usb fout melding

[stegisoft]

Je kan hier HijackThis logje plaatsen.

Dat is ook beter zodat we uw probleem goed beginnen te kennen.

[misteragga]

Dit is dan de Hijackthislog.

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 14:41:23, on 18-8-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16660)

Boot mode: Normal

Running processes:

P:\Winbar\WinBar.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

P:\Teamviewer\TeamViewer.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Users\Brian_Pc\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - P:\Evernote\EvernoteIE.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.5\bh\delta.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.5\deltaTlbr.dll

O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WinBar (x86)] P:\Winbar\WinBar.exe

O4 - HKCU\..\Run: [NTRedirect] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Brian_Pc\AppData\Roaming\BabSolution\Shared\EnhancedNT.dll",Run

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O8 - Extra context menu item: Afbeelding knippen - P:\Evernote\\EvernoteIERes\Clip.html?clipAction=4

O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

O8 - Extra context menu item: Kopieer selectie - P:\Evernote\\EvernoteIERes\Clip.html?clipAction=3

O8 - Extra context menu item: Kopieer URL - P:\Evernote\\EvernoteIERes\Clip.html?clipAction=0

O8 - Extra context menu item: Nieuwe notitie - P:\Evernote\\EvernoteIERes\NewNote.html

O8 - Extra context menu item: Pagina opemen - P:\Evernote\\EvernoteIERes\Clip.html?clipAction=1

O9 - Extra button: @P:\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - P:\Evernote\\EvernoteIERes\AddNote.html

O9 - Extra 'Tools' menuitem: @P:\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - P:\Evernote\\EvernoteIERes\AddNote.html

O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe

O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) - Unknown owner - P:\Macrium Reflect\ReflectService.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - P:\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: Soluto Launcher Service (SolutoLauncherService) - Soluto - C:\Program Files\Soluto\SolutoLauncherService.exe

O23 - Service: Soluto Remote Service (SolutoRemoteService) - GlavSoft LLC. - C:\Program Files\Soluto\SolutoRemoteService.exe

O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - P:\Teamviewer\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 12692 bytes

[stegisoft]

Ik zal onze expert vragen om naar uw log te kijken want ik ben een domme gans.xD

Even geduld tot hij online is.

[kape]

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Search

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.5\bh\delta.dll

O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.5\deltaTlbr.dll

O4 - HKCU\..\Run: [NTRedirect] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Brian_Pc\AppData\Roaming\BabSolution\Shared\EnhancedNT.dll",Run

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download AdwCleaner by Xplode naar het bureaublad.

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Klik vervolgens op Verwijderen.
  
• Klik bij AdwCleaner – Informatie op OK
  
• Klik bij AdwCleaner – Herstarten Noodzakelijk op OK
  

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.

Nadat de PC opnieuw is opgestart, opent een logfile.

Post aansluitend de inhoud van dit log in je volgende bericht, samen met een logje van HijackThis.

[misteragga]

dit zijn dan de logjes.

AdwCleaner[R1].txt

AdwCleaner[S1].txt

hijackthis 2.txt

[kape]

Behoorlijk wat rommel verwijderd. Hoe doet de PC het nu ?

[misteragga]

de computer is nog wat aan de tragen kant.

[kape]

Download ComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

• Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  
• Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  
• Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  
• Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  
• Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  
• Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  
• Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  
• Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  
• Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
  

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

• Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  
• Illegal operation attempted on a registry key that has been marked for deletion.
  

[misteragga]

hier is combofixlog.

ComboFix 13-08-19.02 - Brian_Pc 20-08-2013 2:17.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3959.2485 [GMT 2:00]

Gestart vanuit: c:\users\Brian_Pc\Desktop\ComboFix.exe

AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Brian_Pc\AppData\Roaming\inst.exe

c:\users\Brian_Pc\AppData\Roaming\vso_ts_preview.xml

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-07-20 to 2013-08-20 ))))))))))))))))))))))))))))))

.

.

2013-08-20 00:21 . 2013-08-20 00:21 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-08-19 22:34 . 2013-08-19 22:34 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared

2013-08-19 22:27 . 2013-08-19 22:30 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS

2013-08-19 22:27 . 2013-08-19 22:27 -------- d-----w- c:\program files\Symantec

2013-08-19 22:27 . 2013-08-19 22:27 -------- d-----w- c:\program files\Common Files\Symantec Shared

2013-08-19 22:26 . 2013-08-19 22:33 -------- d-----w- c:\windows\system32\drivers\NISx64

2013-08-19 22:26 . 2013-08-19 22:27 -------- d-----w- c:\programdata\Norton

2013-08-19 22:22 . 2013-08-19 22:22 -------- d-----w- c:\program files (x86)\NortonInstaller

2013-08-19 21:24 . 2013-08-19 21:24 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

2013-08-19 21:09 . 2013-08-19 21:09 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services

2013-08-19 21:08 . 2013-08-19 21:08 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework

2013-08-19 21:08 . 2013-08-19 21:08 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition

2013-08-19 21:07 . 2013-08-19 21:07 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8

2013-08-19 21:07 . 2013-08-19 21:07 -------- d-----w- c:\program files\Microsoft Office

2013-08-19 21:06 . 2013-08-19 21:06 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services

2013-08-19 20:48 . 2013-08-19 20:48 -------- d-----w- c:\programdata\Microsoft Toolkit

2013-08-19 20:34 . 2013-08-19 21:38 -------- d-----w- c:\windows\AutoRearm

2013-08-19 20:27 . 2013-08-19 21:54 -------- d-----w- c:\programdata\Microsoft Help

2013-08-18 20:43 . 2013-08-18 20:43 -------- d-----w- c:\programdata\Binarysense

2013-08-18 20:43 . 2013-08-18 20:43 -------- d-----w- c:\programdata\Licenses

2013-08-18 00:56 . 2013-08-18 00:57 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft

2013-08-15 03:02 . 2013-08-15 03:05 -------- d-----w- C:\AdwCleaner

2013-08-15 02:49 . 2013-08-15 02:49 -------- d-----w- c:\programdata\ATI

2013-08-15 02:39 . 2013-08-15 02:39 -------- d-----w- c:\program files (x86)\AMD APP

2013-08-15 02:38 . 2013-08-15 02:38 -------- d-----w- c:\program files\ATI

2013-08-15 02:32 . 2013-08-15 02:34 -------- d-----w- c:\program files (x86)\InstallShield Installation Information

2013-08-15 02:31 . 2013-08-15 02:32 -------- d-----w- c:\programdata\Hewlett-Packard

2013-08-15 02:30 . 2013-08-15 02:30 -------- d-----w- c:\programdata\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}

2013-08-15 02:30 . 2013-08-15 02:30 -------- d-----w- C:\System.sav

2013-08-15 02:24 . 2013-08-15 02:47 -------- d-----w- c:\program files\Microsoft Silverlight

2013-08-15 02:24 . 2013-08-15 02:47 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

2013-08-15 02:24 . 2013-08-15 02:24 -------- d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2

2013-08-15 02:11 . 2013-08-15 02:31 -------- d-----w- c:\program files (x86)\Hewlett-Packard

2013-08-15 02:11 . 2013-08-15 02:11 -------- d-----w- c:\program files (x86)\HP

2013-08-15 02:04 . 2013-08-15 02:04 -------- d-----w- c:\windows\SysWow64\Adobe

2013-08-15 02:04 . 2013-08-15 02:04 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR

2013-08-15 02:03 . 2013-08-15 02:03 -------- d-----w- c:\program files (x86)\Common Files\Adobe

2013-08-15 01:50 . 2013-08-15 01:50 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys

2013-08-15 01:47 . 2013-08-15 01:47 -------- d-----w- c:\program files (x86)\Common Files\Java

2013-08-15 01:47 . 2013-08-15 01:47 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2013-08-15 01:47 . 2013-08-15 01:47 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll

2013-08-15 01:47 . 2013-08-15 01:47 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-08-15 01:47 . 2013-08-15 01:47 -------- d-----w- c:\program files (x86)\Java

2013-08-15 01:42 . 2013-08-15 01:42 -------- d-----w- c:\program files (x86)\Common Files\EZB Systems

2013-08-15 01:39 . 2013-08-15 01:39 -------- dc-h--w- c:\programdata\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}

2013-08-15 01:37 . 2013-08-15 01:37 -------- d--h--w- c:\programdata\CanonBJ

2013-08-15 01:36 . 2008-02-06 03:00 259584 ----a-w- c:\windows\system32\CNMLM8S.DLL

2013-08-15 01:34 . 2013-08-15 01:34 -------- d-----w- c:\program files\Windows Live

2013-08-15 01:34 . 2013-08-15 01:34 -------- d-----w- c:\windows\PCHEALTH

2013-08-15 01:34 . 2013-08-15 01:34 -------- d-----w- c:\program files (x86)\Windows Live

2013-08-15 01:33 . 2013-08-15 01:33 -------- d-----w- c:\program files (x86)\Common Files\Windows Live

2013-08-15 01:27 . 2012-06-09 17:21 178688 ----a-w- c:\windows\SysWow64\unrar.dll

2013-08-15 01:27 . 2013-08-15 01:27 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack

2013-08-15 01:22 . 2013-08-15 01:22 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin

2013-08-15 01:21 . 2013-08-15 01:21 -------- dc----w- c:\windows\system32\DRVSTORE

2013-08-15 01:21 . 2013-08-12 14:13 54728 ----a-w- c:\windows\system32\drivers\Soluto.sys

2013-08-15 01:21 . 2013-08-15 01:21 -------- d-----w- c:\program files\Soluto

2013-08-15 01:21 . 2013-08-15 02:19 -------- d-----w- c:\programdata\Soluto

2013-08-15 01:14 . 2013-06-06 06:24 20472 ----a-w- c:\windows\system32\Spool\prtprocs\x64\TeamViewer_PrintProcessor.dll

2013-08-15 01:04 . 2007-03-18 19:37 65602 ----a-w- c:\windows\SysWow64\cook3260.dll

2013-08-15 01:04 . 2006-09-29 11:26 176165 ----a-w- c:\windows\SysWow64\drv23260.dll

2013-08-15 01:04 . 2006-09-29 11:25 208935 ----a-w- c:\windows\SysWow64\drv33260.dll

2013-08-15 01:04 . 2006-09-29 11:24 217127 ----a-w- c:\windows\SysWow64\drv43260.dll

2013-08-15 01:04 . 2002-12-10 01:20 102439 ----a-w- c:\windows\SysWow64\sipr3260.dll

2013-08-15 01:04 . 2006-05-20 15:16 1184984 ----a-w- c:\windows\SysWow64\wvc1dmod.dll

2013-08-15 01:04 . 2006-05-11 18:21 626688 ----a-w- c:\windows\SysWow64\vp7vfw.dll

2013-08-15 00:43 . 2013-08-15 01:04 82816 ----a-w- c:\windows\system32\drivers\pcouffin.sys

2013-08-15 00:43 . 2013-08-15 01:04 -------- d-----w- c:\program files (x86)\vso

2013-08-15 00:43 . 2013-08-15 00:43 -------- d-----w- c:\programdata\VSO

2013-08-15 00:18 . 2013-08-15 00:18 -------- d-----w- c:\programdata\WinBar

2013-08-15 00:08 . 2013-08-15 00:08 -------- d-----w- c:\programdata\CanonIJPLM

2013-08-15 00:05 . 2013-08-15 00:05 -------- d-----w- c:\program files (x86)\Common Files\ScanSoft Shared

2013-08-14 23:59 . 2013-08-15 01:37 -------- d-----w- c:\program files (x86)\Canon

2013-08-14 23:59 . 2013-08-14 23:59 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information

2013-08-14 23:58 . 2007-03-15 05:13 229888 ----a-w- c:\windows\system32\CNC210O.DLL

2013-08-14 23:58 . 2007-03-23 07:32 92672 ----a-w- c:\windows\system32\CNC210I.DLL

2013-08-14 23:58 . 2007-03-19 01:16 246272 ----a-w- c:\windows\system32\CNC210L.DLL

2013-08-14 23:58 . 2007-03-23 07:33 1439744 ----a-w- c:\windows\system32\CNC210C.DLL

2013-08-14 23:57 . 2013-08-14 23:57 -------- d--h--w- c:\program files\CanonBJ

2013-08-14 23:55 . 2013-08-14 23:55 -------- d-----w- c:\program files (x86)\Common Files\Skype

2013-08-14 20:13 . 2013-07-26 05:13 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll

2013-08-14 20:13 . 2013-07-26 05:13 1365504 ----a-w- c:\windows\system32\urlmon.dll

2013-08-14 20:13 . 2013-07-26 05:12 53760 ----a-w- c:\windows\system32\jsproxy.dll

2013-08-14 20:13 . 2013-07-26 03:13 1767936 ----a-w- c:\windows\SysWow64\wininet.dll

2013-08-14 20:13 . 2013-07-26 03:13 817664 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll

2013-08-14 20:13 . 2013-07-26 03:12 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll

2013-08-14 20:13 . 2013-07-26 05:13 2241024 ----a-w- c:\windows\system32\wininet.dll

2013-08-14 20:13 . 2013-07-26 05:12 15405056 ----a-w- c:\windows\system32\ieframe.dll

2013-08-14 20:13 . 2013-07-26 05:12 19239424 ----a-w- c:\windows\system32\mshtml.dll

2013-08-14 20:13 . 2013-08-14 23:55 -------- d-----w- c:\programdata\Skype

2013-08-14 18:38 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll

2013-08-14 18:38 . 2013-07-09 05:46 1472512 ----a-w- c:\windows\system32\crypt32.dll

2013-08-14 18:38 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll

2013-08-14 18:38 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-08-14 18:38 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll

2013-08-14 18:38 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll

2013-08-14 18:38 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll

2013-08-14 18:38 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

2013-08-14 00:03 . 2013-08-15 03:47 -------- d-----w- C:\boot

2013-08-14 00:01 . 2013-08-14 00:02 -------- d-----w- c:\programdata\Macrium

2013-08-13 23:11 . 2013-08-13 23:11 -------- d-----w- c:\program files (x86)\EaseUS

2013-08-13 12:27 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll

2013-08-13 12:27 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll

2013-08-13 12:25 . 2012-08-23 15:28 3584 ----a-w- c:\windows\system32\drivers\nl-NL\tsusbflt.sys.mui

2013-08-13 12:25 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys

2013-08-13 12:25 . 2012-08-23 14:07 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys

2013-08-13 12:25 . 2012-08-23 13:41 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2013-08-13 12:25 . 2012-08-23 13:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2013-08-13 12:25 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll

2013-08-13 12:19 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll

2013-08-13 12:19 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll

2013-08-13 12:10 . 2013-08-13 12:10 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-08-13 12:05 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll

2013-08-13 12:05 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll

2013-08-13 11:54 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll

2013-08-13 11:54 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll

2013-08-13 11:54 . 2012-10-03 17:42 569344 ----a-w- c:\windows\system32\iphlpsvc.dll

2013-08-13 11:54 . 2012-10-03 16:42 156672 ----a-w- c:\windows\SysWow64\ncsi.dll

2013-08-13 11:54 . 2012-10-03 17:44 303104 ----a-w- c:\windows\system32\nlasvc.dll

2013-08-13 11:54 . 2012-10-03 16:42 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll

2013-08-13 11:54 . 2012-01-13 07:12 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll

2013-08-13 11:54 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll

2013-08-13 11:54 . 2012-10-03 16:07 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2013-08-13 11:54 . 2012-10-03 17:44 18944 ----a-w- c:\windows\system32\netevent.dll

2013-08-13 11:54 . 2012-10-03 16:42 18944 ----a-w- c:\windows\SysWow64\netevent.dll

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-08-15 01:34 . 2012-07-17 12:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-08-13 01:11 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2013-08-13 01:11 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2013-07-09 04:45 . 2013-08-14 18:37 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2013-06-28 14:55 . 2013-06-28 14:55 13944 ----a-w- c:\windows\system32\drivers\PSVolAcc.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"WinBar (x86)"="p:\winbar\WinBar.exe" [2009-09-29 271360]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]

"BCSSync"="p:\office proffesional plus 2010\Office14\BCSSync.exe" [2012-11-05 89184]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R3 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]

R3 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]

R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys;c:\windows\SYSNATIVE\DRIVERS\lvpopf64.sys [x]

R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 SkypeUpdate;Skype Updater;p:\skype\Updater\Updater.exe;p:\skype\Updater\Updater.exe [x]

R3 SolutoRemoteService;Soluto Remote Service;c:\program files\Soluto\SolutoRemoteService.exe;c:\program files\Soluto\SolutoRemoteService.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys;c:\windows\SYSNATIVE\DRIVERS\Soluto.sys [x]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\SYMDS64.SYS [x]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\SYMEFA64.SYS [x]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20130715.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [x]

S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\ccSetx64.sys [x]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130113.001\IDSVia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130113.001\IDSVia64.sys [x]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\Ironx64.SYS [x]

S1 SYMNETS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1404000.028\SYMNETS.SYS [x]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

S2 NIS;Norton Internet Security;p:\norton internet security 2013\Engine\20.4.0.40\ccSvcHst.exe;p:\norton internet security 2013\Engine\20.4.0.40\ccSvcHst.exe [x]

S2 SolutoLauncherService;Soluto Launcher Service;c:\program files\Soluto\SolutoLauncherService.exe;c:\program files\Soluto\SolutoLauncherService.exe [x]

S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe;c:\program files\Soluto\SolutoService.exe [x]

S2 TeamViewer8;TeamViewer 8;p:\teamviewer\TeamViewer_Service.exe;p:\teamviewer\TeamViewer_Service.exe [x]

S3 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]

S3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]

S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]

S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]

S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]

S3 ReflectService.exe;Macrium Reflect Image Mounting Service;p:\macrium reflect\ReflectService.exe;p:\macrium reflect\ReflectService.exe [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - BHDRVX64

*NewlyCreated* - CCSET_NIS

*NewlyCreated* - EECTRL

*NewlyCreated* - ERASERUTILDRV11220

*NewlyCreated* - ERASERUTILDRV11310

*NewlyCreated* - IDSVIA64

*NewlyCreated* - NAVENG

*NewlyCreated* - NAVEX15

*NewlyCreated* - SRTSP

*NewlyCreated* - SRTSPX

*NewlyCreated* - SYMDS

*NewlyCreated* - SYMEFA

*NewlyCreated* - SYMEVENT

*NewlyCreated* - SYMIRON

*NewlyCreated* - SYMNETS

*Deregistered* - EraserUtilDrv11220

*Deregistered* - EraserUtilDrv11310

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-08-15 00:20 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-08-19 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-12 22:27]

.

2013-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-15 00:19]

.

2013-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-15 00:19]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Soluto"="c:\program files\soluto\soluto.exe" [2013-08-12 1231424]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]

"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "p:\fences\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: &Verzenden naar OneNote - p:\office~1\Office14\ONBttnIE.dll/105

IE: Afbeelding knippen - p:\evernote\\EvernoteIERes\Clip.html?clipAction=4

IE: E&xporteren naar Microsoft Excel - p:\office~1\Office14\EXCEL.EXE/3000

IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

IE: Kopieer selectie - p:\evernote\\EvernoteIERes\Clip.html?clipAction=3

IE: Kopieer URL - p:\evernote\\EvernoteIERes\Clip.html?clipAction=0

IE: Nieuwe notitie - p:\evernote\\EvernoteIERes\NewNote.html

IE: Pagina opemen - p:\evernote\\EvernoteIERes\Clip.html?clipAction=1

TCP: DhcpNameServer = 192.168.1.1

.

- - - - ORPHANS VERWIJDERD - - - -

.

Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]

"ImagePath"="\"p:\norton internet security 2013\Engine\20.4.0.40\ccSvcHst.exe\" /s \"NIS\" /m \"p:\norton internet security 2013\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-2191765731-929917457-40214162-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-2191765731-929917457-40214162-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]

"v5Licence0"="15-BDQC-7UK5-EXJX-PX69-4H1M-NKYDU2H"

"Activated"="Y"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-08-20 02:22:26

ComboFix-quarantined-files.txt 2013-08-20 00:22

.

Pre-Run: 86.040.805.376 bytes beschikbaar

Post-Run: 86.168.182.784 bytes beschikbaar

.

- - End Of File - - 3ACDCA8123C8A3E98186CA142C89BAE2

A36C5E4F47E84449FF07ED3517B43A31

[kape]

Er is wel wat verwijderd, maar nu ook weer niet écht héél veel. Maakt dit enig verschil uit ?

Zie ook dat je Soluto op de PC hebt staan. Heb je daar al eens mee bekeken hoe je de opstart positief kan beïnvloeden ?