avast

[theeke1958]

hoi heb gedaan zoals je hebt beschreven.maar volgens mij is hij er nog niet uit.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:24:02, on 2-2-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\FileServe Toolbar\FileServeVideoToMp3.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Users\theo\Desktop\HiJackThis.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Woofi
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - Startup: MailWasherPro.lnk = C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: Buienradar.nl - Weer - Actuele neerslag, weerbericht, weersverwachting, sneeuwradar en satellietbeelden
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - Unknown owner - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Unknown owner - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AWiCSrvc - Atheros Communications - C:\Program Files (x86)\Atheros\AWiCSrvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileServe Toolbar Helper - Unknown owner - C:\Program Files (x86)\FileServe Toolbar\FileServeSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - Unknown owner - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe

--
End of file - 14584 bytes
Malwarebytes Anti-Malware (PRO) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Databaseversie: v2012.02.01.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
theo :: THEO-PC [administrator]

Realtime bescherming: Uitgeschakeld

2-2-2012 19:24:52
mbam-log-2012-02-02 (19-24-52).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 200843
Verstreken tijd: 6 minuut/minuten, 51 seconde

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

(einde)

 

[theeke1958]

hoi heb gedaan zoals je hebt beschreven.maar volgens mij is hij er nog niet uit.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:24:02, on 2-2-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\FileServe Toolbar\FileServeVideoToMp3.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Users\theo\Desktop\HiJackThis.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Woofi
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - Startup: MailWasherPro.lnk = C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: Buienradar.nl - Weer - Actuele neerslag, weerbericht, weersverwachting, sneeuwradar en satellietbeelden
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - Unknown owner - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Unknown owner - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AWiCSrvc - Atheros Communications - C:\Program Files (x86)\Atheros\AWiCSrvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileServe Toolbar Helper - Unknown owner - C:\Program Files (x86)\FileServe Toolbar\FileServeSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - Unknown owner - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe

--
End of file - 14584 bytes
Malwarebytes Anti-Malware (PRO) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Databaseversie: v2012.02.01.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
theo :: THEO-PC [administrator]

Realtime bescherming: Uitgeschakeld

2-2-2012 19:24:52
mbam-log-2012-02-02 (19-24-52).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 200843
Verstreken tijd: 6 minuut/minuten, 51 seconde

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

(einde)

 

[swake]

Dag theeke, hij zit er nog in. We gaan er Combofix bijhalen.

Download hier of hier Combofix
naar je bureaublad.
Lees hier hoe Combofix te gebruiken.

Belangrijk !!!: Schakel al je Antivirus en antispyware software uit, bij gebruik van Combofix, dit omdat deze kunnen conflicten veroorzaken met Combofix.

Bij gebruik van Combofix, kan het gebeuren dat de computer meerdere malen zal heropstarten, dit is normaal.
Dubbelklik op het icoontje van Combofix om de tool te starten.
Tijdens de scan met Combofix mag je geen gebruik maken van de computer, ook nergens met je muis gaan klikken tijdens de scan, want dit kan Combofix laten vastlopen.

Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

Als combofix klaar is met de scan, zal het een logbestand maken. Het logbestand kun je terugvinden in C:\ComboFix.txt

Plaats in een nieuw antwoord:
log combofix
nieuw HijackThis logje.

 

[theeke1958]

ComboFix 12-01-30.02 - theo 02-02-2012 20:54:07.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3885.1942 [GMT 1:00]
Gestart vanuit: c:\users\theo\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\users\Public\Documents\NTIBUN5.dll
c:\users\Public\Documents\NTIJCMK5.dll
c:\users\Public\Documents\NTILiveUpdate.dll
c:\users\Public\Documents\NTIMMV8.dll
c:\users\Public\Documents\NTIMMV9P.dll
c:\users\theo\AppData\Local\Temp\bad4021e-8b96-4726-a482-7caebf5bc001\CliSecureRT.dll
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-01-02 to 2012-02-02 ))))))))))))))))))))))))))))))
.
.
2012-02-02 20:05 . 2012-02-02 20:05 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-02-02 20:05 . 2012-02-02 20:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-02 17:52 . 2012-02-02 20:08 -------- d-----w- c:\users\theo\AppData\Local\Temp
2012-02-01 21:36 . 2012-02-01 21:36 116016 ----a-w- c:\windows\system32\drivers\38391653.sys
2012-02-01 20:27 . 2012-02-01 20:27 116016 ----a-w- c:\windows\system32\drivers\65474527.sys
2012-01-31 20:49 . 2012-01-17 03:39 8602168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D121EE82-6FF5-4241-9E87-A29102CAC6DB}\mpengine.dll
2012-01-30 20:14 . 2012-01-30 20:14 -------- d-----w- c:\program files (x86)\AVG
2012-01-29 16:16 . 2012-01-29 16:16 -------- d-----w- c:\program files (x86)\Common Files\ParetoLogic
2012-01-29 16:16 . 2012-01-29 16:16 -------- d-----w- c:\program files (x86)\ParetoLogic
2012-01-29 15:36 . 2011-10-04 16:22 917840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{65DD3A62-DBF6-4C11-91FB-2BED36BA32E5}\gapaengine.dll
2012-01-29 15:33 . 2012-01-29 15:33 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-01-29 15:33 . 2012-01-29 15:33 -------- d-----w- c:\program files\Microsoft Security Client
2012-01-28 23:31 . 2012-01-28 23:31 -------- d-----w- c:\users\theo\AppData\Local\uTorrent
2012-01-27 19:16 . 2012-01-27 19:16 -------- d-----w- c:\windows\system32\wbem\Logs
2012-01-26 19:00 . 2012-01-26 19:00 -------- d-----w- c:\users\theo\AppData\Local\Babylon
2012-01-26 18:59 . 2012-01-26 18:59 -------- d-----w- c:\users\theo\AppData\Roaming\Babylon
2012-01-26 18:59 . 2012-01-26 18:59 -------- d-----w- c:\programdata\Babylon
2012-01-26 18:59 . 2012-01-26 19:00 -------- d-----w- c:\program files (x86)\Your Uninstaller! 7
2012-01-24 18:32 . 2012-01-24 18:32 -------- d-----w- c:\program files (x86)\Firetrust
2012-01-22 21:37 . 2012-01-24 19:12 -------- d-----w- c:\users\theo\AppData\Roaming\ImgBurn
2012-01-22 21:35 . 2012-01-22 21:35 -------- d-----w- c:\program files (x86)\ImgBurn
2012-01-22 18:45 . 2012-01-22 18:45 -------- d-----w- c:\programdata\ASUS
2012-01-22 14:26 . 2012-01-22 14:26 -------- d-----w- c:\program files\DIFX
2012-01-22 14:24 . 2009-06-04 21:44 15880 ----a-w- c:\windows\system32\drivers\PuAcpi64.sys
2012-01-22 08:40 . 2012-01-22 08:40 -------- d-----w- c:\users\theo\AppData\Roaming\ParetoLogic
2012-01-22 08:40 . 2012-01-22 08:40 -------- d-----w- c:\users\theo\AppData\Roaming\DriverCure
2012-01-22 08:40 . 2012-01-29 16:16 -------- d-----w- c:\programdata\ParetoLogic
2012-01-21 15:08 . 2012-01-21 16:10 -------- d-----w- c:\programdata\AVAST Software
2012-01-21 10:28 . 2011-07-06 18:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2012-01-21 10:28 . 2012-02-01 17:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-21 10:28 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-16 18:16 . 2012-01-16 19:56 -------- d-----w- c:\program files (x86)\TomTom International B.V
2012-01-16 18:16 . 2012-01-16 18:16 -------- d-----w- c:\program files (x86)\TomTom HOME 2
2012-01-14 13:18 . 2012-01-14 13:18 -------- d-----w- c:\users\theo\AppData\Local\Samsung
2012-01-14 13:17 . 2012-01-14 13:17 -------- d-----w- c:\users\theo\AppData\Roaming\Samsung
2012-01-14 13:07 . 2011-12-08 04:22 1917416 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll
2012-01-14 13:07 . 2011-12-08 04:22 1917416 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01005.dll
2012-01-14 13:07 . 2011-12-08 04:22 177640 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2012-01-14 13:07 . 2011-12-08 04:22 16872 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2012-01-14 13:07 . 2011-12-08 04:22 157672 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2012-01-14 13:07 . 2011-12-08 04:22 13800 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2012-01-14 13:07 . 2011-12-08 04:22 13800 ----a-w- c:\windows\system32\drivers\ssadwh.sys
2012-01-14 13:07 . 2011-12-08 04:22 13288 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2012-01-14 13:07 . 2011-12-08 04:22 13288 ----a-w- c:\windows\system32\drivers\ssadcm.sys
2012-01-14 13:07 . 2011-12-08 04:22 36328 ----a-w- c:\windows\system32\drivers\ssadadb.sys
2012-01-14 13:07 . 2011-12-08 04:22 146920 ----a-w- c:\windows\system32\drivers\ssadserd.sys
2012-01-14 13:01 . 2012-01-29 15:33 -------- d-----w- c:\windows\system32\catroot2
2012-01-14 13:00 . 2011-12-23 19:58 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-01-14 13:00 . 2012-01-14 13:00 -------- d-----w- c:\program files (x86)\MarkAny
2012-01-14 13:00 . 2011-12-23 19:58 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-01-14 12:59 . 2012-01-14 13:01 -------- d-----w- c:\program files (x86)\Samsung
2012-01-14 12:59 . 2012-01-14 13:01 -------- d-----w- c:\programdata\Samsung
2012-01-13 20:54 . 2012-01-13 20:54 -------- d-----w- c:\programdata\TomTom
2012-01-13 20:43 . 2009-05-16 00:15 16896 ----a-w- c:\windows\system32\drivers\UBHelper.sys
2012-01-13 20:43 . 2009-03-26 07:21 18432 ----a-w- c:\windows\system32\drivers\NTIDrvr.sys
2012-01-12 18:59 . 2012-01-24 19:37 -------- d-----w- c:\programdata\Ocster Backup
2012-01-11 20:01 . 2012-01-11 20:01 -------- d-----w- c:\users\theo\AppData\Local\Windows Live Writer
2012-01-11 20:01 . 2012-01-11 20:01 -------- d-----w- c:\users\theo\AppData\Roaming\Windows Live Writer
2012-01-09 19:22 . 2012-01-09 19:22 -------- d-----w- c:\users\theo\Option
2012-01-09 19:18 . 2012-01-10 20:21 -------- d-----w- c:\programdata\BlazeVideo
2012-01-08 19:48 . 2012-01-08 19:54 -------- d-----w- c:\programdata\NTI Launcher
2012-01-08 19:46 . 2012-01-12 00:13 -------- d-----w- c:\program files (x86)\Common Files\muvee Technologies
2012-01-08 19:44 . 2012-01-11 21:10 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2012-01-08 19:42 . 2012-01-12 00:13 -------- d-----w- c:\programdata\InstallShield
2012-01-08 19:29 . 2012-01-13 20:37 -------- d-----w- c:\program files (x86)\Downloaded Installations
2012-01-07 17:21 . 2012-01-07 17:21 417440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-01-07 16:54 . 2012-01-08 08:59 2200 ----a-w- c:\windows\system32\ASOROSet.bin
2012-01-07 15:31 . 2012-01-28 17:48 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2012-01-07 14:14 . 2012-01-28 17:49 -------- d-----w- c:\programdata\Norton
2012-01-07 08:10 . 2012-01-12 00:13 -------- d-----w- c:\users\theo\AppData\Roaming\Systweak
2012-01-07 08:10 . 2011-11-19 10:52 18816 ----a-w- c:\windows\system32\roboot64.exe
2012-01-06 16:01 . 2012-01-29 19:17 -------- d--h--w- c:\programdata\MFAData
2012-01-06 11:30 . 2012-01-06 11:30 -------- d--h--w- c:\programdata\Malwarebytes
2012-01-06 10:49 . 2012-01-06 10:49 90192 ----a-w- c:\windows\system32\drivers\bdfndisf6.sys
2012-01-05 22:54 . 2012-01-05 22:54 -------- d-----w- c:\users\theo\AppData\Roaming\QuickScan
2012-01-05 22:53 . 2012-01-06 12:13 -------- d-----w- c:\program files\Common Files\Bitdefender
2012-01-05 00:32 . 2012-01-05 00:32 53248 ----a-r- c:\users\theo\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-01-05 00:31 . 2012-01-05 00:31 -------- d-----w- c:\program files\Logitech
2012-01-05 00:29 . 2012-01-05 00:29 -------- d-----w- C:\Intel
2012-01-05 00:27 . 2012-01-07 16:49 -------- d--h--w- c:\programdata\DriverGenius
2012-01-05 00:09 . 2012-01-05 00:09 -------- d-----w- c:\program files (x86)\SpotLite
2012-01-04 20:51 . 2012-01-04 20:51 -------- d--h--w- c:\programdata\IncrediMail
2012-01-04 20:50 . 2012-01-04 20:50 -------- d--h--w- c:\programdata\IM
2012-01-04 20:22 . 2012-01-04 22:07 -------- d-----w- c:\programdata\Spotnet
2012-01-04 20:06 . 2012-01-07 17:03 -------- d-----w- c:\programdata\SpotGrit
2012-01-04 19:20 . 2012-01-05 00:31 -------- d--h--w- c:\programdata\Logishrd
2012-01-04 19:19 . 2012-01-04 19:19 -------- d--h--w- c:\programdata\Intel
2012-01-04 19:14 . 2012-01-04 19:14 -------- d--h--w- c:\programdata\Messenger Plus!
2012-01-04 18:51 . 2012-01-04 18:52 -------- d-----w- C:\ASUS.DAT
2012-01-04 09:42 . 2011-11-30 01:21 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{841AA7E3-F349-42EB-9BE6-594C79D3338E}\mpengine.dll
2012-01-04 08:56 . 2011-11-28 18:01 256960 ----a-w- c:\windows\system32\aswBoot.exe
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-07 17:21 . 2011-05-18 19:05 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-03 17:48 . 2012-01-03 17:48 388096 ----a-r- c:\users\theo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-03 11:23 . 2011-04-26 21:26 1263200 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2012-01-03 11:23 . 2012-01-03 11:23 970336 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-12-26 18:11 . 2011-04-04 17:44 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-12-26 09:11 . 2011-04-04 20:35 882512 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-23 19:58 . 2011-12-23 19:58 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-12-23 19:58 . 2011-12-23 19:58 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-12-23 19:58 . 2011-12-23 19:58 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-12-23 19:58 . 2011-12-23 19:58 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
2011-12-23 19:58 . 2011-12-23 19:58 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
2011-12-23 19:58 . 2011-12-23 19:58 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
2011-12-23 19:58 . 2011-12-23 19:58 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
2011-12-23 19:58 . 2011-12-23 19:58 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
2011-12-23 19:58 . 2011-12-23 19:58 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
2011-12-23 19:58 . 2011-12-23 19:58 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
2011-12-23 19:58 . 2011-12-23 19:58 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
2011-12-23 19:58 . 2011-12-23 19:58 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
2011-12-23 19:58 . 2011-12-23 19:58 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2011-12-23 19:58 . 2011-12-23 19:58 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
2011-12-23 19:58 . 2011-12-23 19:58 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
2011-12-23 19:58 . 2011-12-23 19:58 40960 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2011-12-23 19:58 . 2011-12-23 19:58 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
2011-12-23 19:58 . 2011-12-23 19:58 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
2011-12-23 19:58 . 2011-12-23 19:58 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
2011-12-23 19:58 . 2011-12-23 19:58 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2011-12-23 19:58 . 2011-12-23 19:58 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
2011-12-23 19:58 . 2011-12-23 19:58 172032 ----a-w- c:\windows\SysWow64\muzapp.exe
2011-12-23 19:58 . 2011-12-23 19:58 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
2011-12-23 19:58 . 2011-12-23 19:58 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
2011-12-23 19:58 . 2011-12-23 19:58 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
2011-12-23 19:58 . 2011-12-23 19:58 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
2011-12-23 19:58 . 2011-12-23 19:58 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
2011-12-23 19:58 . 2011-12-23 19:58 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
2011-12-23 19:58 . 2011-12-23 19:58 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
2011-12-22 22:09 . 2012-01-02 16:29 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
2011-12-22 22:09 . 2012-01-02 16:29 51336 ----a-w- c:\windows\system32\drivers\EUBKMON.sys
2011-12-22 22:09 . 2012-01-02 16:29 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys
2011-12-22 22:09 . 2012-01-02 16:29 57480 ----a-w- c:\windows\system32\drivers\eubakup.sys
2011-12-21 00:02 . 2011-12-21 00:02 4448256 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-12-20 19:24 . 2011-12-20 19:24 56 ----a-w- c:\windows\system32\SupportTool.exe.bat
2011-12-20 19:21 . 2011-12-20 19:25 105744 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2011-12-20 19:21 . 2011-12-20 19:25 91920 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2011-12-20 19:21 . 2011-12-20 19:25 70928 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2011-12-20 19:21 . 2011-12-20 19:25 167696 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-12-06 14:55 . 2010-11-05 23:51 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2011-11-24 04:52 . 2011-12-13 18:51 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-11-23 14:13 . 2011-09-10 10:50 2796544 ----a-w- c:\windows\system32\drivers\athrx.sys
2011-11-23 14:13 . 2011-09-10 10:50 2796544 ----a-w- c:\windows\system32\athrx.sys
2011-11-23 13:15 . 2011-11-20 08:58 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-11-23 13:15 . 2011-12-08 21:03 28992 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-11-23 13:15 . 2011-12-08 21:03 35648 ----a-w- c:\windows\system32\uxtuneup.dll
2011-11-23 13:15 . 2011-11-20 08:57 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-11-23 13:15 . 2011-11-20 08:57 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-11-17 16:11 . 2011-11-17 16:11 145424 ----a-w- c:\windows\system32\drivers\JME.sys
2011-11-15 13:29 . 2012-01-02 16:43 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-11-10 04:54 . 2011-03-20 14:44 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-11-05 05:32 . 2011-12-13 18:52 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-05 04:26 . 2011-12-13 18:52 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-08-16 2736128]
"CursorFX"="c:\program files (x86)\Stardock\CursorFX\CursorFX.exe" [2010-03-23 417280]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 910208]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-12-27 937360]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-12-27 21392]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-11-05 2429]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-25 6806144]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440]
"nmctxth"="c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]
"nmapp"="c:\program files (x86)\Pure Networks\Network Magic\nmapp.exe" [2011-04-02 472112]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2011-03-15 650080]
"PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2011-10-24 801792]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-12-27 3508624]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-12-20 634880]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\users\theo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MailWasherPro.lnk - c:\program files (x86)\Firetrust\MailWasher\MailWasherPro.exe [2011-12-9 5490512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-11-6 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-11-6 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 ArcSec;archlp;c:\windows\system32\drivers\ArcSec.sys [x]
R1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [x]
R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [x]
R2 AFBAgent;AFBAgent; [x]
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-07 253600]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [x]
R3 AWiCSrvc;AWiCSrvc;c:\program files (x86)\Atheros\AWiCSrvc.exe [2010-12-20 50336]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2010-11-05 332272]
R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\Spyware Doctor\pctsAuxs.exe [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\BatteryCare\WinRing0x64.sys [x]
R4 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe [x]
R4 ThreatFire;ThreatFire;c:\program files (x86)\Spyware Doctor\TFEngine\TFService.exe service [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 FileServe Toolbar Helper;FileServe Toolbar Helper;c:\program files (x86)\FileServe Toolbar\FileServeSvc.exe [2011-03-22 224256]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [2011-10-21 73728]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MTsensor64;PU ACPI UTILITY;c:\windows\system32\DRIVERS\PuAcpi64.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-08-16 11:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2012-02-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-07 17:21]
.
2012-02-02 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-01-04 12:20]
.
2012-01-29 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-01-29 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-03-29 23:17]
.
2012-01-29 c:\windows\Tasks\PC Health Advisor Defrag.job
- c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-03-29 16:39]
.
2012-01-29 c:\windows\Tasks\PC Health Advisor.job
- c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-03-29 16:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2010-11-05 23:42 750064 ----a-w- c:\programdata\Partner\Partner64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-21 416024]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://nl.woofi.info
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: buienradar.nl\www
TCP: DhcpNameServer = 192.168.1.1 62.179.104.196 213.46.228.196
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_160_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_160_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\FileServe Toolbar\FileServeVideoToMp3.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe
.
**************************************************************************
.
Voltooingstijd: 2012-02-02 21:13:55 - machine werd herstart
ComboFix-quarantined-files.txt 2012-02-02 20:13
.
Pre-Run: 55.237.201.920 bytes beschikbaar
Post-Run: 54.786.138.112 bytes beschikbaar
.
- - End Of File - - 17124A96C1BE25CB1F96626ACB3849D0
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:25:54, on 2-2-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\FileServe Toolbar\FileServeVideoToMp3.exe
C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Users\theo\Desktop\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Woofi
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - Startup: MailWasherPro.lnk = C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: Buienradar.nl - Weer - Actuele neerslag, weerbericht, weersverwachting, sneeuwradar en satellietbeelden
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - Unknown owner - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Unknown owner - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AWiCSrvc - Atheros Communications - C:\Program Files (x86)\Atheros\AWiCSrvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileServe Toolbar Helper - Unknown owner - C:\Program Files (x86)\FileServe Toolbar\FileServeSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - Unknown owner - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe

--
End of file - 14367 bytes

 

[theeke1958]

ComboFix 12-01-30.02 - theo 02-02-2012 20:54:07.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3885.1942 [GMT 1:00]
Gestart vanuit: c:\users\theo\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\users\Public\Documents\NTIBUN5.dll
c:\users\Public\Documents\NTIJCMK5.dll
c:\users\Public\Documents\NTILiveUpdate.dll
c:\users\Public\Documents\NTIMMV8.dll
c:\users\Public\Documents\NTIMMV9P.dll
c:\users\theo\AppData\Local\Temp\bad4021e-8b96-4726-a482-7caebf5bc001\CliSecureRT.dll
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-01-02 to 2012-02-02 ))))))))))))))))))))))))))))))
.
.
2012-02-02 20:05 . 2012-02-02 20:05 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-02-02 20:05 . 2012-02-02 20:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-02 17:52 . 2012-02-02 20:08 -------- d-----w- c:\users\theo\AppData\Local\Temp
2012-02-01 21:36 . 2012-02-01 21:36 116016 ----a-w- c:\windows\system32\drivers\38391653.sys
2012-02-01 20:27 . 2012-02-01 20:27 116016 ----a-w- c:\windows\system32\drivers\65474527.sys
2012-01-31 20:49 . 2012-01-17 03:39 8602168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D121EE82-6FF5-4241-9E87-A29102CAC6DB}\mpengine.dll
2012-01-30 20:14 . 2012-01-30 20:14 -------- d-----w- c:\program files (x86)\AVG
2012-01-29 16:16 . 2012-01-29 16:16 -------- d-----w- c:\program files (x86)\Common Files\ParetoLogic
2012-01-29 16:16 . 2012-01-29 16:16 -------- d-----w- c:\program files (x86)\ParetoLogic
2012-01-29 15:36 . 2011-10-04 16:22 917840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{65DD3A62-DBF6-4C11-91FB-2BED36BA32E5}\gapaengine.dll
2012-01-29 15:33 . 2012-01-29 15:33 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-01-29 15:33 . 2012-01-29 15:33 -------- d-----w- c:\program files\Microsoft Security Client
2012-01-28 23:31 . 2012-01-28 23:31 -------- d-----w- c:\users\theo\AppData\Local\uTorrent
2012-01-27 19:16 . 2012-01-27 19:16 -------- d-----w- c:\windows\system32\wbem\Logs
2012-01-26 19:00 . 2012-01-26 19:00 -------- d-----w- c:\users\theo\AppData\Local\Babylon
2012-01-26 18:59 . 2012-01-26 18:59 -------- d-----w- c:\users\theo\AppData\Roaming\Babylon
2012-01-26 18:59 . 2012-01-26 18:59 -------- d-----w- c:\programdata\Babylon
2012-01-26 18:59 . 2012-01-26 19:00 -------- d-----w- c:\program files (x86)\Your Uninstaller! 7
2012-01-24 18:32 . 2012-01-24 18:32 -------- d-----w- c:\program files (x86)\Firetrust
2012-01-22 21:37 . 2012-01-24 19:12 -------- d-----w- c:\users\theo\AppData\Roaming\ImgBurn
2012-01-22 21:35 . 2012-01-22 21:35 -------- d-----w- c:\program files (x86)\ImgBurn
2012-01-22 18:45 . 2012-01-22 18:45 -------- d-----w- c:\programdata\ASUS
2012-01-22 14:26 . 2012-01-22 14:26 -------- d-----w- c:\program files\DIFX
2012-01-22 14:24 . 2009-06-04 21:44 15880 ----a-w- c:\windows\system32\drivers\PuAcpi64.sys
2012-01-22 08:40 . 2012-01-22 08:40 -------- d-----w- c:\users\theo\AppData\Roaming\ParetoLogic
2012-01-22 08:40 . 2012-01-22 08:40 -------- d-----w- c:\users\theo\AppData\Roaming\DriverCure
2012-01-22 08:40 . 2012-01-29 16:16 -------- d-----w- c:\programdata\ParetoLogic
2012-01-21 15:08 . 2012-01-21 16:10 -------- d-----w- c:\programdata\AVAST Software
2012-01-21 10:28 . 2011-07-06 18:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2012-01-21 10:28 . 2012-02-01 17:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-21 10:28 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-16 18:16 . 2012-01-16 19:56 -------- d-----w- c:\program files (x86)\TomTom International B.V
2012-01-16 18:16 . 2012-01-16 18:16 -------- d-----w- c:\program files (x86)\TomTom HOME 2
2012-01-14 13:18 . 2012-01-14 13:18 -------- d-----w- c:\users\theo\AppData\Local\Samsung
2012-01-14 13:17 . 2012-01-14 13:17 -------- d-----w- c:\users\theo\AppData\Roaming\Samsung
2012-01-14 13:07 . 2011-12-08 04:22 1917416 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll
2012-01-14 13:07 . 2011-12-08 04:22 1917416 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01005.dll
2012-01-14 13:07 . 2011-12-08 04:22 177640 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2012-01-14 13:07 . 2011-12-08 04:22 16872 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2012-01-14 13:07 . 2011-12-08 04:22 157672 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2012-01-14 13:07 . 2011-12-08 04:22 13800 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2012-01-14 13:07 . 2011-12-08 04:22 13800 ----a-w- c:\windows\system32\drivers\ssadwh.sys
2012-01-14 13:07 . 2011-12-08 04:22 13288 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2012-01-14 13:07 . 2011-12-08 04:22 13288 ----a-w- c:\windows\system32\drivers\ssadcm.sys
2012-01-14 13:07 . 2011-12-08 04:22 36328 ----a-w- c:\windows\system32\drivers\ssadadb.sys
2012-01-14 13:07 . 2011-12-08 04:22 146920 ----a-w- c:\windows\system32\drivers\ssadserd.sys
2012-01-14 13:01 . 2012-01-29 15:33 -------- d-----w- c:\windows\system32\catroot2
2012-01-14 13:00 . 2011-12-23 19:58 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-01-14 13:00 . 2012-01-14 13:00 -------- d-----w- c:\program files (x86)\MarkAny
2012-01-14 13:00 . 2011-12-23 19:58 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-01-14 12:59 . 2012-01-14 13:01 -------- d-----w- c:\program files (x86)\Samsung
2012-01-14 12:59 . 2012-01-14 13:01 -------- d-----w- c:\programdata\Samsung
2012-01-13 20:54 . 2012-01-13 20:54 -------- d-----w- c:\programdata\TomTom
2012-01-13 20:43 . 2009-05-16 00:15 16896 ----a-w- c:\windows\system32\drivers\UBHelper.sys
2012-01-13 20:43 . 2009-03-26 07:21 18432 ----a-w- c:\windows\system32\drivers\NTIDrvr.sys
2012-01-12 18:59 . 2012-01-24 19:37 -------- d-----w- c:\programdata\Ocster Backup
2012-01-11 20:01 . 2012-01-11 20:01 -------- d-----w- c:\users\theo\AppData\Local\Windows Live Writer
2012-01-11 20:01 . 2012-01-11 20:01 -------- d-----w- c:\users\theo\AppData\Roaming\Windows Live Writer
2012-01-09 19:22 . 2012-01-09 19:22 -------- d-----w- c:\users\theo\Option
2012-01-09 19:18 . 2012-01-10 20:21 -------- d-----w- c:\programdata\BlazeVideo
2012-01-08 19:48 . 2012-01-08 19:54 -------- d-----w- c:\programdata\NTI Launcher
2012-01-08 19:46 . 2012-01-12 00:13 -------- d-----w- c:\program files (x86)\Common Files\muvee Technologies
2012-01-08 19:44 . 2012-01-11 21:10 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2012-01-08 19:42 . 2012-01-12 00:13 -------- d-----w- c:\programdata\InstallShield
2012-01-08 19:29 . 2012-01-13 20:37 -------- d-----w- c:\program files (x86)\Downloaded Installations
2012-01-07 17:21 . 2012-01-07 17:21 417440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-01-07 16:54 . 2012-01-08 08:59 2200 ----a-w- c:\windows\system32\ASOROSet.bin
2012-01-07 15:31 . 2012-01-28 17:48 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2012-01-07 14:14 . 2012-01-28 17:49 -------- d-----w- c:\programdata\Norton
2012-01-07 08:10 . 2012-01-12 00:13 -------- d-----w- c:\users\theo\AppData\Roaming\Systweak
2012-01-07 08:10 . 2011-11-19 10:52 18816 ----a-w- c:\windows\system32\roboot64.exe
2012-01-06 16:01 . 2012-01-29 19:17 -------- d--h--w- c:\programdata\MFAData
2012-01-06 11:30 . 2012-01-06 11:30 -------- d--h--w- c:\programdata\Malwarebytes
2012-01-06 10:49 . 2012-01-06 10:49 90192 ----a-w- c:\windows\system32\drivers\bdfndisf6.sys
2012-01-05 22:54 . 2012-01-05 22:54 -------- d-----w- c:\users\theo\AppData\Roaming\QuickScan
2012-01-05 22:53 . 2012-01-06 12:13 -------- d-----w- c:\program files\Common Files\Bitdefender
2012-01-05 00:32 . 2012-01-05 00:32 53248 ----a-r- c:\users\theo\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-01-05 00:31 . 2012-01-05 00:31 -------- d-----w- c:\program files\Logitech
2012-01-05 00:29 . 2012-01-05 00:29 -------- d-----w- C:\Intel
2012-01-05 00:27 . 2012-01-07 16:49 -------- d--h--w- c:\programdata\DriverGenius
2012-01-05 00:09 . 2012-01-05 00:09 -------- d-----w- c:\program files (x86)\SpotLite
2012-01-04 20:51 . 2012-01-04 20:51 -------- d--h--w- c:\programdata\IncrediMail
2012-01-04 20:50 . 2012-01-04 20:50 -------- d--h--w- c:\programdata\IM
2012-01-04 20:22 . 2012-01-04 22:07 -------- d-----w- c:\programdata\Spotnet
2012-01-04 20:06 . 2012-01-07 17:03 -------- d-----w- c:\programdata\SpotGrit
2012-01-04 19:20 . 2012-01-05 00:31 -------- d--h--w- c:\programdata\Logishrd
2012-01-04 19:19 . 2012-01-04 19:19 -------- d--h--w- c:\programdata\Intel
2012-01-04 19:14 . 2012-01-04 19:14 -------- d--h--w- c:\programdata\Messenger Plus!
2012-01-04 18:51 . 2012-01-04 18:52 -------- d-----w- C:\ASUS.DAT
2012-01-04 09:42 . 2011-11-30 01:21 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{841AA7E3-F349-42EB-9BE6-594C79D3338E}\mpengine.dll
2012-01-04 08:56 . 2011-11-28 18:01 256960 ----a-w- c:\windows\system32\aswBoot.exe
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-07 17:21 . 2011-05-18 19:05 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-03 17:48 . 2012-01-03 17:48 388096 ----a-r- c:\users\theo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-03 11:23 . 2011-04-26 21:26 1263200 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2012-01-03 11:23 . 2012-01-03 11:23 970336 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-12-26 18:11 . 2011-04-04 17:44 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-12-26 09:11 . 2011-04-04 20:35 882512 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-23 19:58 . 2011-12-23 19:58 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-12-23 19:58 . 2011-12-23 19:58 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-12-23 19:58 . 2011-12-23 19:58 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-12-23 19:58 . 2011-12-23 19:58 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
2011-12-23 19:58 . 2011-12-23 19:58 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
2011-12-23 19:58 . 2011-12-23 19:58 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
2011-12-23 19:58 . 2011-12-23 19:58 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
2011-12-23 19:58 . 2011-12-23 19:58 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
2011-12-23 19:58 . 2011-12-23 19:58 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
2011-12-23 19:58 . 2011-12-23 19:58 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
2011-12-23 19:58 . 2011-12-23 19:58 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
2011-12-23 19:58 . 2011-12-23 19:58 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
2011-12-23 19:58 . 2011-12-23 19:58 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2011-12-23 19:58 . 2011-12-23 19:58 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
2011-12-23 19:58 . 2011-12-23 19:58 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
2011-12-23 19:58 . 2011-12-23 19:58 40960 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2011-12-23 19:58 . 2011-12-23 19:58 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
2011-12-23 19:58 . 2011-12-23 19:58 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
2011-12-23 19:58 . 2011-12-23 19:58 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
2011-12-23 19:58 . 2011-12-23 19:58 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2011-12-23 19:58 . 2011-12-23 19:58 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
2011-12-23 19:58 . 2011-12-23 19:58 172032 ----a-w- c:\windows\SysWow64\muzapp.exe
2011-12-23 19:58 . 2011-12-23 19:58 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
2011-12-23 19:58 . 2011-12-23 19:58 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
2011-12-23 19:58 . 2011-12-23 19:58 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
2011-12-23 19:58 . 2011-12-23 19:58 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
2011-12-23 19:58 . 2011-12-23 19:58 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
2011-12-23 19:58 . 2011-12-23 19:58 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
2011-12-23 19:58 . 2011-12-23 19:58 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
2011-12-22 22:09 . 2012-01-02 16:29 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
2011-12-22 22:09 . 2012-01-02 16:29 51336 ----a-w- c:\windows\system32\drivers\EUBKMON.sys
2011-12-22 22:09 . 2012-01-02 16:29 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys
2011-12-22 22:09 . 2012-01-02 16:29 57480 ----a-w- c:\windows\system32\drivers\eubakup.sys
2011-12-21 00:02 . 2011-12-21 00:02 4448256 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-12-20 19:24 . 2011-12-20 19:24 56 ----a-w- c:\windows\system32\SupportTool.exe.bat
2011-12-20 19:21 . 2011-12-20 19:25 105744 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2011-12-20 19:21 . 2011-12-20 19:25 91920 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2011-12-20 19:21 . 2011-12-20 19:25 70928 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2011-12-20 19:21 . 2011-12-20 19:25 167696 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-12-06 14:55 . 2010-11-05 23:51 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2011-11-24 04:52 . 2011-12-13 18:51 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-11-23 14:13 . 2011-09-10 10:50 2796544 ----a-w- c:\windows\system32\drivers\athrx.sys
2011-11-23 14:13 . 2011-09-10 10:50 2796544 ----a-w- c:\windows\system32\athrx.sys
2011-11-23 13:15 . 2011-11-20 08:58 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-11-23 13:15 . 2011-12-08 21:03 28992 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-11-23 13:15 . 2011-12-08 21:03 35648 ----a-w- c:\windows\system32\uxtuneup.dll
2011-11-23 13:15 . 2011-11-20 08:57 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-11-23 13:15 . 2011-11-20 08:57 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-11-17 16:11 . 2011-11-17 16:11 145424 ----a-w- c:\windows\system32\drivers\JME.sys
2011-11-15 13:29 . 2012-01-02 16:43 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-11-10 04:54 . 2011-03-20 14:44 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-11-05 05:32 . 2011-12-13 18:52 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-05 04:26 . 2011-12-13 18:52 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-08-16 2736128]
"CursorFX"="c:\program files (x86)\Stardock\CursorFX\CursorFX.exe" [2010-03-23 417280]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 910208]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-12-27 937360]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-12-27 21392]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-11-05 2429]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-25 6806144]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440]
"nmctxth"="c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]
"nmapp"="c:\program files (x86)\Pure Networks\Network Magic\nmapp.exe" [2011-04-02 472112]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2011-03-15 650080]
"PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2011-10-24 801792]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-12-27 3508624]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-12-20 634880]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\users\theo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MailWasherPro.lnk - c:\program files (x86)\Firetrust\MailWasher\MailWasherPro.exe [2011-12-9 5490512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-11-6 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-11-6 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 ArcSec;archlp;c:\windows\system32\drivers\ArcSec.sys [x]
R1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [x]
R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [x]
R2 AFBAgent;AFBAgent; [x]
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-07 253600]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [x]
R3 AWiCSrvc;AWiCSrvc;c:\program files (x86)\Atheros\AWiCSrvc.exe [2010-12-20 50336]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2010-11-05 332272]
R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\Spyware Doctor\pctsAuxs.exe [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\BatteryCare\WinRing0x64.sys [x]
R4 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe [x]
R4 ThreatFire;ThreatFire;c:\program files (x86)\Spyware Doctor\TFEngine\TFService.exe service [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 FileServe Toolbar Helper;FileServe Toolbar Helper;c:\program files (x86)\FileServe Toolbar\FileServeSvc.exe [2011-03-22 224256]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [2011-10-21 73728]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MTsensor64;PU ACPI UTILITY;c:\windows\system32\DRIVERS\PuAcpi64.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-08-16 11:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2012-02-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-07 17:21]
.
2012-02-02 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-01-04 12:20]
.
2012-01-29 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-01-29 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-03-29 23:17]
.
2012-01-29 c:\windows\Tasks\PC Health Advisor Defrag.job
- c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-03-29 16:39]
.
2012-01-29 c:\windows\Tasks\PC Health Advisor.job
- c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-03-29 16:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2010-11-05 23:42 750064 ----a-w- c:\programdata\Partner\Partner64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-21 416024]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://nl.woofi.info
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: buienradar.nl\www
TCP: DhcpNameServer = 192.168.1.1 62.179.104.196 213.46.228.196
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_160_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_160_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\FileServe Toolbar\FileServeVideoToMp3.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe
.
**************************************************************************
.
Voltooingstijd: 2012-02-02 21:13:55 - machine werd herstart
ComboFix-quarantined-files.txt 2012-02-02 20:13
.
Pre-Run: 55.237.201.920 bytes beschikbaar
Post-Run: 54.786.138.112 bytes beschikbaar
.
- - End Of File - - 17124A96C1BE25CB1F96626ACB3849D0
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:25:54, on 2-2-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\FileServe Toolbar\FileServeVideoToMp3.exe
C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Users\theo\Desktop\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Woofi
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - Startup: MailWasherPro.lnk = C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: Buienradar.nl - Weer - Actuele neerslag, weerbericht, weersverwachting, sneeuwradar en satellietbeelden
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - Unknown owner - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Unknown owner - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AWiCSrvc - Atheros Communications - C:\Program Files (x86)\Atheros\AWiCSrvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileServe Toolbar Helper - Unknown owner - C:\Program Files (x86)\FileServe Toolbar\FileServeSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - Unknown owner - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe

--
End of file - 14367 bytes

 

[swake]

theeke, je hebt Combofix niet goed uitgevoerd.
Combofix moet vanop het bureaublad uitgevoerd worden.
Verplaats Combofix naar het bureaublad en voer het vanaf daar terug uit.

 

[theeke1958]

ComboFix 12-01-30.02 - theo 02-02-2012 21:47:23.5.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3885.2026 [GMT 1:00]
Gestart vanuit: c:\users\theo\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Public\Documents\NTILiveUpdate.dll
c:\users\theo\AppData\Local\Temp\bad4021e-8b96-4726-a482-7caebf5bc001\CliSecureRT.dll
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-01-02 to 2012-02-02 ))))))))))))))))))))))))))))))
.
.
2012-02-02 20:57 . 2012-02-02 20:57 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-02-02 20:57 . 2012-02-02 20:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-02 20:34 . 2012-01-17 03:39 8602168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{56113083-6042-4DD8-AC9F-4273B1F85517}\mpengine.dll
2012-02-02 17:52 . 2012-02-02 21:00 -------- d-----w- c:\users\theo\AppData\Local\Temp
2012-02-01 21:36 . 2012-02-01 21:36 116016 ----a-w- c:\windows\system32\drivers\38391653.sys
2012-02-01 20:27 . 2012-02-01 20:27 116016 ----a-w- c:\windows\system32\drivers\65474527.sys
2012-01-30 20:14 . 2012-01-30 20:14 -------- d-----w- c:\program files (x86)\AVG
2012-01-29 16:16 . 2012-01-29 16:16 -------- d-----w- c:\program files (x86)\Common Files\ParetoLogic
2012-01-29 16:16 . 2012-01-29 16:16 -------- d-----w- c:\program files (x86)\ParetoLogic
2012-01-29 15:36 . 2011-10-04 16:22 917840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{65DD3A62-DBF6-4C11-91FB-2BED36BA32E5}\gapaengine.dll
2012-01-29 15:33 . 2012-01-29 15:33 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-01-29 15:33 . 2012-01-29 15:33 -------- d-----w- c:\program files\Microsoft Security Client
2012-01-28 23:31 . 2012-01-28 23:31 -------- d-----w- c:\users\theo\AppData\Local\uTorrent
2012-01-27 19:16 . 2012-01-27 19:16 -------- d-----w- c:\windows\system32\wbem\Logs
2012-01-26 19:00 . 2012-01-26 19:00 -------- d-----w- c:\users\theo\AppData\Local\Babylon
2012-01-26 18:59 . 2012-01-26 18:59 -------- d-----w- c:\users\theo\AppData\Roaming\Babylon
2012-01-26 18:59 . 2012-01-26 19:00 -------- d-----w- c:\program files (x86)\Your Uninstaller! 7
2012-01-24 18:32 . 2012-01-24 18:32 -------- d-----w- c:\program files (x86)\Firetrust
2012-01-22 21:37 . 2012-01-24 19:12 -------- d-----w- c:\users\theo\AppData\Roaming\ImgBurn
2012-01-22 21:35 . 2012-01-22 21:35 -------- d-----w- c:\program files (x86)\ImgBurn
2012-01-22 18:45 . 2012-01-22 18:45 -------- d-----w- c:\programdata\ASUS
2012-01-22 14:26 . 2012-01-22 14:26 -------- d-----w- c:\program files\DIFX
2012-01-22 14:24 . 2009-06-04 21:44 15880 ----a-w- c:\windows\system32\drivers\PuAcpi64.sys
2012-01-22 08:40 . 2012-01-22 08:40 -------- d-----w- c:\users\theo\AppData\Roaming\ParetoLogic
2012-01-22 08:40 . 2012-01-22 08:40 -------- d-----w- c:\users\theo\AppData\Roaming\DriverCure
2012-01-22 08:40 . 2012-01-29 16:16 -------- d-----w- c:\programdata\ParetoLogic
2012-01-21 10:28 . 2011-07-06 18:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2012-01-21 10:28 . 2012-02-01 17:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-21 10:28 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-16 18:16 . 2012-01-16 19:56 -------- d-----w- c:\program files (x86)\TomTom International B.V
2012-01-16 18:16 . 2012-01-16 18:16 -------- d-----w- c:\program files (x86)\TomTom HOME 2
2012-01-14 13:18 . 2012-01-14 13:18 -------- d-----w- c:\users\theo\AppData\Local\Samsung
2012-01-14 13:17 . 2012-01-14 13:17 -------- d-----w- c:\users\theo\AppData\Roaming\Samsung
2012-01-14 13:07 . 2011-12-08 04:22 1917416 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll
2012-01-14 13:07 . 2011-12-08 04:22 1917416 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01005.dll
2012-01-14 13:07 . 2011-12-08 04:22 177640 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2012-01-14 13:07 . 2011-12-08 04:22 16872 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2012-01-14 13:07 . 2011-12-08 04:22 157672 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2012-01-14 13:07 . 2011-12-08 04:22 13800 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2012-01-14 13:07 . 2011-12-08 04:22 13800 ----a-w- c:\windows\system32\drivers\ssadwh.sys
2012-01-14 13:07 . 2011-12-08 04:22 13288 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2012-01-14 13:07 . 2011-12-08 04:22 13288 ----a-w- c:\windows\system32\drivers\ssadcm.sys
2012-01-14 13:07 . 2011-12-08 04:22 36328 ----a-w- c:\windows\system32\drivers\ssadadb.sys
2012-01-14 13:07 . 2011-12-08 04:22 146920 ----a-w- c:\windows\system32\drivers\ssadserd.sys
2012-01-14 13:01 . 2012-01-29 15:33 -------- d-----w- c:\windows\system32\catroot2
2012-01-14 13:00 . 2011-12-23 19:58 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-01-14 13:00 . 2012-01-14 13:00 -------- d-----w- c:\program files (x86)\MarkAny
2012-01-14 13:00 . 2011-12-23 19:58 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-01-14 12:59 . 2012-01-14 13:01 -------- d-----w- c:\program files (x86)\Samsung
2012-01-14 12:59 . 2012-01-14 13:01 -------- d-----w- c:\programdata\Samsung
2012-01-13 20:54 . 2012-01-13 20:54 -------- d-----w- c:\programdata\TomTom
2012-01-13 20:43 . 2009-05-16 00:15 16896 ----a-w- c:\windows\system32\drivers\UBHelper.sys
2012-01-13 20:43 . 2009-03-26 07:21 18432 ----a-w- c:\windows\system32\drivers\NTIDrvr.sys
2012-01-11 20:01 . 2012-01-11 20:01 -------- d-----w- c:\users\theo\AppData\Local\Windows Live Writer
2012-01-11 20:01 . 2012-01-11 20:01 -------- d-----w- c:\users\theo\AppData\Roaming\Windows Live Writer
2012-01-09 19:22 . 2012-01-09 19:22 -------- d-----w- c:\users\theo\Option
2012-01-08 19:48 . 2012-01-08 19:54 -------- d-----w- c:\programdata\NTI Launcher
2012-01-08 19:46 . 2012-01-12 00:13 -------- d-----w- c:\program files (x86)\Common Files\muvee Technologies
2012-01-08 19:44 . 2012-01-11 21:10 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2012-01-08 19:42 . 2012-01-12 00:13 -------- d-----w- c:\programdata\InstallShield
2012-01-08 19:29 . 2012-01-13 20:37 -------- d-----w- c:\program files (x86)\Downloaded Installations
2012-01-07 17:21 . 2012-01-07 17:21 417440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-01-07 16:54 . 2012-01-08 08:59 2200 ----a-w- c:\windows\system32\ASOROSet.bin
2012-01-07 15:31 . 2012-01-28 17:48 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2012-01-07 08:10 . 2012-01-12 00:13 -------- d-----w- c:\users\theo\AppData\Roaming\Systweak
2012-01-07 08:10 . 2011-11-19 10:52 18816 ----a-w- c:\windows\system32\roboot64.exe
2012-01-06 16:01 . 2012-01-29 19:17 -------- d--h--w- c:\programdata\MFAData
2012-01-06 11:30 . 2012-01-06 11:30 -------- d--h--w- c:\programdata\Malwarebytes
2012-01-06 10:49 . 2012-01-06 10:49 90192 ----a-w- c:\windows\system32\drivers\bdfndisf6.sys
2012-01-05 22:54 . 2012-01-05 22:54 -------- d-----w- c:\users\theo\AppData\Roaming\QuickScan
2012-01-05 22:53 . 2012-01-06 12:13 -------- d-----w- c:\program files\Common Files\Bitdefender
2012-01-05 00:32 . 2012-01-05 00:32 53248 ----a-r- c:\users\theo\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-01-05 00:31 . 2012-01-05 00:31 -------- d-----w- c:\program files\Logitech
2012-01-05 00:29 . 2012-01-05 00:29 -------- d-----w- C:\Intel
2012-01-05 00:27 . 2012-01-07 16:49 -------- d--h--w- c:\programdata\DriverGenius
2012-01-05 00:09 . 2012-01-05 00:09 -------- d-----w- c:\program files (x86)\SpotLite
2012-01-04 20:51 . 2012-01-04 20:51 -------- d--h--w- c:\programdata\IncrediMail
2012-01-04 20:50 . 2012-01-04 20:50 -------- d--h--w- c:\programdata\IM
2012-01-04 20:22 . 2012-01-04 22:07 -------- d-----w- c:\programdata\Spotnet
2012-01-04 20:06 . 2012-01-07 17:03 -------- d-----w- c:\programdata\SpotGrit
2012-01-04 19:20 . 2012-01-05 00:31 -------- d--h--w- c:\programdata\Logishrd
2012-01-04 19:19 . 2012-01-04 19:19 -------- d--h--w- c:\programdata\Intel
2012-01-04 19:14 . 2012-01-04 19:14 -------- d--h--w- c:\programdata\Messenger Plus!
2012-01-04 18:51 . 2012-01-04 18:52 -------- d-----w- C:\ASUS.DAT
2012-01-04 09:42 . 2011-11-30 01:21 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{841AA7E3-F349-42EB-9BE6-594C79D3338E}\mpengine.dll
2012-01-04 08:56 . 2011-11-28 18:01 256960 ----a-w- c:\windows\system32\aswBoot.exe
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-07 17:21 . 2011-05-18 19:05 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-03 17:48 . 2012-01-03 17:48 388096 ----a-r- c:\users\theo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-03 11:23 . 2011-04-26 21:26 1263200 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2012-01-03 11:23 . 2012-01-03 11:23 970336 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-12-26 18:11 . 2011-04-04 17:44 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-12-26 09:11 . 2011-04-04 20:35 882512 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-23 19:58 . 2011-12-23 19:58 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-12-23 19:58 . 2011-12-23 19:58 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-12-23 19:58 . 2011-12-23 19:58 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-12-23 19:58 . 2011-12-23 19:58 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
2011-12-23 19:58 . 2011-12-23 19:58 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
2011-12-23 19:58 . 2011-12-23 19:58 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
2011-12-23 19:58 . 2011-12-23 19:58 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
2011-12-23 19:58 . 2011-12-23 19:58 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
2011-12-23 19:58 . 2011-12-23 19:58 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
2011-12-23 19:58 . 2011-12-23 19:58 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
2011-12-23 19:58 . 2011-12-23 19:58 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
2011-12-23 19:58 . 2011-12-23 19:58 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
2011-12-23 19:58 . 2011-12-23 19:58 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2011-12-23 19:58 . 2011-12-23 19:58 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
2011-12-23 19:58 . 2011-12-23 19:58 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
2011-12-23 19:58 . 2011-12-23 19:58 40960 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2011-12-23 19:58 . 2011-12-23 19:58 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
2011-12-23 19:58 . 2011-12-23 19:58 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
2011-12-23 19:58 . 2011-12-23 19:58 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
2011-12-23 19:58 . 2011-12-23 19:58 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2011-12-23 19:58 . 2011-12-23 19:58 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
2011-12-23 19:58 . 2011-12-23 19:58 172032 ----a-w- c:\windows\SysWow64\muzapp.exe
2011-12-23 19:58 . 2011-12-23 19:58 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
2011-12-23 19:58 . 2011-12-23 19:58 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
2011-12-23 19:58 . 2011-12-23 19:58 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
2011-12-23 19:58 . 2011-12-23 19:58 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
2011-12-23 19:58 . 2011-12-23 19:58 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
2011-12-23 19:58 . 2011-12-23 19:58 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
2011-12-23 19:58 . 2011-12-23 19:58 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
2011-12-22 22:09 . 2012-01-02 16:29 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
2011-12-22 22:09 . 2012-01-02 16:29 51336 ----a-w- c:\windows\system32\drivers\EUBKMON.sys
2011-12-22 22:09 . 2012-01-02 16:29 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys
2011-12-22 22:09 . 2012-01-02 16:29 57480 ----a-w- c:\windows\system32\drivers\eubakup.sys
2011-12-21 00:02 . 2011-12-21 00:02 4448256 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-12-20 19:24 . 2011-12-20 19:24 56 ----a-w- c:\windows\system32\SupportTool.exe.bat
2011-12-20 19:21 . 2011-12-20 19:25 105744 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2011-12-20 19:21 . 2011-12-20 19:25 91920 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2011-12-20 19:21 . 2011-12-20 19:25 70928 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2011-12-20 19:21 . 2011-12-20 19:25 167696 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-12-06 14:55 . 2010-11-05 23:51 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2011-11-24 04:52 . 2011-12-13 18:51 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-11-23 14:13 . 2011-09-10 10:50 2796544 ----a-w- c:\windows\system32\drivers\athrx.sys
2011-11-23 14:13 . 2011-09-10 10:50 2796544 ----a-w- c:\windows\system32\athrx.sys
2011-11-23 13:15 . 2011-11-20 08:58 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-11-23 13:15 . 2011-12-08 21:03 28992 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-11-23 13:15 . 2011-12-08 21:03 35648 ----a-w- c:\windows\system32\uxtuneup.dll
2011-11-23 13:15 . 2011-11-20 08:57 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-11-23 13:15 . 2011-11-20 08:57 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-11-17 16:11 . 2011-11-17 16:11 145424 ----a-w- c:\windows\system32\drivers\JME.sys
2011-11-15 13:29 . 2012-01-02 16:43 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-11-10 04:54 . 2011-03-20 14:44 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-11-05 05:32 . 2011-12-13 18:52 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-05 04:26 . 2011-12-13 18:52 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-02_20.07.57 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-02-02 18:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-02-02 20:21 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-02-02 18:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-02-02 20:21 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-02-02 18:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-02-02 20:21 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-05 23:59 . 2012-02-02 21:01 95996 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2012-02-02 20:09 60246 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-02-02 21:01 60246 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-03-17 19:59 . 2012-02-02 21:01 29486 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1721353367-264211606-25166001-1001_UserData.bin
- 2011-03-18 03:48 . 2012-02-02 18:47 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-03-18 03:48 . 2012-02-02 20:28 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-03-18 03:48 . 2012-02-02 20:28 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-03-18 03:48 . 2012-02-02 18:47 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-02-02 18:47 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-02-02 20:28 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-02-02 20:06 . 2012-02-02 20:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-02-02 20:59 . 2012-02-02 20:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-02-02 20:06 . 2012-02-02 20:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-02-02 20:59 . 2012-02-02 20:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:12 . 2012-02-02 20:12 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2012-02-02 17:56 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2012-02-02 20:05 388468 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-02-02 20:58 388468 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2011-03-17 22:42 . 2012-02-02 20:05 18801664 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1721353367-264211606-25166001-1001-8192.dat
+ 2011-03-17 22:42 . 2012-02-02 20:58 18801664 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1721353367-264211606-25166001-1001-8192.dat
+ 2011-03-18 21:16 . 2012-02-02 20:58 22974110 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1721353367-264211606-25166001-1001-4096.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-08-16 2736128]
"CursorFX"="c:\program files (x86)\Stardock\CursorFX\CursorFX.exe" [2010-03-23 417280]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 910208]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-12-27 937360]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-12-27 21392]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-11-05 2429]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-25 6806144]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440]
"nmctxth"="c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]
"nmapp"="c:\program files (x86)\Pure Networks\Network Magic\nmapp.exe" [2011-04-02 472112]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2011-03-15 650080]
"PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2011-10-24 801792]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-12-27 3508624]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-12-20 634880]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\users\theo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MailWasherPro.lnk - c:\program files (x86)\Firetrust\MailWasher\MailWasherPro.exe [2011-12-9 5490512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-11-6 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-11-6 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 ArcSec;archlp;c:\windows\system32\drivers\ArcSec.sys [x]
R1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [x]
R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [x]
R2 AFBAgent;AFBAgent; [x]
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-07 253600]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [x]
R3 AWiCSrvc;AWiCSrvc;c:\program files (x86)\Atheros\AWiCSrvc.exe [2010-12-20 50336]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [x]
R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\Spyware Doctor\pctsAuxs.exe [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\BatteryCare\WinRing0x64.sys [x]
R4 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe [x]
R4 ThreatFire;ThreatFire;c:\program files (x86)\Spyware Doctor\TFEngine\TFService.exe service [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 FileServe Toolbar Helper;FileServe Toolbar Helper;c:\program files (x86)\FileServe Toolbar\FileServeSvc.exe [2011-03-22 224256]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [2011-10-21 73728]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MTsensor64;PU ACPI UTILITY;c:\windows\system32\DRIVERS\PuAcpi64.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-08-16 11:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2012-02-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-07 17:21]
.
2012-02-02 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-01-04 12:20]
.
2012-01-29 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-01-29 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-03-29 23:17]
.
2012-01-29 c:\windows\Tasks\PC Health Advisor Defrag.job
- c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-03-29 16:39]
.
2012-01-29 c:\windows\Tasks\PC Health Advisor.job
- c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-03-29 16:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-21 416024]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://nl.woofi.info
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: buienradar.nl\www
TCP: DhcpNameServer = 192.168.1.1 62.179.104.196 213.46.228.196
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
BHO-{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - c:\programdata\Partner\Partner64.dll
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_160_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_160_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\FileServe Toolbar\FileServeVideoToMp3.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe
.
**************************************************************************
.
Voltooingstijd: 2012-02-02 22:06:03 - machine werd herstart
ComboFix-quarantined-files.txt 2012-02-02 21:06
.
Pre-Run: 54.638.211.072 bytes beschikbaar
Post-Run: 54.588.682.240 bytes beschikbaar
.
- - End Of File - - 15BB6D3E252D9DE4C720FCCD2ACB81C3
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:14:50, on 2-2-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\FileServe Toolbar\FileServeVideoToMp3.exe
C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_160_ActiveX.exe
C:\Users\theo\Desktop\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Woofi
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\Run: [Sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: MailWasherPro.lnk = C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: Buienradar.nl - Weer - Actuele neerslag, weerbericht, weersverwachting, sneeuwradar en satellietbeelden
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - Unknown owner - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Unknown owner - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AWiCSrvc - Atheros Communications - C:\Program Files (x86)\Atheros\AWiCSrvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileServe Toolbar Helper - Unknown owner - C:\Program Files (x86)\FileServe Toolbar\FileServeSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Partner Service - Unknown owner - C:\ProgramData\Partner\Partner.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - Unknown owner - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe

--
End of file - 15878 bytes

 

[theeke1958]

ComboFix 12-01-30.02 - theo 02-02-2012 21:47:23.5.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3885.2026 [GMT 1:00]
Gestart vanuit: c:\users\theo\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Public\Documents\NTILiveUpdate.dll
c:\users\theo\AppData\Local\Temp\bad4021e-8b96-4726-a482-7caebf5bc001\CliSecureRT.dll
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-01-02 to 2012-02-02 ))))))))))))))))))))))))))))))
.
.
2012-02-02 20:57 . 2012-02-02 20:57 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-02-02 20:57 . 2012-02-02 20:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-02 20:34 . 2012-01-17 03:39 8602168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{56113083-6042-4DD8-AC9F-4273B1F85517}\mpengine.dll
2012-02-02 17:52 . 2012-02-02 21:00 -------- d-----w- c:\users\theo\AppData\Local\Temp
2012-02-01 21:36 . 2012-02-01 21:36 116016 ----a-w- c:\windows\system32\drivers\38391653.sys
2012-02-01 20:27 . 2012-02-01 20:27 116016 ----a-w- c:\windows\system32\drivers\65474527.sys
2012-01-30 20:14 . 2012-01-30 20:14 -------- d-----w- c:\program files (x86)\AVG
2012-01-29 16:16 . 2012-01-29 16:16 -------- d-----w- c:\program files (x86)\Common Files\ParetoLogic
2012-01-29 16:16 . 2012-01-29 16:16 -------- d-----w- c:\program files (x86)\ParetoLogic
2012-01-29 15:36 . 2011-10-04 16:22 917840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{65DD3A62-DBF6-4C11-91FB-2BED36BA32E5}\gapaengine.dll
2012-01-29 15:33 . 2012-01-29 15:33 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-01-29 15:33 . 2012-01-29 15:33 -------- d-----w- c:\program files\Microsoft Security Client
2012-01-28 23:31 . 2012-01-28 23:31 -------- d-----w- c:\users\theo\AppData\Local\uTorrent
2012-01-27 19:16 . 2012-01-27 19:16 -------- d-----w- c:\windows\system32\wbem\Logs
2012-01-26 19:00 . 2012-01-26 19:00 -------- d-----w- c:\users\theo\AppData\Local\Babylon
2012-01-26 18:59 . 2012-01-26 18:59 -------- d-----w- c:\users\theo\AppData\Roaming\Babylon
2012-01-26 18:59 . 2012-01-26 19:00 -------- d-----w- c:\program files (x86)\Your Uninstaller! 7
2012-01-24 18:32 . 2012-01-24 18:32 -------- d-----w- c:\program files (x86)\Firetrust
2012-01-22 21:37 . 2012-01-24 19:12 -------- d-----w- c:\users\theo\AppData\Roaming\ImgBurn
2012-01-22 21:35 . 2012-01-22 21:35 -------- d-----w- c:\program files (x86)\ImgBurn
2012-01-22 18:45 . 2012-01-22 18:45 -------- d-----w- c:\programdata\ASUS
2012-01-22 14:26 . 2012-01-22 14:26 -------- d-----w- c:\program files\DIFX
2012-01-22 14:24 . 2009-06-04 21:44 15880 ----a-w- c:\windows\system32\drivers\PuAcpi64.sys
2012-01-22 08:40 . 2012-01-22 08:40 -------- d-----w- c:\users\theo\AppData\Roaming\ParetoLogic
2012-01-22 08:40 . 2012-01-22 08:40 -------- d-----w- c:\users\theo\AppData\Roaming\DriverCure
2012-01-22 08:40 . 2012-01-29 16:16 -------- d-----w- c:\programdata\ParetoLogic
2012-01-21 10:28 . 2011-07-06 18:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2012-01-21 10:28 . 2012-02-01 17:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-21 10:28 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-16 18:16 . 2012-01-16 19:56 -------- d-----w- c:\program files (x86)\TomTom International B.V
2012-01-16 18:16 . 2012-01-16 18:16 -------- d-----w- c:\program files (x86)\TomTom HOME 2
2012-01-14 13:18 . 2012-01-14 13:18 -------- d-----w- c:\users\theo\AppData\Local\Samsung
2012-01-14 13:17 . 2012-01-14 13:17 -------- d-----w- c:\users\theo\AppData\Roaming\Samsung
2012-01-14 13:07 . 2011-12-08 04:22 1917416 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll
2012-01-14 13:07 . 2011-12-08 04:22 1917416 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01005.dll
2012-01-14 13:07 . 2011-12-08 04:22 177640 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2012-01-14 13:07 . 2011-12-08 04:22 16872 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2012-01-14 13:07 . 2011-12-08 04:22 157672 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2012-01-14 13:07 . 2011-12-08 04:22 13800 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2012-01-14 13:07 . 2011-12-08 04:22 13800 ----a-w- c:\windows\system32\drivers\ssadwh.sys
2012-01-14 13:07 . 2011-12-08 04:22 13288 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2012-01-14 13:07 . 2011-12-08 04:22 13288 ----a-w- c:\windows\system32\drivers\ssadcm.sys
2012-01-14 13:07 . 2011-12-08 04:22 36328 ----a-w- c:\windows\system32\drivers\ssadadb.sys
2012-01-14 13:07 . 2011-12-08 04:22 146920 ----a-w- c:\windows\system32\drivers\ssadserd.sys
2012-01-14 13:01 . 2012-01-29 15:33 -------- d-----w- c:\windows\system32\catroot2
2012-01-14 13:00 . 2011-12-23 19:58 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-01-14 13:00 . 2012-01-14 13:00 -------- d-----w- c:\program files (x86)\MarkAny
2012-01-14 13:00 . 2011-12-23 19:58 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-01-14 12:59 . 2012-01-14 13:01 -------- d-----w- c:\program files (x86)\Samsung
2012-01-14 12:59 . 2012-01-14 13:01 -------- d-----w- c:\programdata\Samsung
2012-01-13 20:54 . 2012-01-13 20:54 -------- d-----w- c:\programdata\TomTom
2012-01-13 20:43 . 2009-05-16 00:15 16896 ----a-w- c:\windows\system32\drivers\UBHelper.sys
2012-01-13 20:43 . 2009-03-26 07:21 18432 ----a-w- c:\windows\system32\drivers\NTIDrvr.sys
2012-01-11 20:01 . 2012-01-11 20:01 -------- d-----w- c:\users\theo\AppData\Local\Windows Live Writer
2012-01-11 20:01 . 2012-01-11 20:01 -------- d-----w- c:\users\theo\AppData\Roaming\Windows Live Writer
2012-01-09 19:22 . 2012-01-09 19:22 -------- d-----w- c:\users\theo\Option
2012-01-08 19:48 . 2012-01-08 19:54 -------- d-----w- c:\programdata\NTI Launcher
2012-01-08 19:46 . 2012-01-12 00:13 -------- d-----w- c:\program files (x86)\Common Files\muvee Technologies
2012-01-08 19:44 . 2012-01-11 21:10 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2012-01-08 19:42 . 2012-01-12 00:13 -------- d-----w- c:\programdata\InstallShield
2012-01-08 19:29 . 2012-01-13 20:37 -------- d-----w- c:\program files (x86)\Downloaded Installations
2012-01-07 17:21 . 2012-01-07 17:21 417440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-01-07 16:54 . 2012-01-08 08:59 2200 ----a-w- c:\windows\system32\ASOROSet.bin
2012-01-07 15:31 . 2012-01-28 17:48 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2012-01-07 08:10 . 2012-01-12 00:13 -------- d-----w- c:\users\theo\AppData\Roaming\Systweak
2012-01-07 08:10 . 2011-11-19 10:52 18816 ----a-w- c:\windows\system32\roboot64.exe
2012-01-06 16:01 . 2012-01-29 19:17 -------- d--h--w- c:\programdata\MFAData
2012-01-06 11:30 . 2012-01-06 11:30 -------- d--h--w- c:\programdata\Malwarebytes
2012-01-06 10:49 . 2012-01-06 10:49 90192 ----a-w- c:\windows\system32\drivers\bdfndisf6.sys
2012-01-05 22:54 . 2012-01-05 22:54 -------- d-----w- c:\users\theo\AppData\Roaming\QuickScan
2012-01-05 22:53 . 2012-01-06 12:13 -------- d-----w- c:\program files\Common Files\Bitdefender
2012-01-05 00:32 . 2012-01-05 00:32 53248 ----a-r- c:\users\theo\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-01-05 00:31 . 2012-01-05 00:31 -------- d-----w- c:\program files\Logitech
2012-01-05 00:29 . 2012-01-05 00:29 -------- d-----w- C:\Intel
2012-01-05 00:27 . 2012-01-07 16:49 -------- d--h--w- c:\programdata\DriverGenius
2012-01-05 00:09 . 2012-01-05 00:09 -------- d-----w- c:\program files (x86)\SpotLite
2012-01-04 20:51 . 2012-01-04 20:51 -------- d--h--w- c:\programdata\IncrediMail
2012-01-04 20:50 . 2012-01-04 20:50 -------- d--h--w- c:\programdata\IM
2012-01-04 20:22 . 2012-01-04 22:07 -------- d-----w- c:\programdata\Spotnet
2012-01-04 20:06 . 2012-01-07 17:03 -------- d-----w- c:\programdata\SpotGrit
2012-01-04 19:20 . 2012-01-05 00:31 -------- d--h--w- c:\programdata\Logishrd
2012-01-04 19:19 . 2012-01-04 19:19 -------- d--h--w- c:\programdata\Intel
2012-01-04 19:14 . 2012-01-04 19:14 -------- d--h--w- c:\programdata\Messenger Plus!
2012-01-04 18:51 . 2012-01-04 18:52 -------- d-----w- C:\ASUS.DAT
2012-01-04 09:42 . 2011-11-30 01:21 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{841AA7E3-F349-42EB-9BE6-594C79D3338E}\mpengine.dll
2012-01-04 08:56 . 2011-11-28 18:01 256960 ----a-w- c:\windows\system32\aswBoot.exe
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-07 17:21 . 2011-05-18 19:05 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-03 17:48 . 2012-01-03 17:48 388096 ----a-r- c:\users\theo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-03 11:23 . 2011-04-26 21:26 1263200 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2012-01-03 11:23 . 2012-01-03 11:23 970336 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-12-26 18:11 . 2011-04-04 17:44 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-12-26 09:11 . 2011-04-04 20:35 882512 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-23 19:58 . 2011-12-23 19:58 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-12-23 19:58 . 2011-12-23 19:58 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-12-23 19:58 . 2011-12-23 19:58 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-12-23 19:58 . 2011-12-23 19:58 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
2011-12-23 19:58 . 2011-12-23 19:58 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
2011-12-23 19:58 . 2011-12-23 19:58 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
2011-12-23 19:58 . 2011-12-23 19:58 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
2011-12-23 19:58 . 2011-12-23 19:58 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
2011-12-23 19:58 . 2011-12-23 19:58 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
2011-12-23 19:58 . 2011-12-23 19:58 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
2011-12-23 19:58 . 2011-12-23 19:58 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
2011-12-23 19:58 . 2011-12-23 19:58 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
2011-12-23 19:58 . 2011-12-23 19:58 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2011-12-23 19:58 . 2011-12-23 19:58 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
2011-12-23 19:58 . 2011-12-23 19:58 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
2011-12-23 19:58 . 2011-12-23 19:58 40960 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2011-12-23 19:58 . 2011-12-23 19:58 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
2011-12-23 19:58 . 2011-12-23 19:58 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
2011-12-23 19:58 . 2011-12-23 19:58 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
2011-12-23 19:58 . 2011-12-23 19:58 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2011-12-23 19:58 . 2011-12-23 19:58 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
2011-12-23 19:58 . 2011-12-23 19:58 172032 ----a-w- c:\windows\SysWow64\muzapp.exe
2011-12-23 19:58 . 2011-12-23 19:58 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
2011-12-23 19:58 . 2011-12-23 19:58 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
2011-12-23 19:58 . 2011-12-23 19:58 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
2011-12-23 19:58 . 2011-12-23 19:58 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
2011-12-23 19:58 . 2011-12-23 19:58 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
2011-12-23 19:58 . 2011-12-23 19:58 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
2011-12-23 19:58 . 2011-12-23 19:58 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
2011-12-22 22:09 . 2012-01-02 16:29 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
2011-12-22 22:09 . 2012-01-02 16:29 51336 ----a-w- c:\windows\system32\drivers\EUBKMON.sys
2011-12-22 22:09 . 2012-01-02 16:29 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys
2011-12-22 22:09 . 2012-01-02 16:29 57480 ----a-w- c:\windows\system32\drivers\eubakup.sys
2011-12-21 00:02 . 2011-12-21 00:02 4448256 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-12-20 19:24 . 2011-12-20 19:24 56 ----a-w- c:\windows\system32\SupportTool.exe.bat
2011-12-20 19:21 . 2011-12-20 19:25 105744 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2011-12-20 19:21 . 2011-12-20 19:25 91920 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2011-12-20 19:21 . 2011-12-20 19:25 70928 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2011-12-20 19:21 . 2011-12-20 19:25 167696 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-12-06 14:55 . 2010-11-05 23:51 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2011-11-24 04:52 . 2011-12-13 18:51 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-11-23 14:13 . 2011-09-10 10:50 2796544 ----a-w- c:\windows\system32\drivers\athrx.sys
2011-11-23 14:13 . 2011-09-10 10:50 2796544 ----a-w- c:\windows\system32\athrx.sys
2011-11-23 13:15 . 2011-11-20 08:58 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-11-23 13:15 . 2011-12-08 21:03 28992 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-11-23 13:15 . 2011-12-08 21:03 35648 ----a-w- c:\windows\system32\uxtuneup.dll
2011-11-23 13:15 . 2011-11-20 08:57 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-11-23 13:15 . 2011-11-20 08:57 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-11-17 16:11 . 2011-11-17 16:11 145424 ----a-w- c:\windows\system32\drivers\JME.sys
2011-11-15 13:29 . 2012-01-02 16:43 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-11-10 04:54 . 2011-03-20 14:44 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-11-05 05:32 . 2011-12-13 18:52 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-05 04:26 . 2011-12-13 18:52 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-02_20.07.57 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-02-02 18:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-02-02 20:21 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-02-02 18:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-02-02 20:21 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-02-02 18:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-02-02 20:21 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-05 23:59 . 2012-02-02 21:01 95996 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2012-02-02 20:09 60246 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-02-02 21:01 60246 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-03-17 19:59 . 2012-02-02 21:01 29486 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1721353367-264211606-25166001-1001_UserData.bin
- 2011-03-18 03:48 . 2012-02-02 18:47 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-03-18 03:48 . 2012-02-02 20:28 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-03-18 03:48 . 2012-02-02 20:28 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-03-18 03:48 . 2012-02-02 18:47 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-02-02 18:47 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-02-02 20:28 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-02-02 20:06 . 2012-02-02 20:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-02-02 20:59 . 2012-02-02 20:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-02-02 20:06 . 2012-02-02 20:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-02-02 20:59 . 2012-02-02 20:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:12 . 2012-02-02 20:12 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2012-02-02 17:56 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2012-02-02 20:05 388468 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-02-02 20:58 388468 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2011-03-17 22:42 . 2012-02-02 20:05 18801664 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1721353367-264211606-25166001-1001-8192.dat
+ 2011-03-17 22:42 . 2012-02-02 20:58 18801664 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1721353367-264211606-25166001-1001-8192.dat
+ 2011-03-18 21:16 . 2012-02-02 20:58 22974110 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1721353367-264211606-25166001-1001-4096.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-08-16 2736128]
"CursorFX"="c:\program files (x86)\Stardock\CursorFX\CursorFX.exe" [2010-03-23 417280]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 910208]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-12-27 937360]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-12-27 21392]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-11-05 2429]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-25 6806144]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440]
"nmctxth"="c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]
"nmapp"="c:\program files (x86)\Pure Networks\Network Magic\nmapp.exe" [2011-04-02 472112]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2011-03-15 650080]
"PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2011-10-24 801792]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-12-27 3508624]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-12-20 634880]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\users\theo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MailWasherPro.lnk - c:\program files (x86)\Firetrust\MailWasher\MailWasherPro.exe [2011-12-9 5490512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-11-6 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-11-6 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 ArcSec;archlp;c:\windows\system32\drivers\ArcSec.sys [x]
R1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [x]
R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [x]
R2 AFBAgent;AFBAgent; [x]
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-07 253600]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [x]
R3 AWiCSrvc;AWiCSrvc;c:\program files (x86)\Atheros\AWiCSrvc.exe [2010-12-20 50336]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [x]
R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\Spyware Doctor\pctsAuxs.exe [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\BatteryCare\WinRing0x64.sys [x]
R4 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe [x]
R4 ThreatFire;ThreatFire;c:\program files (x86)\Spyware Doctor\TFEngine\TFService.exe service [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 FileServe Toolbar Helper;FileServe Toolbar Helper;c:\program files (x86)\FileServe Toolbar\FileServeSvc.exe [2011-03-22 224256]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [2011-10-21 73728]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MTsensor64;PU ACPI UTILITY;c:\windows\system32\DRIVERS\PuAcpi64.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-08-16 11:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2012-02-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-07 17:21]
.
2012-02-02 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-01-04 12:20]
.
2012-01-29 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-01-29 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-03-29 23:17]
.
2012-01-29 c:\windows\Tasks\PC Health Advisor Defrag.job
- c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-03-29 16:39]
.
2012-01-29 c:\windows\Tasks\PC Health Advisor.job
- c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-03-29 16:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-21 416024]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://nl.woofi.info
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: buienradar.nl\www
TCP: DhcpNameServer = 192.168.1.1 62.179.104.196 213.46.228.196
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
BHO-{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - c:\programdata\Partner\Partner64.dll
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_160_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_160_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\FileServe Toolbar\FileServeVideoToMp3.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe
.
**************************************************************************
.
Voltooingstijd: 2012-02-02 22:06:03 - machine werd herstart
ComboFix-quarantined-files.txt 2012-02-02 21:06
.
Pre-Run: 54.638.211.072 bytes beschikbaar
Post-Run: 54.588.682.240 bytes beschikbaar
.
- - End Of File - - 15BB6D3E252D9DE4C720FCCD2ACB81C3
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:14:50, on 2-2-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\FileServe Toolbar\FileServeVideoToMp3.exe
C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_160_ActiveX.exe
C:\Users\theo\Desktop\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Woofi
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\Run: [Sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1721353367-264211606-25166001-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: MailWasherPro.lnk = C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: Buienradar.nl - Weer - Actuele neerslag, weerbericht, weersverwachting, sneeuwradar en satellietbeelden
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - Unknown owner - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Unknown owner - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AWiCSrvc - Atheros Communications - C:\Program Files (x86)\Atheros\AWiCSrvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileServe Toolbar Helper - Unknown owner - C:\Program Files (x86)\FileServe Toolbar\FileServeSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Partner Service - Unknown owner - C:\ProgramData\Partner\Partner.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - Unknown owner - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe

--
End of file - 15878 bytes

 

[swake]

dag theeke, welke problemen ondervind je nog?

 

[theeke1958]

volgens niks meer was het nu wel goed dan.hoop dat het met webreb nu goed is
groetjes theeke

 

[swake]

Combofix heeft een paar dingen verwijdert.
klein vraagje. Iedereen doet met zijn computer wat hij wil. Ik zie in de logjes een paar programmaatjes die ik zelf niet graag op mijn computer zou zien staan. Zoals Messenger Plus !
Mailwasher PRO, heb je hiervoor betaald?

Voer nog het volgende uit.
Ga na start > Uitvoeren en voer daar in : Combofix /Uninstall : spatie niet vergeten tussen Combofix en /Uninstall.
Dit zal Combofix van de computer verwijderen.

Om een nieuwe besmetting te voorkomen, ga dan hier nuttige tips lezen.

 

[theeke1958]

oke harstikke bedankt voor alle hulp

groetjes theeke

 

[swake]

Graag gedaan hoor.
Ik zal het topic hiermee sluiten. Moesten er nog problemen opduiken , zend dan even een berichtje naar mij of iemand van de Admins om het topic terug te openen.

 

[swake]

Theeke, na wat zoeken heb ik ze toch gevonden.

Druk ze af, en bewaar ze goed.

http://www.pctuts.be/f306/preventietips-te-nemen-na-infectie-40981/

 

[theeke1958]

DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 9.0.8112.16421
Run by theo at 20:47:28 on 2012-02-05
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.31.1043.18.3885.1858 [GMT 1:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\FileServe Toolbar\FileServeSvc.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
C:\Program Files (x86)\FileServe Toolbar\FileServeVideoToMp3.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.nl/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://nl.woofi.info
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Partner BHO Class: {83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} - C:\ProgramData\Partner\Partner.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
uRun: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
uRun: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
uRun: [CursorFX] "C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"
mRun: [TaskTray] 
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
mRun: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\theo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAILWA~1.LNK - C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: buienradar.nl\www
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1 62.179.104.196 213.46.228.196
TCP: Interfaces\{D0C39DFC-B4E8-4587-8254-20A14671EA7C} : DhcpNameServer = 192.168.1.1 62.179.104.196 213.46.228.196
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
mRun-x64: [TaskTray] 
mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun-x64: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
mRun-x64: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun-x64: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
mRun-x64: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
============= SERVICES / DRIVERS ===============
.
R0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys --> C:\Windows\system32\DRIVERS\lullaby.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 TfFsMon;TfFsMon;C:\Windows\system32\drivers\TfFsMon.sys --> C:\Windows\system32\drivers\TfFsMon.sys [?]
R0 TfSysMon;TfSysMon;C:\Windows\system32\drivers\TfSysMon.sys --> C:\Windows\system32\drivers\TfSysMon.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R1 pctgntdi;pctgntdi;\??\C:\Windows\system32\drivers\pctgntdi64.sys --> C:\Windows\system32\drivers\pctgntdi64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
R2 FileServe Toolbar Helper;FileServe Toolbar Helper;C:\Program Files (x86)\FileServe Toolbar\FileServeSvc.exe [2011-3-22 224256]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-14 13592]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-4 652360]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-11-6 2255464]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-8-12 87040]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-3-15 428384]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2012-1-18 737184]
R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-1-23 92592]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-11-6 2314240]
R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [2011-11-28 73728]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys --> C:\Windows\system32\DRIVERS\JME.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MTsensor64;PU ACPI UTILITY;C:\Windows\system32\DRIVERS\PuAcpi64.sys --> C:\Windows\system32\DRIVERS\PuAcpi64.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe --> C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [?]
S2 AFBAgent;AFBAgent; [x]
S2 Amsp;Trend Micro Solution Platform;"C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad --> C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe" --> C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-1-7 253600]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?]
S3 AWiCSrvc;AWiCSrvc;C:\Program Files (x86)\Atheros\AWiCSrvc.exe [2011-5-26 50336]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2010-11-6 332272]
S3 pctplsg;pctplsg;\??\C:\Windows\System32\drivers\pctplsg64.sys --> C:\Windows\System32\drivers\pctplsg64.sys [?]
S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe --> C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe [?]
S3 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe --> C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys --> C:\Windows\system32\DRIVERS\ssadserd.sys [?]
S3 TfNetMon;TfNetMon;\??\C:\Windows\system32\drivers\TfNetMon.sys --> C:\Windows\system32\drivers\TfNetMon.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 Browser Defender Update Service;Browser Defender Update Service;"C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe" --> C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe [?]
S4 ThreatFire;ThreatFire;C:\Program Files (x86)\Spyware Doctor\TFEngine\TFService.exe service --> C:\Program Files (x86)\Spyware Doctor\TFEngine\TFService.exe service [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-02-05 17:44:00	69000	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{841AA7E3-F349-42EB-9BE6-594C79D3338E}\offreg.dll
2012-02-05 17:32:11	--------	d-----w-	C:\Windows\pss
2012-02-05 15:20:01	--------	d-----w-	C:\Program Files (x86)\AVG
2012-02-05 09:15:20	--------	d-----w-	C:\Program Files (x86)\x86
2012-02-05 09:15:16	--------	d-----w-	C:\Program Files (x86)\Drivers
2012-02-05 09:15:15	--------	d-----w-	C:\Program Files (x86)\APPDATADIR
2012-02-05 08:49:39	--------	d-----w-	C:\Users\theo\AppData\Local\{456FB51E-3F43-478B-B265-1965B36CCED7}
2012-02-05 08:49:28	--------	d-----w-	C:\Users\theo\AppData\Local\{38A1C548-4ABA-4C32-B6B2-A8F724A16D0C}
2012-02-04 20:48:59	--------	d-----w-	C:\Users\theo\AppData\Local\{26BF9D2F-4C2E-4E9C-BAD3-CA1E9081F97C}
2012-02-04 20:48:47	--------	d-----w-	C:\Users\theo\AppData\Local\{42B97F6A-010D-4BE0-96F8-4C0E83902C9C}
2012-02-04 20:28:44	--------	d-----w-	C:\Intel
2012-02-04 20:27:36	53248	----a-r-	C:\Users\theo\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-02-04 20:11:25	--------	d-----w-	C:\ProgramData\Comodo
2012-02-04 20:00:33	--------	d-----w-	C:\Users\theo\AppData\Local\Comodo
2012-02-04 19:53:38	--------	d-----w-	C:\ProgramData\CPA_VA
2012-02-04 19:45:18	1700352	----a-w-	C:\Windows\SysWow64\gdiplus.dll
2012-02-04 19:45:18	1060864	----a-w-	C:\Windows\SysWow64\mfc71.dll
2012-02-04 16:20:20	32704	----a-w-	C:\Users\theo\AppData\Roaming\mdbu.bin
2012-02-04 15:11:00	--------	d-----w-	C:\Windows\Profiles
2012-02-04 10:17:40	--------	d-----w-	C:\ProgramData\AVAST Software
2012-02-04 08:50:29	--------	d-----w-	C:\Program Files (x86)\uTorrent
2012-02-04 08:46:56	--------	d-----w-	C:\Users\theo\AppData\Local\{5AC682A3-D90E-4C7C-84A5-DB9C9F72ACE2}
2012-02-04 08:46:44	--------	d-----w-	C:\Users\theo\AppData\Local\{D6734304-B999-4FC1-8980-04639834F36D}
2012-02-04 08:41:49	14232	----a-w-	C:\Windows\SysWow64\sh4native.exe
2012-02-04 08:13:36	--------	d-----w-	C:\Users\theo\AppData\Local\Temp
2012-02-03 21:43:28	110080	----a-r-	C:\Users\theo\AppData\Roaming\Microsoft\Installer\{4E0C6314-A8B8-4026-AC15-084E8B63AFB5}\IconF7A21AF7.exe
2012-02-03 21:43:28	110080	----a-r-	C:\Users\theo\AppData\Roaming\Microsoft\Installer\{4E0C6314-A8B8-4026-AC15-084E8B63AFB5}\IconD7F16134.exe
2012-02-03 21:43:28	110080	----a-r-	C:\Users\theo\AppData\Roaming\Microsoft\Installer\{4E0C6314-A8B8-4026-AC15-084E8B63AFB5}\IconCF33A0CE.exe
2012-02-03 21:43:25	--------	d-----w-	C:\Program Files (x86)\Enigma Software Group
2012-02-03 21:41:03	--------	d-----w-	C:\Windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP
2012-02-03 21:10:08	200976	----a-w-	C:\Windows\SysWow64\drivers\tmcomm.sys
2012-02-03 18:53:44	--------	d-----w-	C:\Users\theo\AppData\Local\{7B9684CB-E380-4200-AA08-C47330DB400A}
2012-02-03 18:53:33	--------	d-----w-	C:\Users\theo\AppData\Local\{2ADC883B-9367-49B3-923F-CDF4254D4A3F}
2012-02-03 06:58:11	--------	d-----w-	C:\Windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP
2012-02-03 06:58:08	--------	d-----w-	C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-02-03 06:53:00	--------	d-----w-	C:\Users\theo\AppData\Local\{5F5A3478-1CA0-48E7-9A75-1AEE62340317}
2012-02-03 06:52:48	--------	d-----w-	C:\Users\theo\AppData\Local\{F03398EB-4269-403D-97E7-0074FEA29FFE}
2012-02-03 06:43:51	--------	d-----w-	C:\Users\theo\AppData\Local\{2D2F3F60-7832-4116-9327-C5CEB0F7A871}
2012-02-03 06:43:39	--------	d-----w-	C:\Users\theo\AppData\Local\{54BAF116-3DC0-45B4-8EDC-BE333DD22134}
2012-02-02 17:55:17	--------	d-----w-	C:\Users\theo\AppData\Local\{F4680F59-A0CA-425E-8CD2-FCF84F7C5512}
2012-02-02 17:55:05	--------	d-----w-	C:\Users\theo\AppData\Local\{685EB65D-BB76-4B65-8204-FB685BB7193A}
2012-02-01 18:03:13	--------	d-----w-	C:\Users\theo\AppData\Local\{B91A2641-C81A-4478-95A3-F418B345B181}
2012-02-01 18:03:02	--------	d-----w-	C:\Users\theo\AppData\Local\{7B54A73D-39FF-4676-BD13-116A2EC404E8}
2012-01-31 18:59:49	--------	d-----w-	C:\Users\theo\AppData\Local\{0C05B79A-5616-4216-AFE8-B6510C2CE3DC}
2012-01-31 18:59:38	--------	d-----w-	C:\Users\theo\AppData\Local\{271681B9-8E2B-42DF-A882-A1D5E9208DEF}
2012-01-30 18:46:50	--------	d-----w-	C:\Users\theo\AppData\Local\{3DE8D6DE-0113-45D2-A674-1D281A30F53C}
2012-01-30 18:46:39	--------	d-----w-	C:\Users\theo\AppData\Local\{D0F014B6-5CCF-4511-AAF6-EDFFED45AEDC}
2012-01-29 16:16:16	--------	d-----w-	C:\Program Files (x86)\Common Files\ParetoLogic
2012-01-29 16:16:12	--------	d-----w-	C:\Program Files (x86)\ParetoLogic
2012-01-29 13:42:23	--------	d-----w-	C:\Users\theo\AppData\Local\{221BFEC2-794A-494B-9589-887F412258E0}
2012-01-29 13:42:11	--------	d-----w-	C:\Users\theo\AppData\Local\{675B63D7-4B05-4019-8D2C-97F3F1A49E4D}
2012-01-28 23:31:58	--------	d-----w-	C:\Users\theo\AppData\Local\uTorrent
2012-01-28 22:56:26	--------	d-----w-	C:\Users\theo\AppData\Local\{3156DA13-680B-4332-97A7-7F5740ED2421}
2012-01-28 22:56:14	--------	d-----w-	C:\Users\theo\AppData\Local\{1987A57E-4D5A-47BD-941A-91B02741C021}
2012-01-28 08:16:57	--------	d-----w-	C:\Users\theo\AppData\Local\{50BF5387-3BF8-4151-A6A3-2E2C1C5F209E}
2012-01-28 08:16:45	--------	d-----w-	C:\Users\theo\AppData\Local\{7359AD31-CCE9-461A-B044-E6262E65B84A}
2012-01-27 19:16:41	--------	d-----w-	C:\Windows\System32\wbem\Logs
2012-01-27 18:12:29	--------	d-----w-	C:\Users\theo\AppData\Local\{0D7D0253-1BE7-47DC-9311-8C781086F185}
2012-01-27 18:12:15	--------	d-----w-	C:\Users\theo\AppData\Local\{32D679B4-53B0-4F06-A0B8-79C7D9E7C985}
2012-01-26 19:00:00	--------	d-----w-	C:\Users\theo\AppData\Local\Babylon
2012-01-26 18:59:58	--------	d-----w-	C:\Users\theo\AppData\Roaming\Babylon
2012-01-26 16:19:11	--------	d-----w-	C:\Users\theo\AppData\Local\{D308063D-1986-4FC0-8C85-1B1C6D93BB12}
2012-01-26 16:19:00	--------	d-----w-	C:\Users\theo\AppData\Local\{D350D851-199E-4EB0-96A0-CD71E0100FDC}
2012-01-25 18:12:57	--------	d-----w-	C:\Users\theo\AppData\Local\{57A08078-6D19-4FE2-8DFB-43BF6D2CDE21}
2012-01-25 18:12:38	--------	d-----w-	C:\Users\theo\AppData\Local\{06107DF7-EE12-4B80-BE99-1CBD9C0505B5}
2012-01-24 18:32:56	--------	d-----w-	C:\Program Files (x86)\Firetrust
2012-01-24 18:08:09	--------	d-----w-	C:\Users\theo\AppData\Local\{79BCD92D-317F-4204-99A7-5FC3C029143A}
2012-01-24 18:07:54	--------	d-----w-	C:\Users\theo\AppData\Local\{48B89403-10C4-4BAA-92C7-3DAD854FACB9}
2012-01-23 18:56:50	--------	d-----w-	C:\Users\theo\AppData\Local\{DDA08424-DFA9-4DFB-BAB7-B4A6B0CA0E25}
2012-01-23 18:56:36	--------	d-----w-	C:\Users\theo\AppData\Local\{15D62830-659F-4ABE-83D5-76AFB70D64D8}
2012-01-22 18:45:13	--------	d-----w-	C:\ProgramData\ASUS
2012-01-22 14:24:54	15880	----a-w-	C:\Windows\System32\drivers\PuAcpi64.sys
2012-01-22 13:45:31	--------	d-----w-	C:\Users\theo\AppData\Local\{0A8538A4-F548-4372-8C9E-498B4A51F9A8}
2012-01-22 13:45:15	--------	d-----w-	C:\Users\theo\AppData\Local\{876A08A1-27FA-41CF-BE4C-F4DD07AF5759}
2012-01-22 08:40:17	--------	d-----w-	C:\Users\theo\AppData\Roaming\ParetoLogic
2012-01-22 08:40:17	--------	d-----w-	C:\Users\theo\AppData\Roaming\DriverCure
2012-01-22 08:40:07	--------	d--h--w-	C:\ProgramData\ParetoLogic
2012-01-21 23:15:19	--------	d-----w-	C:\Users\theo\AppData\Local\{67EDE615-F8B6-4A68-9E2C-8D50042CC53C}
2012-01-21 23:15:08	--------	d-----w-	C:\Users\theo\AppData\Local\{0B454181-4D21-4BFF-8D38-002A77B73A68}
2012-01-21 10:28:41	41272	----a-w-	C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2012-01-21 10:28:35	23152	----a-w-	C:\Windows\System32\drivers\mbam.sys
2012-01-21 10:28:35	--------	d-----w-	C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-21 09:40:13	--------	d-----w-	C:\Users\theo\AppData\Local\{738B26C3-8F36-4ECE-88D2-29FE52FB4F93}
2012-01-21 09:40:00	--------	d-----w-	C:\Users\theo\AppData\Local\{0FB12D15-49E2-462F-A29E-B4B3C69FE161}
2012-01-20 18:16:37	--------	d-----w-	C:\Users\theo\AppData\Local\{A03E00DD-359B-4931-B012-043D6928CE94}
2012-01-20 18:16:22	--------	d-----w-	C:\Users\theo\AppData\Local\{64CD7399-9A0F-4C5F-9DC1-7E1A2C9E4F2D}
2012-01-19 18:08:28	--------	d-----w-	C:\Users\theo\AppData\Local\{9B0AC623-68BB-44CC-B0CB-9E0E6F452EA3}
2012-01-19 18:08:14	--------	d-----w-	C:\Users\theo\AppData\Local\{C71EA3C7-C5E3-457E-BC5D-A277C574E39D}
2012-01-18 21:55:58	--------	d-----w-	C:\Users\theo\AppData\Local\{01631F1C-CC0C-479A-B033-DD827D00B783}
2012-01-18 21:55:45	--------	d-----w-	C:\Users\theo\AppData\Local\{C3CCB702-CF48-4C0A-8F4D-68670F70B2C6}
2012-01-17 18:15:56	--------	d-----w-	C:\Users\theo\AppData\Local\{BF32F1F2-7BB3-4467-800E-ABA254A39ABF}
2012-01-17 18:15:36	--------	d-----w-	C:\Users\theo\AppData\Local\{924D4452-5794-4943-9F5C-60FB48BAB4A5}
2012-01-16 18:16:57	--------	d-----w-	C:\Program Files (x86)\TomTom International B.V
2012-01-16 18:16:42	--------	d-----w-	C:\Program Files (x86)\TomTom HOME 2
2012-01-16 18:05:38	--------	d-----w-	C:\Users\theo\AppData\Local\{7AB58E8B-18B1-4E4C-95C5-A9CD8EB36960}
2012-01-16 18:05:25	--------	d-----w-	C:\Users\theo\AppData\Local\{697E1525-38A2-4813-BCBE-A4F6856F516B}
2012-01-15 20:43:28	--------	d-----w-	C:\Users\theo\AppData\Local\{E0A0B2F3-9D70-46E2-89D4-DD4CE0296352}
2012-01-15 20:43:16	--------	d-----w-	C:\Users\theo\AppData\Local\{4CEEFBD8-CAA0-4673-91A3-C0675A97EA8B}
2012-01-15 08:31:39	--------	d-----w-	C:\Users\theo\AppData\Local\{1DCF2DE3-908B-41D1-B4A4-EB8FC44E47C0}
2012-01-15 08:31:28	--------	d-----w-	C:\Users\theo\AppData\Local\{079A78FD-1DC5-4D64-9D5B-42CAA5B42D42}
2012-01-14 20:31:01	--------	d-----w-	C:\Users\theo\AppData\Local\{D3363C46-CAB8-4AF6-ACE0-61979BBC28A2}
2012-01-14 20:30:49	--------	d-----w-	C:\Users\theo\AppData\Local\{964FC719-07BF-4C08-A215-D6D5C66DBB89}
2012-01-14 13:18:17	--------	d-----w-	C:\Users\theo\AppData\Local\Samsung
2012-01-14 13:17:57	--------	d-----w-	C:\Users\theo\AppData\Roaming\Samsung
2012-01-14 13:07:44	1917416	----a-w-	C:\Windows\System32\WdfCoInstaller01005.dll
2012-01-14 13:07:44	1917416	----a-w-	C:\Windows\System32\drivers\WdfCoInstaller01005.dll
2012-01-14 13:07:44	177640	----a-w-	C:\Windows\System32\drivers\ssadmdm.sys
2012-01-14 13:07:44	16872	----a-w-	C:\Windows\System32\drivers\ssadmdfl.sys
2012-01-14 13:07:44	157672	----a-w-	C:\Windows\System32\drivers\ssadbus.sys
2012-01-14 13:07:44	13800	----a-w-	C:\Windows\System32\drivers\ssadwhnt.sys
2012-01-14 13:07:44	13800	----a-w-	C:\Windows\System32\drivers\ssadwh.sys
2012-01-14 13:07:44	13288	----a-w-	C:\Windows\System32\drivers\ssadcmnt.sys
2012-01-14 13:07:44	13288	----a-w-	C:\Windows\System32\drivers\ssadcm.sys
2012-01-14 13:07:43	36328	----a-w-	C:\Windows\System32\drivers\ssadadb.sys
2012-01-14 13:07:43	146920	----a-w-	C:\Windows\System32\drivers\ssadserd.sys
2012-01-14 13:01:48	--------	d-----w-	C:\Windows\System32\catroot2
2012-01-14 13:00:34	4659712	----a-w-	C:\Windows\SysWow64\Redemption.dll
2012-01-14 13:00:05	821824	----a-w-	C:\Windows\SysWow64\dgderapi.dll
2012-01-14 13:00:05	--------	d-----w-	C:\Program Files (x86)\MarkAny
2012-01-14 12:59:36	--------	d--h--w-	C:\ProgramData\Samsung
2012-01-14 12:59:36	--------	d-----w-	C:\Program Files (x86)\Samsung
2012-01-14 08:05:32	--------	d-----w-	C:\Users\theo\AppData\Local\{27FF4418-7711-49E9-BF41-CEE077EEEFFF}
2012-01-14 08:05:18	--------	d-----w-	C:\Users\theo\AppData\Local\{4988FEC8-EF7E-4AFD-9353-5296AD18606C}
2012-01-13 20:54:38	--------	d--h--w-	C:\ProgramData\TomTom
2012-01-13 20:43:32	18432	----a-w-	C:\Windows\System32\drivers\NTIDrvr.sys
2012-01-13 20:43:32	16896	----a-w-	C:\Windows\System32\drivers\UBHelper.sys
2012-01-13 17:51:28	--------	d-----w-	C:\Users\theo\AppData\Local\{9BFA131D-7CCB-470B-8EF3-5BF8B41F6FFB}
2012-01-13 17:51:02	--------	d-----w-	C:\Users\theo\AppData\Local\{7BC7569A-4408-4480-8997-0717A97095CF}
2012-01-12 21:40:40	--------	d-----w-	C:\Windows\SoftwareDistributionold
2012-01-12 18:22:17	--------	d-----w-	C:\Users\theo\AppData\Local\{9DCEEBE5-D14C-4714-8205-2A500B43A8C8}
2012-01-12 18:22:04	--------	d-----w-	C:\Users\theo\AppData\Local\{40425E11-CC6A-454F-A143-9E379A8973D7}
2012-01-12 00:16:24	--------	d-----w-	C:\Users\theo\AppData\Local\{0A5DE030-B69F-47E1-A674-5F4F19926281}
2012-01-12 00:16:13	--------	d-----w-	C:\Users\theo\AppData\Local\{1B885023-BA3C-47F1-B57B-76AA9EB59C84}
2012-01-11 21:17:01	--------	d-----w-	C:\Users\theo\AppData\Local\{B56777F6-61E2-4F36-A049-B627CAB3D2AC}
2012-01-11 21:16:49	--------	d-----w-	C:\Users\theo\AppData\Local\{406AA5B8-AA34-4011-8802-94D93B7EE149}
2012-01-11 20:01:24	--------	d-----w-	C:\Users\theo\AppData\Roaming\Windows Live Writer
2012-01-11 20:01:24	--------	d-----w-	C:\Users\theo\AppData\Local\Windows Live Writer
2012-01-11 18:25:03	--------	d-----w-	C:\Users\theo\AppData\Local\{9E63D8FB-4BFB-45ED-AB14-5D6CCA4217A1}
2012-01-11 18:24:51	--------	d-----w-	C:\Users\theo\AppData\Local\{23A789EB-EAC5-4DF8-8648-71A2836670C8}
2012-01-10 18:25:40	--------	d-----w-	C:\Users\theo\AppData\Local\{BC7D7004-854D-4777-8386-3C36F556F80B}
2012-01-10 18:25:17	--------	d-----w-	C:\Users\theo\AppData\Local\{CC9A3185-0FB5-41C3-9288-01A3A492AEB8}
2012-01-09 22:07:58	--------	d-----w-	C:\Users\theo\AppData\Local\{FF815980-0244-424F-8E2A-767AD4C186FE}
2012-01-09 22:07:44	--------	d-----w-	C:\Users\theo\AppData\Local\{FF714952-ABDA-4681-9F17-C872EF1DB078}
2012-01-09 19:22:37	--------	d-----w-	C:\Users\theo\Option
2012-01-09 18:49:13	--------	d-----w-	C:\Users\theo\AppData\Local\{FF0AE8E6-CAB1-4B51-8F35-B8DD72B3C2CD}
2012-01-09 18:49:00	--------	d-----w-	C:\Users\theo\AppData\Local\{196BAE5A-72EA-4765-BAF4-608E2A529E8E}
2012-01-08 21:03:25	--------	d-----w-	C:\Users\theo\AppData\Local\{7E87E211-F26D-46F7-B01E-105F6BE2C907}
2012-01-08 21:03:13	--------	d-----w-	C:\Users\theo\AppData\Local\{A3B44EB6-914F-4A7F-AAED-5D8C7D1F656E}
2012-01-08 19:48:09	--------	d--h--w-	C:\ProgramData\NTI Launcher
2012-01-08 19:46:06	--------	d-----w-	C:\Program Files (x86)\Common Files\muvee Technologies
2012-01-08 19:44:36	--------	d-----w-	C:\Program Files (x86)\Common Files\Macrovision Shared
2012-01-08 09:02:41	--------	d-----w-	C:\Users\theo\AppData\Local\{DE1C55CA-BE00-487C-8B21-1F4B8FBDA02F}
2012-01-08 09:02:29	--------	d-----w-	C:\Users\theo\AppData\Local\{66212391-FB45-4202-84B9-F0AA48538854}
2012-01-07 17:48:02	--------	d-----w-	C:\Users\theo\AppData\Local\{114E3808-6F7C-49DE-ADC4-545069FCA6CC}
2012-01-07 17:47:49	--------	d-----w-	C:\Users\theo\AppData\Local\{C41BA1D7-3972-47B5-8C62-8A03D0E754F8}
2012-01-07 17:21:37	417440	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2012-01-07 16:54:20	2200	----a-w-	C:\Windows\System32\ASOROSet.bin
2012-01-07 15:31:51	--------	d-----w-	C:\Program Files (x86)\Common Files\Symantec Shared
2012-01-07 14:14:03	--------	d-----w-	C:\ProgramData\Norton
2012-01-07 14:07:57	--------	d-----w-	C:\ProgramData\NortonInstaller
2012-01-07 08:10:35	--------	d-----w-	C:\Users\theo\AppData\Roaming\Systweak
2012-01-07 08:10:33	18816	----a-w-	C:\Windows\System32\roboot64.exe
2012-01-07 05:47:20	--------	d-----w-	C:\Users\theo\AppData\Local\{794672E9-659D-4E72-97B5-17688F25CB86}
2012-01-07 05:47:08	--------	d-----w-	C:\Users\theo\AppData\Local\{BBF12600-D20A-4C85-90DD-3B629FC9BDE6}
.
==================== Find3M  ====================
.
2012-01-07 17:21:37	70304	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-06 10:49:31	90192	----a-w-	C:\Windows\System32\drivers\bdfndisf6.sys
2012-01-03 18:35:05	477696	--sha-w-	C:\EUMONBMP.SYS
2012-01-03 11:23:11	1263200	----a-w-	C:\Windows\System32\drivers\tdrpm273.sys
2012-01-03 11:23:06	970336	----a-w-	C:\Windows\System32\drivers\timntr.sys
2011-12-26 18:11:09	18960	----a-w-	C:\Windows\System32\drivers\LNonPnP.sys
2011-12-22 22:09:40	189576	----a-w-	C:\Windows\System32\drivers\EuFdDisk.sys
2011-12-22 22:09:38	51336	----a-w-	C:\Windows\System32\drivers\EUBKMON.sys
2011-12-22 22:09:34	19592	----a-w-	C:\Windows\System32\drivers\eudskacs.sys
2011-12-22 22:09:30	57480	----a-w-	C:\Windows\System32\drivers\eubakup.sys
2011-12-21 00:02:26	4448256	----a-w-	C:\Windows\SysWow64\GPhotos.scr
2011-12-20 19:24:47	56	----a-w-	C:\Windows\System32\SupportTool.exe.bat
2011-12-20 19:21:29	91920	----a-w-	C:\Windows\System32\drivers\tmactmon.sys
2011-12-20 19:21:29	70928	----a-w-	C:\Windows\System32\drivers\tmevtmgr.sys
2011-12-20 19:21:29	167696	----a-w-	C:\Windows\System32\drivers\tmcomm.sys
2011-12-20 19:21:29	105744	----a-w-	C:\Windows\System32\drivers\tmtdi.sys
2011-12-13 16:31:08	173656	----a-w-	C:\Windows\System32\drivers\jmcr.sys
2011-12-08 06:06:15	1261568	----a-w-	C:\Program Files (x86)\ess.msi
2011-12-06 14:55:48	53248	----a-w-	C:\Windows\SysWow64\CSVer.dll
2011-11-24 04:52:09	3145216	----a-w-	C:\Windows\System32\win32k.sys
2011-11-23 14:13:10	2796544	----a-w-	C:\Windows\System32\drivers\athrx.sys
2011-11-23 14:13:10	2796544	----a-w-	C:\Windows\System32\athrx.sys
2011-11-23 13:15:40	34624	----a-w-	C:\Windows\System32\TURegOpt.exe
2011-11-23 13:15:32	28992	----a-w-	C:\Windows\SysWow64\uxtuneup.dll
2011-11-23 13:15:30	35648	----a-w-	C:\Windows\System32\uxtuneup.dll
2011-11-23 13:15:30	21312	----a-w-	C:\Windows\SysWow64\authuitu.dll
2011-11-23 13:15:26	25920	----a-w-	C:\Windows\System32\authuitu.dll
2011-11-17 16:11:52	145424	----a-w-	C:\Windows\System32\drivers\JME.sys
2011-11-15 13:29:56	270720	------w-	C:\Windows\System32\MpSigStub.exe
2011-11-10 04:54:13	472808	----a-w-	C:\Windows\SysWow64\deployJava1.dll
2011-09-22 11:12:00	375056	----a-w-	C:\Program Files (x86)\updater.dll
2011-09-22 11:11:58	561480	----a-w-	C:\Program Files (x86)\eguiUpdate.dll
2011-09-22 11:11:10	1694992	----a-w-	C:\Program Files (x86)\SysRescue.exe
2011-09-22 11:10:48	1877272	----a-w-	C:\Program Files (x86)\SysInspector.exe
2011-09-22 11:10:20	196848	----a-w-	C:\Program Files (x86)\shellExt.dll
2011-09-22 11:09:54	380200	----a-w-	C:\Program Files (x86)\eplgOutlook.dll
2011-09-22 11:09:52	403384	----a-w-	C:\Program Files (x86)\eplgOE.dll
2011-09-22 11:09:52	11976	----a-w-	C:\Program Files (x86)\eplgHooks.dll
2011-09-22 11:09:50	107768	----a-w-	C:\Program Files (x86)\eguiMailPlugins.dll
2011-09-22 11:07:32	136120	----a-w-	C:\Program Files (x86)\http_dll.dll
2011-09-22 11:07:30	36192	----a-w-	C:\Program Files (x86)\EHttpSrv.exe
2011-09-22 11:07:28	246288	----a-w-	C:\Program Files (x86)\eguiHips.dll
2011-09-22 11:06:46	500168	----a-w-	C:\Program Files (x86)\eplgOutlookSmon.dll
2011-09-22 11:06:46	442512	----a-w-	C:\Program Files (x86)\eplgOESmon.dll
2011-09-22 11:06:46	224152	----a-w-	C:\Program Files (x86)\eguiSmon.dll
2011-09-22 11:05:24	556848	----a-w-	C:\Program Files (x86)\eguiScan.dll
2011-09-22 11:04:44	1648672	----a-w-	C:\Program Files (x86)\eguiEpfw.dll
2011-09-22 11:04:00	744856	----a-w-	C:\Program Files (x86)\eguiParental.dll
2011-09-22 11:03:06	25904	----a-w-	C:\Program Files (x86)\eh64.exe
2011-09-22 11:03:04	4035152	----a-w-	C:\Program Files (x86)\egui.exe
2011-09-22 11:03:00	909024	----a-w-	C:\Program Files (x86)\eguiProductRcd.dll
2011-09-22 11:02:58	896664	----a-w-	C:\Program Files (x86)\eguiProduct.dll
2011-09-22 11:02:34	254016	----a-w-	C:\Program Files (x86)\eplgOEEmon.dll
2011-09-22 11:02:34	234952	----a-w-	C:\Program Files (x86)\eplgOutlookEmon.dll
2011-09-22 11:02:32	120128	----a-w-	C:\Program Files (x86)\eguiEmon.dll
2011-09-22 11:01:58	43408	----a-w-	C:\Program Files (x86)\eeclnt.exe
2011-09-22 11:01:58	115008	----a-w-	C:\Program Files (x86)\eguiDmon.dll
2011-09-22 11:01:56	167472	----a-w-	C:\Program Files (x86)\DMON.dll
2011-09-22 11:01:24	46480	----a-w-	C:\Program Files (x86)\ecmd.exe
2011-09-22 11:01:08	278664	----a-w-	C:\Program Files (x86)\ecls.exe
2011-09-22 11:00:52	346728	----a-w-	C:\Program Files (x86)\eguiAmon.dll
2011-09-22 11:00:36	70176	----a-w-	C:\Program Files (x86)\callmsi.exe
2011-09-21 19:33:45	369708	----a-w-	C:\Program Files (x86)\SS64NL.exe
2010-09-20 11:24:18	0	----a-r-	C:\Program Files (x86)\ekrnParentalLang.dll
2010-09-20 11:24:18	0	----a-r-	C:\Program Files (x86)\eguiParentalLang.dll
2010-08-24 12:46:04	0	----a-w-	C:\Program Files (x86)\ekrnHipsLang.dll
2010-08-24 12:46:04	0	----a-w-	C:\Program Files (x86)\eguiHipsLang.dll
2009-08-11 12:37:30	1655296	----a-w-	C:\Program Files (x86)\mfc80u.dll
2009-08-11 12:37:28	802640	----a-w-	C:\Program Files (x86)\msvcr80.dll
2009-08-11 12:37:28	1068368	----a-w-	C:\Program Files (x86)\msvcp80.dll
2009-04-08 17:31:56	106496	----a-w-	C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-09-12 13:42:52	0	----a-w-	C:\Program Files (x86)\SysRescueLang.dll
2008-08-12 04:45:20	155648	----a-w-	C:\Program Files (x86)\Common Files\MSIactionall.dll
2008-07-14 08:10:18	0	----a-w-	C:\Program Files (x86)\eplgTbSmonLang.dll
2008-07-14 08:10:18	0	----a-w-	C:\Program Files (x86)\eplgTbLang.dll
2008-05-19 13:47:56	0	----a-w-	C:\Program Files (x86)\SysInspectorLang.dll
2008-04-23 11:44:38	0	----a-w-	C:\Program Files (x86)\ekrnDmonLang.dll
2008-04-23 11:44:38	0	----a-w-	C:\Program Files (x86)\eguiDmonLang.dll
2007-09-12 08:45:10	0	----a-w-	C:\Program Files (x86)\eclsLang.dll
2007-08-07 07:13:08	0	----a-w-	C:\Program Files (x86)\ekrnMailPluginsLang.dll
2007-08-07 07:13:08	0	----a-w-	C:\Program Files (x86)\eguiMailPluginsLang.dll
2007-07-12 14:12:12	0	----a-w-	C:\Program Files (x86)\eplgOESmonLang.dll
2007-07-12 14:12:12	0	----a-w-	C:\Program Files (x86)\eplgOELang.dll
2007-05-29 14:04:20	0	----a-w-	C:\Program Files (x86)\ShellExtLang.dll
2007-05-10 15:22:28	0	----a-w-	C:\Program Files (x86)\eplgOutlookSmonLang.dll
2007-05-10 07:59:02	0	----a-w-	C:\Program Files (x86)\ekrnScanLang.dll
.
============= FINISH: 20:48:12,07 ===============