Hijackhislog

[misteragga]

hallo ik stuur bij deze een hijackthislog om dat mij pc traag is.

[ATTACH]25867[/ATTACH]

hijackthis.log

[kape]

Veel lijkt er niet aan de hand, maar dit mag je dan doen:

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)

O9 - Extra button: (no name) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)

O9 - Extra button: (no name) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)

O9 - Extra button: (no name) - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

Hier kan je lezen hoe je Combofix moet gebruiken.

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: klik hier of hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registry key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

[misteragga]

het lijkt er op dat de lijntjes niet verwijderd worden zie hier de logje.

hijackthislog.

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 13:39:04, on 14-5-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16537)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Users\Brian\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO

O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105

O8 - Extra context menu item: Afbeelding knippen - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000

O8 - Extra context menu item: Kopieer selectie - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3

O8 - Extra context menu item: Kopieer URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0

O8 - Extra context menu item: Nieuwe notitie - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html

O8 - Extra context menu item: Pagina opemen - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1

O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)

O9 - Extra button: (no name) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)

O9 - Extra button: (no name) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)

O9 - Extra button: (no name) - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - (no file)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll

O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe

O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: Soluto Launcher Service (SolutoLauncherService) - Soluto - C:\Program Files\Soluto\SolutoLauncherService.exe

O23 - Service: Soluto Remote Service (SolutoRemoteService) - GlavSoft LLC. - C:\Program Files\Soluto\SolutoRemoteService.exe

O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 12216 bytes

[kape]

Heb je dit als Win 7-gebruiker uitgevoerd als "administrator" ? Zo nee, doe het eerst eens op die manier en kijk dan even of de aanpassingen in het logje wel gebeurd zijn ?

[misteragga]

ik heb het als administrator uitgevoerd maar als nog lukt het niet.

[kape]

Voer ook hier dan die Combofix maar uit.

[misteragga]

combofixlog.

ComboFix 13-05-14.01 - Brian 15-05-2013 0:11.6.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3959.2136 [GMT 2:00]

Gestart vanuit: c:\users\Brian\Desktop\ComboFix.exe

AV: McAfee Antivirus en antispyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

SP: McAfee Antivirus en antispyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Brian\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk

c:\users\Brian\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-04-14 to 2013-05-14 ))))))))))))))))))))))))))))))

.

.

2013-05-14 22:16 . 2013-05-14 22:16 -------- d-----w- c:\users\Public\AppData\Local\temp

2013-05-14 22:16 . 2013-05-14 22:16 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-05-14 18:49 . 2013-05-14 20:05 -------- d-----w- c:\users\Brian\AppData\Roaming\vlc

2013-05-13 01:47 . 2013-05-13 01:48 -------- d-----w- c:\program files\Soluto

2013-05-13 01:45 . 2013-05-13 01:45 -------- d-----w- c:\users\Brian\AppData\Local\Evernote

2013-05-13 01:45 . 2013-05-13 01:45 -------- d-----w- c:\program files (x86)\Evernote

2013-05-12 00:36 . 2013-05-12 00:36 -------- dc-h--w- c:\programdata\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}

2013-05-11 23:46 . 2013-05-11 23:46 -------- d--h--w- c:\programdata\Common Files

2013-05-10 23:20 . 2013-05-10 23:20 -------- d-----w- c:\programdata\vsosdk

2013-05-10 22:49 . 2013-05-10 22:49 82816 ----a-w- c:\users\Brian\AppData\Roaming\pcouffin.sys

2013-05-10 22:49 . 2013-05-11 18:21 -------- d-----w- c:\users\Brian\AppData\Roaming\Vso

2013-05-10 22:49 . 2012-06-25 09:54 626688 ----a-w- c:\windows\SysWow64\vp7vfw.dll

2013-05-10 22:49 . 2012-06-25 09:54 1184984 ----a-w- c:\windows\SysWow64\wvc1dmod.dll

2013-05-10 22:49 . 2013-05-11 18:21 -------- d-----w- c:\programdata\VSO

2013-05-10 22:49 . 2013-05-10 22:49 -------- d-----w- c:\program files (x86)\VSO

2013-05-08 02:56 . 2013-05-08 13:00 -------- d-----w- c:\programdata\Stardock

2013-05-08 02:55 . 2013-05-08 02:55 -------- d-----w- c:\users\Brian\AppData\Local\Stardock_Corporation

2013-05-08 02:03 . 2013-05-08 02:05 -------- d-----w- c:\users\Brian\AppData\Local\Microsoft Toolkit

2013-05-08 01:55 . 2013-05-08 01:55 -------- d-----w- c:\program files\Common Files\DESIGNER

2013-05-08 01:55 . 2013-05-08 01:55 -------- d-----w- c:\program files\Microsoft.NET

2013-05-08 01:55 . 2013-05-08 01:55 -------- d-----w- c:\program files (x86)\Microsoft SQL Server

2013-05-08 01:54 . 2013-05-08 01:55 -------- d-----w- c:\program files\Microsoft SQL Server

2013-05-08 01:22 . 2013-05-08 01:22 -------- d-----w- c:\program files (x86)\Common Files\EZB Systems

2013-05-08 01:22 . 2013-05-08 01:22 -------- d-----w- c:\program files (x86)\UltraISO

2013-05-04 00:47 . 2013-05-07 16:20 54728 ----a-w- c:\windows\system32\drivers\Soluto.sys

2013-05-01 22:57 . 2013-05-08 13:22 -------- d-----w- c:\users\Brian\AppData\Local\CutePDF Writer

2013-05-01 22:56 . 2013-05-01 22:56 -------- d-----w- c:\program files (x86)\GPLGS

2013-05-01 22:55 . 2012-10-04 17:49 87152 ----a-w- c:\windows\system32\cpwmon64.dll

2013-05-01 22:55 . 2013-05-01 22:55 -------- d-----w- c:\program files (x86)\Acro Software

2013-04-30 23:53 . 2013-04-30 23:53 -------- d-----w- c:\users\Brian\Synology

2013-04-28 00:34 . 2012-05-28 08:28 197264 ----a-w- c:\windows\system32\drivers\HipShieldK.sys

2013-04-28 00:34 . 2013-04-28 00:34 -------- d-----w- c:\program files (x86)\McAfee.com

2013-04-28 00:34 . 2013-04-28 00:34 -------- d-----w- c:\program files (x86)\Common Files\McAfee

2013-04-28 00:33 . 2013-04-28 00:34 -------- d-----w- c:\program files\McAfee

2013-04-28 00:06 . 2012-12-26 07:52 182312 ----a-w- c:\windows\system32\mfevtps.exe

2013-04-28 00:06 . 2013-04-28 00:34 -------- d-----w- c:\program files\Common Files\McAfee

2013-04-27 23:59 . 2013-04-17 04:31 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E093EE89-9CA2-412A-B6D4-A14C11F773F7}\mpengine.dll

2013-04-26 12:30 . 2013-04-26 12:30 -------- d-----w- c:\program files (x86)\Common Files\Java

2013-04-26 12:29 . 2013-04-26 12:29 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-04-26 12:29 . 2013-04-26 12:29 -------- d-----w- c:\program files (x86)\Java

2013-04-24 13:27 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-04-23 23:02 . 2013-04-24 02:38 -------- d-----w- c:\program files (x86)\Ultra ISO UltraISO Premium

2013-04-23 22:25 . 2013-04-23 22:25 -------- d-----w- C:\FFOutput

2013-04-23 22:23 . 2013-04-23 23:08 -------- d-----w- c:\program files (x86)\FreeTime

2013-04-23 00:51 . 2013-04-23 00:56 -------- d-----w- c:\programdata\Webroot

2013-04-23 00:46 . 2013-05-14 02:53 -------- d-----w- c:\program files (x86)\GoforFiles

2013-04-23 00:46 . 2013-04-23 00:46 -------- d-----w- c:\users\Brian\AppData\Roaming\GoforFiles

2013-04-23 00:32 . 2013-04-23 00:31 311200 ----a-w- c:\windows\system32\javaws.exe

2013-04-23 00:32 . 2013-04-23 00:31 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll

2013-04-23 00:32 . 2013-04-23 00:31 188832 ----a-w- c:\windows\system32\javaw.exe

2013-04-23 00:32 . 2013-04-23 00:31 188320 ----a-w- c:\windows\system32\java.exe

2013-04-18 01:21 . 2012-06-09 17:21 178688 ----a-w- c:\windows\SysWow64\unrar.dll

2013-04-17 18:24 . 2013-04-17 18:24 -------- d-----w- c:\windows\system32\wbem\Logs

2013-04-16 22:37 . 2013-04-16 22:37 -------- d-----w- c:\program files (x86)\Temp File Cleaner

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-12 00:15 . 2012-07-17 13:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-04-26 22:11 . 2013-01-16 23:44 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-04-26 22:11 . 2013-01-16 23:44 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-04-26 12:29 . 2013-01-18 21:09 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2013-04-26 12:29 . 2013-01-18 21:09 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll

2013-04-23 00:31 . 2013-02-03 21:42 971680 ----a-w- c:\windows\system32\deployJava1.dll

2013-04-23 00:31 . 2013-02-03 21:42 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-04-11 00:53 . 2013-01-16 20:37 72702784 ----a-w- c:\windows\system32\MRT.exe

2013-04-06 20:09 . 2013-04-06 20:09 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys

2013-03-19 06:04 . 2013-04-10 23:40 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-19 05:46 . 2013-04-10 23:40 43520 ----a-w- c:\windows\system32\csrsrv.dll

2013-03-19 05:04 . 2013-04-10 23:40 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04 . 2013-04-10 23:40 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47 . 2013-04-10 23:40 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll

2013-03-19 03:06 . 2013-04-10 23:40 112640 ----a-w- c:\windows\system32\smss.exe

2013-03-15 17:14 . 2013-04-05 02:21 237840 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys

2013-03-15 17:14 . 2013-03-15 17:14 131856 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys

2013-03-15 17:13 . 2013-04-05 02:20 120080 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys

2013-03-15 17:13 . 2013-03-15 17:13 146704 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys

2013-03-15 17:13 . 2013-03-15 17:13 204048 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll

2013-03-13 20:14 . 2013-03-13 20:14 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll

2013-03-13 20:14 . 2013-03-13 20:14 226304 ----a-w- c:\windows\system32\elshyph.dll

2013-03-13 20:14 . 2013-03-13 20:14 185344 ----a-w- c:\windows\SysWow64\elshyph.dll

2013-03-13 20:14 . 2013-03-13 20:14 158720 ----a-w- c:\windows\SysWow64\msls31.dll

2013-03-13 20:14 . 2013-03-13 20:14 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe

2013-03-13 20:14 . 2013-03-13 20:14 523264 ----a-w- c:\windows\SysWow64\vbscript.dll

2013-03-13 20:14 . 2013-03-13 20:14 38400 ----a-w- c:\windows\SysWow64\imgutil.dll

2013-03-13 20:14 . 2013-03-13 20:14 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2013-03-13 20:14 . 2013-03-13 20:14 138752 ----a-w- c:\windows\SysWow64\wextract.exe

2013-03-13 20:14 . 2013-03-13 20:14 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2013-03-13 20:14 . 2013-03-13 20:14 12800 ----a-w- c:\windows\SysWow64\mshta.exe

2013-03-13 20:14 . 2013-03-13 20:14 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2013-03-13 20:14 . 2013-03-13 20:14 61952 ----a-w- c:\windows\SysWow64\tdc.ocx

2013-03-13 20:14 . 2013-03-13 20:14 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2013-03-13 20:14 . 2013-03-13 20:14 361984 ----a-w- c:\windows\SysWow64\html.iec

2013-03-13 20:14 . 2013-03-13 20:14 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2013-03-13 20:14 . 2013-03-13 20:14 762368 ----a-w- c:\windows\system32\ieapfltr.dll

2013-03-13 20:14 . 2013-03-13 20:14 452096 ----a-w- c:\windows\system32\dxtmsft.dll

2013-03-13 20:14 . 2013-03-13 20:14 441856 ----a-w- c:\windows\system32\html.iec

2013-03-13 20:14 . 2013-03-13 20:14 281600 ----a-w- c:\windows\system32\dxtrans.dll

2013-03-13 20:14 . 2013-03-13 20:14 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll

2013-03-13 20:14 . 2013-03-13 20:14 216064 ----a-w- c:\windows\system32\msls31.dll

2013-03-13 20:14 . 2013-03-13 20:14 197120 ----a-w- c:\windows\system32\msrating.dll

2013-03-13 20:14 . 2013-03-13 20:14 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2013-03-13 20:14 . 2013-03-13 20:14 1400416 ----a-w- c:\windows\system32\ieapfltr.dat

2013-03-13 20:14 . 2013-03-13 20:14 97280 ----a-w- c:\windows\system32\mshtmled.dll

2013-03-13 20:14 . 2013-03-13 20:14 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll

2013-03-13 20:14 . 2013-03-13 20:14 81408 ----a-w- c:\windows\system32\icardie.dll

2013-03-13 20:14 . 2013-03-13 20:14 27648 ----a-w- c:\windows\system32\licmgr10.dll

2013-03-13 20:14 . 2013-03-13 20:14 270848 ----a-w- c:\windows\system32\iedkcs32.dll

2013-03-13 20:14 . 2013-03-13 20:14 247296 ----a-w- c:\windows\system32\webcheck.dll

2013-03-13 20:14 . 2013-03-13 20:14 235008 ----a-w- c:\windows\system32\url.dll

2013-03-13 20:14 . 2013-03-13 20:14 1509376 ----a-w- c:\windows\system32\inetcpl.cpl

2013-03-13 20:14 . 2013-03-13 20:14 144896 ----a-w- c:\windows\system32\wextract.exe

2013-03-13 20:14 . 2013-03-13 20:14 102912 ----a-w- c:\windows\system32\inseng.dll

2013-03-13 20:14 . 2013-03-13 20:14 62976 ----a-w- c:\windows\system32\pngfilt.dll

2013-03-13 20:14 . 2013-03-13 20:14 599552 ----a-w- c:\windows\system32\vbscript.dll

2013-03-13 20:14 . 2013-03-13 20:14 52224 ----a-w- c:\windows\system32\msfeedsbs.dll

2013-03-13 20:14 . 2013-03-13 20:14 51200 ----a-w- c:\windows\system32\imgutil.dll

2013-03-13 20:14 . 2013-03-13 20:14 173568 ----a-w- c:\windows\system32\ieUnatt.exe

2013-03-13 20:14 . 2013-03-13 20:14 167424 ----a-w- c:\windows\system32\iexpress.exe

2013-03-13 20:14 . 2013-03-13 20:14 149504 ----a-w- c:\windows\system32\occache.dll

2013-03-13 20:14 . 2013-03-13 20:14 13824 ----a-w- c:\windows\system32\mshta.exe

2013-03-13 20:14 . 2013-03-13 20:14 136192 ----a-w- c:\windows\system32\iepeers.dll

2013-03-13 20:14 . 2013-03-13 20:14 135680 ----a-w- c:\windows\system32\IEAdvpack.dll

2013-03-13 20:14 . 2013-03-13 20:14 12800 ----a-w- c:\windows\system32\msfeedssync.exe

2013-03-13 20:14 . 2013-03-13 20:14 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2013-03-13 20:14 . 2013-03-13 20:14 77312 ----a-w- c:\windows\system32\tdc.ocx

2013-03-13 20:14 . 2013-03-13 20:14 48640 ----a-w- c:\windows\system32\mshtmler.dll

2013-03-11 23:10 . 2013-01-15 21:51 282744 ------w- c:\windows\system32\MpSigStub.exe

2013-03-01 03:36 . 2013-04-10 23:41 3153408 ----a-w- c:\windows\system32\win32k.sys

2013-02-28 00:14 . 2013-02-28 00:14 773968 ----a-w- c:\windows\SysWow64\msvcr100.dll

2013-02-28 00:14 . 2013-02-28 00:14 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll

2013-02-21 10:30 . 2013-04-11 00:52 1766912 ----a-w- c:\windows\SysWow64\wininet.dll

2013-02-21 10:29 . 2013-04-11 00:52 2877440 ----a-w- c:\windows\SysWow64\jscript9.dll

2013-02-21 10:29 . 2013-04-11 00:52 61440 ----a-w- c:\windows\SysWow64\iesetup.dll

2013-02-21 10:29 . 2013-04-11 00:52 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll

2013-02-21 10:15 . 2013-04-11 00:52 51712 ----a-w- c:\windows\system32\ie4uinit.exe

2013-02-21 10:15 . 2013-04-11 00:52 2240512 ----a-w- c:\windows\system32\wininet.dll

2013-02-21 10:14 . 2013-04-11 00:52 1365504 ----a-w- c:\windows\system32\urlmon.dll

2013-02-21 10:14 . 2013-04-11 00:52 19230208 ----a-w- c:\windows\system32\mshtml.dll

2013-02-21 10:14 . 2013-04-11 00:52 603136 ----a-w- c:\windows\system32\msfeeds.dll

2013-02-21 10:14 . 2013-04-11 00:52 3958784 ----a-w- c:\windows\system32\jscript9.dll

2013-02-21 10:14 . 2013-04-11 00:52 53248 ----a-w- c:\windows\system32\jsproxy.dll

2013-02-21 10:14 . 2013-04-11 00:52 855552 ----a-w- c:\windows\system32\jscript.dll

2013-02-21 10:14 . 2013-04-11 00:52 526336 ----a-w- c:\windows\system32\ieui.dll

2013-02-21 10:14 . 2013-04-11 00:52 67072 ----a-w- c:\windows\system32\iesetup.dll

2013-02-21 10:14 . 2013-04-11 00:52 136704 ----a-w- c:\windows\system32\iesysprep.dll

2013-02-21 10:14 . 2013-04-11 00:52 2647040 ----a-w- c:\windows\system32\iertutil.dll

2013-02-21 10:14 . 2013-04-11 00:52 39936 ----a-w- c:\windows\system32\iernonce.dll

2013-02-21 10:14 . 2013-04-11 00:52 15404544 ----a-w- c:\windows\system32\ieframe.dll

2013-02-19 12:01 . 2013-04-11 00:52 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb

2013-02-19 11:42 . 2013-04-11 00:52 2706432 ----a-w- c:\windows\system32\mshtml.tlb

2013-02-19 11:10 . 2013-04-11 00:52 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2013-02-19 10:51 . 2013-04-11 00:52 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]

@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"

[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]

2013-02-22 16:05 1722976 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]

@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"

[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]

2013-02-22 16:05 1722976 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]

@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"

[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]

2013-02-22 16:05 1722976 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"ccleaner"="c:\program files\CCleaner\CCleaner64.exe" [2013-04-23 6070040]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-02-28 454600]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2119488]

WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"UacDisableNotify"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux2"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]

R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [2010-09-27 35840]

R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]

R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-05-28 197264]

R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2010-05-14 271712]

R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]

R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys [2012-11-01 97208]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 178824]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]

R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]

R3 SolutoRemoteService;Soluto Remote Service;c:\program files\Soluto\SolutoRemoteService.exe [2013-05-07 1671168]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2013-03-15 131856]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-01-16 1255736]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-12-26 339776]

S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2013-05-07 54728]

S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2013-03-15 237840]

S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2013-03-15 120080]

S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-03-05 221296]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2012-12-04 103472]

S2 McMPFSvc;McAfee Personal Firewall;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-03-05 221296]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-03-05 221296]

S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-03-05 221296]

S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [2012-10-06 1007288]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-12-26 218320]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-12-26 182312]

S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]

S2 SolutoLauncherService;Soluto Launcher Service;c:\program files\Soluto\SolutoLauncherService.exe [2013-05-07 182848]

S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2013-05-07 727616]

S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]

S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]

S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048]

S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]

S3 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-23 203264]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-12-26 69672]

S3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]

S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-12-26 515528]

S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys [2012-11-01 328976]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-07-04 349800]

S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2013-03-15 146704]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - mfeavfk01

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-04-11 20:01 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-04-27 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-16 22:11]

.

2013-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-18 22:50]

.

2013-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-18 22:50]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]

@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"

[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]

2013-02-22 15:59 2325624 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]

@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"

[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]

2013-02-22 15:59 2325624 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]

@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"

[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]

2013-02-22 15:59 2325624 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Soluto"="c:\program files\soluto\soluto.exe" [2013-05-07 1239104]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]

"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService

FontCache

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://google.nl/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office15\ONBttnIE.dll/105

IE: Afbeelding knippen - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office15\EXCEL.EXE/3000

IE: Kopieer selectie - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3

IE: Kopieer URL - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0

IE: Nieuwe notitie - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html

IE: Pagina opemen - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1

TCP: DhcpNameServer = 192.168.1.1

Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-2391213282-3725655521-2080561922-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-2391213282-3725655521-2080561922-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-05-15 00:17:42

ComboFix-quarantined-files.txt 2013-05-14 22:17

.

Pre-Run: 1.439.556.800.512 bytes beschikbaar

Post-Run: 1.439.576.608.768 bytes beschikbaar

.

- - End Of File - - 48253DC7E9358F752516C94B232DF98B

[kape]

Dat ziet er behoorlijk goed uit. Kijk eens wat er in deze map zit: c:\programdata\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}

[misteragga]

dit zit er in de map.

[kape]

Dan mag je dat zo laten ... en ook hier even AdwCleaner, dan.

Download AdwCleaner by Xplode naar je bureaublad.

Sluit alle openstaande vensters.

• Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
  
• Voor XP: Gewoon dubbelklikken op AdwCleaner.
  
• Klik vervolgens op Verwijderen.
  
• Klik bij AdwCleaner – Informatie op OK
  
• Klik bij AdwCleaner – Herstarten Noodzakelijk op OK
  

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht.