Hallo,
Al enige tijd ervaar ik meer en meer fouten in het systeem: laptop HP ProBook 4740s met Windows 7 pro SP1.
Graag wat hulp hiermee om te voorkomen dat ik alles opnieuw moet installeren.
Alvast bedankt.
Onderstaand al enkele logjes die ik gemaakt heb:
Logfile of random's system information tool 1.09 (written by random/random)
Run by installer at 2013-04-18 12:07:19
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 354 GB (78%) free of 453 GB
Total RAM: 8073 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:07:23, on 18/04/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\installer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCOM/5
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/5
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCOM/5
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = tismbree.be
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = tismbree.be
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = tismbree.be
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8460 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1896
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6e0e6e54-af61-4297-9612-75c06b2eb5e6 -SystemEventPortName:HostProcess-2493e591-15f2-40fa-bda9-a55045ca02f2 -IoCancelEventPortName:HostProcess-c0c21f56-6bb2-4b85-9d3c-9216d27644c3 -NonStateChangingEventPortName:HostProcess-142e7ff7-1b78-4a4b-876a-7753f40b709a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6345a041-f4ab-4054-ad4f-6be0536a8c31 -DeviceGroupId:
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files\Microsoft Security Client\msseces.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3940.0.923774830\2071594911" --supports-dual-gpus=false --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.951.6.0 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/17/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="3940.2.2095031186\818270072" /prefetch:3
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\installer\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GlaryInitialize.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\HPCeeScheduleForPm.job
=========Mozilla firefox=========
ProfilePath - C:\Users\installer\AppData\Roaming\Mozilla\Firefox\Profiles\j95hg6o2.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
bing.xml
bolcom-nl.xml
google.xml
marktplaats-nl.xml
Search_Results.xml
wikipedia-nl.xml
C:\Users\installer\AppData\Roaming\Mozilla\Firefox\Profiles\j95hg6o2.default\extensions\
{377e5d4d-77e5-476a-8716-7e70a9272da0}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-03 537576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}]
DataMngr - C:\PROGRA~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL [2013-02-14 104312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-03 193512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22 122456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377e5d4d-77e5-476a-8716-7e70a9272da0}]
Search-Results Toolbar - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll [2012-12-07 89288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-05 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-05 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{377e5d4d-77e5-476a-8716-7e70a9272da0} - Search-Results Toolbar - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll [2012-12-07 89288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD AVT]
Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2012-08-16 364032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR]
C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE [2013-02-14 1683456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2012-03-22 12310616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE [2011-02-12 944520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\windows\system32\hkcmd.exe [2012-03-26 398616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPConnectionManager]
c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-03-16 184704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPPowerAssistant]
C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2012-03-15 15232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-03-01 56088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\windows\system32\igfxtray.exe [2012-03-26 170264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-02-20 152392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MfeEpePcMonitor]
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-16 1436736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2012-10-13 1088424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2012-01-20 719672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2012-03-07 684024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\windows\system32\igfxpers.exe [2012-03-26 439064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-30 636032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-09 2887440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2012-03-05 1425408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2012-08-28 247768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON]
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^pm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\pm\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-03-12 29106336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^pm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk]
C:\PROGRA~2\MICROS~1\Office14\GROOVE.EXE [2012-09-20 30785672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^pm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2012-08-13 1199104]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-03-26 434688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-04-18 12:07:19 ----D---- C:\rsit
2013-04-18 12:07:19 ----D---- C:\Program Files\trend micro
2013-04-18 10:41:12 ----D---- C:\windows\temp
2013-04-18 10:41:04 ----A---- C:\ComboFix.txt
2013-04-18 10:11:20 ----A---- C:\windows\zip.exe
2013-04-18 10:11:20 ----A---- C:\windows\SWSC.exe
2013-04-18 10:11:20 ----A---- C:\windows\SWREG.exe
2013-04-18 10:11:20 ----A---- C:\windows\sed.exe
2013-04-18 10:11:20 ----A---- C:\windows\PEV.exe
2013-04-18 10:11:20 ----A---- C:\windows\NIRCMD.exe
2013-04-18 10:11:20 ----A---- C:\windows\MBR.exe
2013-04-18 10:11:20 ----A---- C:\windows\grep.exe
2013-04-18 10:10:26 ----D---- C:\Qoobox
2013-04-18 10:09:57 ----D---- C:\windows\erdnt
2013-04-18 09:57:04 ----D---- C:\Users\installer\AppData\Roaming\Malwarebytes
2013-04-15 09:15:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-04-11 17:55:02 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-04-11 17:55:02 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-04-11 17:55:02 ----A---- C:\windows\system32\mshtmled.dll
2013-04-11 17:55:01 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-04-11 17:55:01 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-04-11 17:55:01 ----A---- C:\windows\system32\ieUnatt.exe
2013-04-11 17:55:01 ----A---- C:\windows\system32\ieui.dll
2013-04-11 17:55:00 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-04-11 17:55:00 ----A---- C:\windows\SYSWOW64\url.dll
2013-04-11 17:55:00 ----A---- C:\windows\system32\urlmon.dll
2013-04-11 17:55:00 ----A---- C:\windows\system32\url.dll
2013-04-11 17:55:00 ----A---- C:\windows\system32\jscript9.dll
2013-04-11 17:54:59 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-04-11 17:54:59 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-04-11 17:54:59 ----A---- C:\windows\system32\wininet.dll
2013-04-11 17:54:59 ----A---- C:\windows\system32\msfeeds.dll
2013-04-11 17:54:59 ----A---- C:\windows\system32\jsproxy.dll
2013-04-11 17:54:58 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-04-11 17:54:58 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-04-11 17:54:58 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-04-11 17:54:58 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-04-11 17:54:58 ----A---- C:\windows\system32\vbscript.dll
2013-04-11 17:54:58 ----A---- C:\windows\system32\jscript.dll
2013-04-11 17:54:58 ----A---- C:\windows\system32\iertutil.dll
2013-04-11 17:54:56 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-04-11 17:54:56 ----A---- C:\windows\system32\mshtml.dll
2013-04-11 17:54:55 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-04-11 17:54:55 ----A---- C:\windows\system32\ieframe.dll
2013-04-11 08:23:53 ----A---- C:\windows\SYSWOW64\mstscax.dll
2013-04-11 08:23:53 ----A---- C:\windows\system32\mstscax.dll
2013-04-11 08:23:52 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2013-04-11 08:23:52 ----A---- C:\windows\SYSWOW64\aaclient.dll
2013-04-11 08:23:52 ----A---- C:\windows\system32\tsgqec.dll
2013-04-11 08:23:52 ----A---- C:\windows\system32\aaclient.dll
2013-04-11 08:23:44 ----A---- C:\windows\system32\win32k.sys
2013-04-11 08:23:44 ----A---- C:\windows\system32\drivers\fvevol.sys
2013-04-11 08:23:43 ----A---- C:\windows\system32\ntoskrnl.exe
2013-04-11 08:23:42 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2013-04-11 08:23:42 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2013-04-11 08:23:41 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2013-04-11 08:23:41 ----A---- C:\windows\system32\smss.exe
2013-04-11 08:23:41 ----A---- C:\windows\system32\csrsrv.dll
2013-03-26 09:30:44 ----A---- C:\windows\system32\drivers\usb8023.sys
2013-03-25 16:01:06 ----D---- C:\windows\pss
======List of files/folders modified in the last 1 month======
2013-04-18 12:07:19 ----RD---- C:\Program Files
2013-04-18 10:41:12 ----D---- C:\Windows
2013-04-18 10:38:42 ----A---- C:\windows\system.ini
2013-04-18 10:38:39 ----D---- C:\windows\system32\drivers\etc
2013-04-18 10:38:11 ----D---- C:\ProgramData\Wincert
2013-04-18 10:34:55 ----D---- C:\windows\SYSWOW64\drivers
2013-04-18 10:34:55 ----D---- C:\windows\SysWOW64
2013-04-18 10:34:55 ----D---- C:\windows\AppPatch
2013-04-18 10:34:55 ----D---- C:\Program Files (x86)\Common Files
2013-04-18 10:10:27 ----D---- C:\windows\system32\drivers
2013-04-18 10:09:34 ----D---- C:\windows\system32\config
2013-04-18 09:59:12 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-18 09:57:28 ----D---- C:\windows\System32
2013-04-18 09:57:28 ----D---- C:\windows\inf
2013-04-18 09:57:28 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-04-17 19:15:53 ----D---- C:\windows\Tasks
2013-04-17 19:15:53 ----D---- C:\windows\system32\wbem
2013-04-17 19:15:53 ----D---- C:\windows\system32\Tasks
2013-04-17 19:15:52 ----D---- C:\windows\system32\DriverStore
2013-04-17 19:15:52 ----D---- C:\windows\system32\CodeIntegrity
2013-04-17 19:15:51 ----D---- C:\windows\system32\catroot2
2013-04-17 19:15:49 ----D---- C:\Program Files (x86)\Glary Utilities
2013-04-17 19:15:47 ----D---- C:\windows\registration
2013-04-17 19:15:41 ----D---- C:\Ardis
2013-04-17 09:28:20 ----SHD---- C:\System Volume Information
2013-04-17 09:17:14 ----D---- C:\windows\Minidump
2013-04-16 08:22:43 ----D---- C:\windows\Prefetch
2013-04-16 08:05:48 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-15 09:20:34 ----RD---- C:\Program Files (x86)
2013-04-15 08:48:59 ----D---- C:\windows\system32\catroot
2013-04-15 08:35:03 ----D---- C:\windows\winsxs
2013-04-15 08:33:29 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-15 08:33:28 ----D---- C:\windows\SYSWOW64\migration
2013-04-15 08:33:27 ----D---- C:\windows\system32\migration
2013-04-15 08:33:26 ----D---- C:\Program Files\Internet Explorer
2013-04-11 17:55:58 ----A---- C:\windows\system32\MRT.exe
2013-04-11 17:55:40 ----SHD---- C:\windows\Installer
2013-04-11 17:55:38 ----D---- C:\ProgramData\Microsoft Help
2013-04-11 09:59:13 ----D---- C:\windows\rescache
2013-04-02 12:34:28 ----N---- C:\windows\system32\MpSigStub.exe
2013-03-25 18:40:48 ----D---- C:\windows\system32\drivers\UMDF
2013-03-25 18:40:47 ----D---- C:\windows\security
2013-03-25 18:40:45 ----D---- C:\ProgramData\FLEXnet
2013-03-25 18:40:28 ----RD---- C:\MSOCache
2013-03-25 16:01:26 ----A---- C:\windows\SYSWOW64\log.txt
2013-03-25 15:49:35 ----D---- C:\ProgramData\PDFC
2013-03-25 15:49:25 ----A---- C:\windows\SYSWOW64\bscs.ini
2013-03-25 15:12:19 ----A---- C:\windows\SYSWOW64\LOCALSERVICE.INI
2013-03-25 15:12:17 ----A---- C:\windows\SYSWOW64\LOCALDEVICE.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\windows\system32\DRIVERS\amdkmpfd.sys [2012-03-20 32896]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-03-16 30488]
R0 iaStor;Intel RAID Controller; C:\windows\system32\drivers\iaStor.sys [2012-02-02 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 MfeEpeOpal;MfeEpeOpal; C:\windows\system32\drivers\MfeEpeOpal.sys [2012-03-22 93640]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2012-03-22 158792]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R2 Sentinel64;Sentinel64; C:\windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-03-16 43800]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2012-03-29 10859008]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2012-03-29 328704]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2012-02-03 42816]
R3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service; C:\windows\System32\Drivers\BtAudioBus.sys [2011-08-13 23104]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2012-03-26 14748416]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2012-02-28 173656]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [2012-07-06 1874016]
R3 rtbth;RTBTH Bluetooth Device Driver; C:\windows\system32\DRIVERS\rtbth.sys [2012-06-14 685152]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-11-24 648808]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2012-07-28 1862536]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-03-05 536064]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\drivers\SynTP.sys [2012-03-09 425232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\windows\System32\Drivers\BtL2caScoIf.sys [2012-04-03 51776]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\windows\System32\Drivers\BTHUSB.sys [2012-04-16 80384]
S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\windows\System32\Drivers\IvtUrbBtFlt.sys [2012-03-05 48320]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2012-01-31 64312]
S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2012-09-12 57856]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-03-26 14748416]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
S3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-28 84864]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-06-11 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-06-11 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey; C:\windows\system32\DRIVERS\SNTUSB64.SYS [2011-09-22 63528]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-06-11 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2012-09-28 53760]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-06-11 9216]
S3 vmbus;vmbus; C:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-28 12784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-28 288272]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-14 253656]
S4 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2012-03-29 235520]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
S4 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2012-08-15 1578496]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
S4 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2012-08-15 138752]
S4 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-26 276248]
S4 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-03-15 493904]
S4 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [2009-07-22 81920]
S4 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [2009-07-22 2736128]
S4 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2012-02-01 477056]
S4 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-04 1436424]
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-12-04 1044816]
S4 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-30 136176]
S4 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-30 136176]
S4 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S4 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-15 152992]
S4 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]
S4 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-03-16 1420160]
S4 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-03-22 372824]
S4 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
S4 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-03-14 994176]
S4 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-03-16 33560]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-01 13592]
S4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
S4 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-28 128280]
S4 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-28 165144]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-28 277784]
S4 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2012-03-22 1327104]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-15 115608]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-03-07 1134584]
S4 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552]
S4 SentinelKeysServer;Sentinel Keys Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2011-09-22 374304]
S4 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2011-09-22 1259040]
S4 SentinelSecurityRuntime;Sentinel Security Runtime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2011-09-22 292384]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S4 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-03-05 314880]
S4 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
S4 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2012-04-05 498352]
S4 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-28 363800]
S4 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2012-03-20 2694224]
-----------------EOF-----------------
DDS (Ver_2012-11-05.02) - NTFS_AMD64
Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.17.2
Run by installer at 12:24:28 on 2013-04-18
Microsoft Windows 7 Professional 6.1.7601.1.1252.32.1043.18.8073.5570 [GMT 2:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\System32\WUDFHost.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\NOTEPAD.EXE
C:\windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: File Sanitizer for HP ProtectTools: {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
BHO: Search-Results Toolbar: {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Aanmeldhulp voor Microsoft-account: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Search-Results Toolbar: {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: NameServer = 172.16.0.5
TCP: Interfaces\{13DBF36D-F16A-4F6E-9DEB-CD4E6C000A24} : DHCPNameServer = 172.16.0.5
TCP: Interfaces\{32BA5542-E127-4BDE-BF96-189428C2D286} : DHCPNameServer = 195.130.131.131 195.130.130.3
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: DeviceNP - DeviceNP.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Notification Packages = DPPassFilter scecli
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: DataMngr: {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\installer\AppData\Roaming\Mozilla\Firefox\Profiles\j95hg6o2.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\installer\AppData\Roaming\Mozilla\Firefox\Profiles\j95hg6o2.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-03-09 20:16; {377e5d4d-77e5-476a-8716-7e70a9272da0}; C:\Users\installer\AppData\Roaming\Mozilla\Firefox\Profiles\j95hg6o2.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0}
FF - ExtSQL: 2013-03-09 20:17; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; C:\Program Files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension
FF - ExtSQL: 2013-04-18 12:19; {e001c731-5e37-4538-a5cb-8168736a2360}; C:\Users\installer\AppData\Roaming\Mozilla\Firefox\Profiles\j95hg6o2.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\windows\System32\drivers\amdkmpfd.sys [2012-3-20 32896]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-3-27 19224]
R0 MfeEpeOpal;MfeEpeOpal;C:\windows\System32\drivers\MfeEpeOpal.sys [2012-3-22 93640]
R0 MfeEpePc;MfeEpePc;C:\windows\System32\drivers\MfeEpePc.sys [2012-3-22 158792]
R1 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2011-4-18 189440]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-25 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-29 701512]
R2 Sentinel64;Sentinel64;C:\windows\System32\drivers\sentinel64.sys [2012-12-4 145448]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\windows\System32\drivers\ArcSoftVCapture.sys [2012-11-8 42816]
R3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service;C:\windows\System32\drivers\BtAudioBus.sys [2011-8-13 23104]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
R3 intelkmd;intelkmd;C:\windows\System32\drivers\igdpmd64.sys [2012-3-26 14748416]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-3-27 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-3-27 789272]
R3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2012-2-28 173656]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2012-11-29 25928]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\windows\System32\drivers\netr28x.sys [2012-11-8 1874016]
R3 rtbth;RTBTH Bluetooth Device Driver;C:\windows\System32\drivers\rtbth.sys [2012-6-14 685152]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-4-16 648808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;C:\windows\System32\drivers\BtL2caScoIf.sys [2012-4-3 51776]
S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;C:\windows\System32\drivers\IvtUrbBtFlt.sys [2012-3-5 48320]
S3 DAMDrv;DAMDrv;C:\windows\System32\drivers\DAMDrv64.sys [2012-1-31 64312]
S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2012-11-29 57856]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\windows\System32\drivers\MpNWMon.sys [2011-4-18 40832]
S3 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2011-4-28 84864]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-28 288272]
S3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;C:\windows\System32\drivers\SNTUSB64.SYS [2011-9-22 63528]
S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-11-30 1255736]
S4 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-3-29 235520]
S4 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [2012-12-4 81920]
S4 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [2012-12-4 2736128]
S4 FLCDLOCK;HP ProtectTools Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2012-2-1 477056]
S4 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-4 1436424]
S4 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-3-15 152992]
S4 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-10 86072]
S4 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-3-16 1420160]
S4 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-3-22 372824]
S4 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-3-14 365440]
S4 hpsrv;HP Service;C:\windows\System32\hpservice.exe [2012-3-16 33560]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-4-16 13592]
S4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-3-7 629984]
S4 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-11-8 128280]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-8 165144]
S4 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2012-3-22 1327104]
S4 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-4-16 1134584]
S4 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-11-8 117552]
S4 SentinelKeysServer;Sentinel Keys Server;C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2011-9-22 374304]
S4 SentinelSecurityRuntime;Sentinel Security Runtime;C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2011-9-22 292384]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S4 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-8-28 92632]
S4 uArcCapture;ArcCapture;C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe [2012-11-8 498352]
S4 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-8 363800]
S4 vcsFPService;Validity VCS Fingerprint Service;C:\windows\System32\vcsFPService.exe [2012-3-20 2694224]
.
=============== File Associations ===============
.
ShellExec: acad.exe: open="C:\Program Files\Autodesk\AutoCAD 2011\acad.exe"
ShellExec: DigitalTheatre.exe: open="c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTStart.exe" "%1"
.
=============== Created Last 30 ================
.
2013-04-18 10:19:24 -------- d-----w- C:\Users\installer\AppData\Roaming\QuickScan
2013-04-18 10:07:19 -------- d-----w- C:\Program Files\trend micro
2013-04-18 08:11:20 98816 ----a-w- C:\windows\sed.exe
2013-04-18 08:11:20 256000 ----a-w- C:\windows\PEV.exe
2013-04-18 08:11:20 208896 ----a-w- C:\windows\MBR.exe
2013-04-18 07:57:04 -------- d-----w- C:\Users\installer\AppData\Roaming\Malwarebytes
2013-04-18 07:36:51 9317456 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9086ADB8-4579-4FA1-8196-01D1BA3C1A14}\mpengine.dll
2013-04-15 07:16:01 26520 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-hang-ui.exe
2013-04-11 15:55:02 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-04-11 06:23:53 3717632 ----a-w- C:\windows\System32\mstscax.dll
2013-03-26 07:30:44 19968 ----a-w- C:\windows\System32\drivers\usb8023.sys
2013-03-25 14:01:06 -------- d-----w- C:\windows\pss
.
==================== Find3M ====================
.
2013-04-04 12:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-04-02 10:34:28 282744 ------w- C:\windows\System32\MpSigStub.exe
2013-03-19 06:04:06 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\windows\System32\smss.exe
2013-03-14 10:00:15 73432 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-14 10:00:15 693976 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-03-05 07:21:41 95648 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-05 07:21:39 861088 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-03-05 07:21:39 782240 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-03-01 03:36:04 3153408 ----a-w- C:\windows\System32\win32k.sys
2013-02-22 06:27:49 2312704 ----a-w- C:\windows\System32\jscript9.dll
2013-02-22 06:20:51 1392128 ----a-w- C:\windows\System32\wininet.dll
2013-02-22 06:19:37 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2013-02-22 06:15:48 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2013-02-22 06:15:23 599040 ----a-w- C:\windows\System32\vbscript.dll
2013-02-22 06:12:41 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2013-02-22 03:46:00 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-02-22 03:38:00 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2013-02-22 03:37:50 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2013-02-22 03:34:17 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2013-02-22 03:34:03 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2013-02-22 03:31:46 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-02-15 06:08:40 44032 ----a-w- C:\windows\System32\tsgqec.dll
2013-02-15 06:02:26 158720 ----a-w- C:\windows\System32\aaclient.dll
2013-02-15 04:37:10 3217408 ----a-w- C:\windows\SysWow64\mstscax.dll
2013-02-15 04:34:10 131584 ----a-w- C:\windows\SysWow64\aaclient.dll
2013-02-15 03:25:51 36864 ----a-w- C:\windows\SysWow64\tsgqec.dll
2013-02-12 05:45:24 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll
2013-01-24 06:01:01 223752 ----a-w- C:\windows\System32\drivers\fvevol.sys
.
============= FINISH: 12:24:51,74 ===============
De volledige log van Combofix heb ik ook, maar die paste hier niet meer bij en is misschien ook niet nodig.
groeten
