0CF698AA5629491D89C9672E5D