ComboFix 12-09-07.03 - Tom 08/09/2012  15:11:32.4.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.32.1043.18.3956.2405 [GMT 2:00]
Gestart vanuit: c:\users\Tom\Desktop\ComboFix.exe
AV: BitDefender Antivirus *Enabled/Updated* {982ADE23-275B-0766-37C5-DE01A484098E}
FW: BitDefender Firewall *Enabled* {A0115F06-6D34-063E-1C9A-77345A574EF5}
SP: BitDefender Antispyware *Enabled/Updated* {234B3FC7-0161-08E8-0D75-E573DF034333}
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2012-08-08 to 2012-09-08  ))))))))))))))))))))))))))))))
.
.
2012-09-08 13:21 . 2012-09-08 13:21	--------	d-----w-	c:\users\Public\AppData\Local\temp
2012-09-08 13:21 . 2012-09-08 13:21	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-09-04 09:32 . 2012-09-04 09:31	916456	----a-w-	c:\windows\system32\deployJava1.dll
2012-09-04 09:32 . 2012-09-04 09:31	289768	----a-w-	c:\windows\system32\javaws.exe
2012-09-04 09:32 . 2012-09-04 09:31	1034216	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-09-04 09:31 . 2012-09-04 09:31	108008	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2012-09-04 09:31 . 2012-09-04 09:31	189416	----a-w-	c:\windows\system32\javaw.exe
2012-09-04 09:31 . 2012-09-04 09:31	188904	----a-w-	c:\windows\system32\java.exe
2012-09-04 09:31 . 2012-09-04 09:31	--------	d-----w-	c:\program files\Java
2012-09-04 09:05 . 2012-09-04 09:05	73696	----a-w-	c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-08-16 11:08 . 2012-08-16 11:08	--------	d-----w-	c:\windows\nl
2012-08-16 11:05 . 2012-08-16 11:05	--------	d-----w-	c:\program files\Windows Live
2012-08-16 11:01 . 2012-08-16 11:01	89944	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\6cdc0b1e1cd7b9e01\DSETUP.dll
2012-08-16 11:01 . 2012-08-16 11:01	537432	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\6cdc0b1e1cd7b9e01\DXSETUP.exe
2012-08-16 11:01 . 2012-08-16 11:01	1801048	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\6cdc0b1e1cd7b9e01\dsetup32.dll
2012-08-15 15:25 . 2012-08-15 15:25	--------	d-----w-	c:\program files (x86)\Common Files\Java
2012-08-15 15:24 . 2012-08-15 15:24	95208	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-15 12:35 . 2012-05-05 08:36	503808	----a-w-	c:\windows\system32\srcore.dll
2012-08-15 12:35 . 2012-05-05 07:46	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2012-08-15 12:35 . 2012-07-04 22:16	73216	----a-w-	c:\windows\system32\netapi32.dll
2012-08-15 12:35 . 2012-07-04 22:13	59392	----a-w-	c:\windows\system32\browcli.dll
2012-08-15 12:35 . 2012-07-04 22:13	136704	----a-w-	c:\windows\system32\browser.dll
2012-08-15 12:35 . 2012-07-04 21:14	41984	----a-w-	c:\windows\SysWow64\browcli.dll
2012-08-15 12:35 . 2012-02-11 06:43	751104	----a-w-	c:\windows\system32\win32spl.dll
2012-08-15 12:35 . 2012-02-11 06:36	559104	----a-w-	c:\windows\system32\spoolsv.exe
2012-08-15 12:35 . 2012-02-11 06:36	67072	----a-w-	c:\windows\splwow64.exe
2012-08-15 12:35 . 2012-02-11 05:43	492032	----a-w-	c:\windows\SysWow64\win32spl.dll
2012-08-15 12:35 . 2012-07-18 18:15	3148800	----a-w-	c:\windows\system32\win32k.sys
2012-08-15 12:33 . 2012-05-14 05:26	956928	----a-w-	c:\windows\system32\localspl.dll
2012-08-11 21:38 . 2012-08-11 21:38	--------	d-----w-	c:\users\Tom\AppData\Roaming\TuneUp Software
2012-08-11 21:38 . 2012-08-11 21:39	--------	d-----w-	c:\programdata\TuneUp Software
2012-08-11 21:38 . 2012-08-11 21:38	--------	d-s---w-	c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-08-11 21:37 . 2012-08-11 21:37	--------	d-----w-	c:\users\Tom\AppData\Roaming\OpenCandy
2012-08-11 21:37 . 2012-08-23 09:18	405152	----a-w-	c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-07 18:11 . 2009-10-19 15:04	88144	----a-w-	c:\windows\system32\drivers\BdfNdisf6.sys
2012-08-15 15:24 . 2012-05-17 14:06	821736	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2012-08-15 15:24 . 2010-08-23 10:40	746984	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-08-15 13:40 . 2010-01-31 21:14	62134624	----a-w-	c:\windows\system32\MRT.exe
2012-08-15 13:00 . 2012-07-04 21:59	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-15 13:00 . 2011-05-24 09:00	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-14 12:20 . 2012-07-14 12:20	89088	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2012-07-14 12:20 . 2012-07-14 12:20	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2012-07-14 12:20 . 2012-07-14 12:20	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2012-07-14 12:20 . 2012-07-14 12:20	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-07-14 12:20 . 2012-07-14 12:20	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2012-07-14 12:20 . 2012-07-14 12:20	65024	----a-w-	c:\windows\system32\pngfilt.dll
2012-07-14 12:20 . 2012-07-14 12:20	63488	----a-w-	c:\windows\SysWow64\tdc.ocx
2012-07-14 12:20 . 2012-07-14 12:20	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2012-07-14 12:20 . 2012-07-14 12:20	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-07-14 12:20 . 2012-07-14 12:20	367104	----a-w-	c:\windows\SysWow64\html.iec
2012-07-14 12:20 . 2012-07-14 12:20	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2012-07-14 12:20 . 2012-07-14 12:20	267776	----a-w-	c:\windows\system32\ieaksie.dll
2012-07-14 12:20 . 2012-07-14 12:20	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2012-07-14 12:20 . 2012-07-14 12:20	222208	----a-w-	c:\windows\system32\msls31.dll
2012-07-14 12:20 . 2012-07-14 12:20	197120	----a-w-	c:\windows\system32\msrating.dll
2012-07-14 12:20 . 2012-07-14 12:20	163840	----a-w-	c:\windows\system32\ieakui.dll
2012-07-14 12:20 . 2012-07-14 12:20	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2012-07-14 12:20 . 2012-07-14 12:20	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2012-07-14 12:20 . 2012-07-14 12:20	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2012-07-14 12:20 . 2012-07-14 12:20	149504	----a-w-	c:\windows\system32\occache.dll
2012-07-14 12:20 . 2012-07-14 12:20	12288	----a-w-	c:\windows\system32\mshta.exe
2012-07-14 12:20 . 2012-07-14 12:20	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2012-07-14 12:20 . 2012-07-14 12:20	114176	----a-w-	c:\windows\system32\admparse.dll
2012-07-14 12:20 . 2012-07-14 12:20	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2012-07-14 12:20 . 2012-07-14 12:20	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2012-07-14 12:20 . 2012-07-14 12:20	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2012-07-14 12:20 . 2012-07-14 12:20	89088	----a-w-	c:\windows\system32\ie4uinit.exe
2012-07-14 12:20 . 2012-07-14 12:20	85504	----a-w-	c:\windows\system32\iesetup.dll
2012-07-14 12:20 . 2012-07-14 12:20	82432	----a-w-	c:\windows\system32\icardie.dll
2012-07-14 12:20 . 2012-07-14 12:20	76800	----a-w-	c:\windows\system32\tdc.ocx
2012-07-14 12:20 . 2012-07-14 12:20	697344	----a-w-	c:\windows\system32\msfeeds.dll
2012-07-14 12:20 . 2012-07-14 12:20	603648	----a-w-	c:\windows\system32\vbscript.dll
2012-07-14 12:20 . 2012-07-14 12:20	55296	----a-w-	c:\windows\system32\msfeedsbs.dll
2012-07-14 12:20 . 2012-07-14 12:20	534528	----a-w-	c:\windows\system32\ieapfltr.dll
2012-07-14 12:20 . 2012-07-14 12:20	49664	----a-w-	c:\windows\system32\imgutil.dll
2012-07-14 12:20 . 2012-07-14 12:20	48640	----a-w-	c:\windows\system32\mshtmler.dll
2012-07-14 12:20 . 2012-07-14 12:20	452608	----a-w-	c:\windows\system32\dxtmsft.dll
2012-07-14 12:20 . 2012-07-14 12:20	448512	----a-w-	c:\windows\system32\html.iec
2012-07-14 12:20 . 2012-07-14 12:20	403248	----a-w-	c:\windows\system32\iedkcs32.dll
2012-07-14 12:20 . 2012-07-14 12:20	39936	----a-w-	c:\windows\system32\iernonce.dll
2012-07-14 12:20 . 2012-07-14 12:20	3695416	----a-w-	c:\windows\system32\ieapfltr.dat
2012-07-14 12:20 . 2012-07-14 12:20	30720	----a-w-	c:\windows\system32\licmgr10.dll
2012-07-14 12:20 . 2012-07-14 12:20	282112	----a-w-	c:\windows\system32\dxtrans.dll
2012-07-14 12:20 . 2012-07-14 12:20	249344	----a-w-	c:\windows\system32\webcheck.dll
2012-07-14 12:20 . 2012-07-14 12:20	165888	----a-w-	c:\windows\system32\iexpress.exe
2012-07-14 12:20 . 2012-07-14 12:20	160256	----a-w-	c:\windows\system32\wextract.exe
2012-07-14 12:20 . 2012-07-14 12:20	160256	----a-w-	c:\windows\system32\ieakeng.dll
2012-07-14 12:20 . 2012-07-14 12:20	145920	----a-w-	c:\windows\system32\iepeers.dll
2012-07-14 12:20 . 2012-07-14 12:20	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2012-07-14 12:20 . 2012-07-14 12:20	111616	----a-w-	c:\windows\system32\iesysprep.dll
2012-07-14 12:20 . 2012-07-14 12:20	10752	----a-w-	c:\windows\system32\msfeedssync.exe
2012-07-14 12:20 . 2012-07-14 12:20	103936	----a-w-	c:\windows\system32\inseng.dll
2012-07-12 21:20 . 2012-07-12 21:19	74195	----a-w-	C:\BdUninstallTool2012.07.12-11.19.15.reg
2012-07-03 11:46 . 2012-07-15 12:23	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-06-30 06:46 . 2012-07-30 10:22	95744	----a-w-	c:\windows\system32\pdfcmon.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:41	120104	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-05 39408]
"Gadwin PrintScreen"="c:\program files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" [2011-05-03 487424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-09-24 261888]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-25 588648]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-10 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-11-01 1094736]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-29 419112]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2010-01-18 181480]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-11-10 417792]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2009-09-12 103768]
"YouTubeDownloader_upgrade"="c:\program files (x86)\E-Zsoft\YouTubeDownloader\YouTubeDownloader.exe" [2010-05-20 394240]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2012-05-23 296056]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2011-1-20 576000]
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
Registration Prince of Persia Warrior Within.LNK - c:\program files (x86)\Ubisoft\Prince of Persia Warrior Within\Support\Register\RegistrationReminder.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodeMeter Control Center.lnk - c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [2010-6-30 6871440]
Online plug-in.lnk - c:\windows\Installer\{B8A2256E-6225-4D9E-B1C9-C26CA1E22FEB}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe [2010-3-4 73728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\Drivers\eusk2par-amd64.sys [2005-11-21 33792]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-30 135664]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-07-22 40448]
R3 Arrakis3;BitDefender Arrakis-server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-10-19 278224]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-07 1436424]
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-30 135664]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-04 114144]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-27 1255736]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [2012-09-07 88144]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2012-09-07 89680]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2009-09-08 87600]
S1 MIPFSv364;MIPFSv364;c:\windows\system32\drivers\MIPFSv364.sys [2010-09-20 190504]
S1 MIPv464;MIPv464;c:\windows\system32\drivers\MIPv464.sys [2010-11-02 66680]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-10 202752]
S2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [2010-01-19 103944]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2010-06-30 2067344]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
S2 FlexNET SCIA;FlexNET SCIA;c:\program files (x86)\SCIA\FlexNET\lmgrd.exe [2009-11-21 1334096]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-24 62720]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-02-03 427192]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [2010-01-29 163936]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-08-06 320040]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
Inhoud van de 'Gedeelde Taken' map
.
2012-09-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-04 13:00]
.
2012-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-30 13:34]
.
2012-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-30 13:34]
.
2012-09-07 c:\windows\Tasks\SpeedyPC Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-08-29 c:\windows\Tasks\SpeedyPC Update Version3.job
- c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2012-01-30 22:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	97792	----a-w-	c:\users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	97792	----a-w-	c:\users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	97792	----a-w-	c:\users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:44	137512	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-07-22 323072]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-11 349480]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-29 8312352]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-01-06 200704]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 823840]
"BitDefender Antiphishing Helper 32"="c:\program files\BitDefender\BitDefender 2010\Antispam32\IEShow.exe" [2009-10-19 71152]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2009-10-19 76296]
"BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2012-09-07 1702496]
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://isearch.avg.com/?cid={A5339C52-B8D5-4733-9207-E6D3F10E42BC}&mid=e6e1564f5e7d47d19de9d16f6b9d3d2c-4940c124ba3ea5841cdecf5f298b20d514eeb295&lang=nl&ds=st011&pr=sa&d=2012-03-07 16:03&v=10.0.0.7&sap=hp
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Tom\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\sd9czh3v.default\
FF - prefs.js: browser.startup.homepage - hxxp://by159w.bay159.mail.live.com/default.aspx
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000.10005&q=
.
- - - - ORPHANS VERWIJDERD - - - -
.
Wow6432Node-HKLM-Run-Freecorder FLV Service - c:\program files (x86)\Freecorder\FLVSrvc.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-761200818-1682720771-1100777243-1001\Software\SecuROM\License information*]
"datasecu"=hex:3b,41,47,b2,9f,83,06,cf,e8,31,98,a1,e6,01,ca,a6,24,82,96,6a,e4,
   6f,4c,b3,cf,36,ae,5a,36,f0,d1,71,c0,f9,be,d5,59,43,c0,2b,b0,ea,ca,33,81,6e,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\SCIA\FlexNET\SCIA.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files (x86)\Citrix\ICA Client\ssonsvr.exe
.
**************************************************************************
.
Voltooingstijd: 2012-09-08  16:07:04 - machine werd herstart
ComboFix-quarantined-files.txt  2012-09-08 14:07
ComboFix2.txt  2012-07-13 00:05
.
Pre-Run: 318.379.298.816 bytes beschikbaar
Post-Run: 318.231.375.872 bytes beschikbaar
.
- - End Of File - - B17188F3ACB07AA328ECE5A67CABAE63