ComboFix 14-08-12.01 - Gebruiker 12-08-2014 17:19:03.1.4 - x64 Gestart vanuit: f:\downloads\ComboFix.exe * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe c:\users\Gebruiker\AppData\Roaming\Gebruikerlog.dat c:\windows\XSxS . . (((((((((((((((((((( Bestanden Gemaakt van 2014-07-12 to 2014-08-12 )))))))))))))))))))))))))))))) . . 2014-08-12 15:24 . 2014-08-12 15:24 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-08-12 14:15 . 2014-08-12 14:15 -------- d-----w- c:\programdata\Oracle 2014-08-12 14:15 . 2014-08-12 14:15 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2014-08-12 14:14 . 2014-08-12 14:14 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{163E188A-08A2-453F-82E8-EDFF8238005C}\offreg.dll 2014-08-12 07:42 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{163E188A-08A2-453F-82E8-EDFF8238005C}\mpengine.dll 2014-08-11 18:21 . 2014-08-12 07:57 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-08-11 18:20 . 2014-08-11 18:23 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2014-08-11 18:20 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys 2014-08-11 18:20 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-08-11 18:20 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-08-11 13:48 . 2014-08-11 13:48 -------- d-----w- C:\rsit 2014-07-31 08:55 . 2014-07-31 08:34 24064 ----a-w- c:\windows\zoek-delete.exe 2014-07-31 08:55 . 2014-08-12 15:24 -------- d-----w- c:\users\Gebruiker\AppData\Local\Temp 2014-07-31 06:06 . 2014-08-12 07:38 -------- d-----w- c:\windows\system32\wbem\repository 2014-07-28 12:56 . 2014-07-28 12:56 -------- d-----w- C:\MGADiagToolOutput 2014-07-28 12:55 . 2014-07-28 12:55 -------- d-----w- c:\programdata\Office Genuine Advantage . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-07-09 09:56 . 2012-11-01 16:18 96441528 ----a-w- c:\windows\system32\MRT.exe 2014-06-30 02:09 . 2014-07-09 06:49 519168 ----a-w- c:\windows\system32\aepdu.dll 2014-06-30 02:04 . 2014-07-09 06:49 424448 ----a-w- c:\windows\system32\aeinv.dll 2014-06-20 20:14 . 2014-07-09 06:49 266424 ----a-w- c:\windows\system32\iedkcs32.dll 2014-06-19 01:39 . 2014-07-09 06:49 23464448 ----a-w- c:\windows\system32\mshtml.dll 2014-06-19 01:06 . 2014-07-09 06:49 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2014-06-19 01:06 . 2014-07-09 06:49 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll 2014-06-19 00:48 . 2014-07-09 06:49 2768384 ----a-w- c:\windows\system32\iertutil.dll 2014-06-19 00:42 . 2014-07-09 06:49 548352 ----a-w- c:\windows\system32\vbscript.dll 2014-06-19 00:42 . 2014-07-09 06:49 66048 ----a-w- c:\windows\system32\iesetup.dll 2014-06-19 00:41 . 2014-07-09 06:49 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll 2014-06-19 00:41 . 2014-07-09 06:49 83968 ----a-w- c:\windows\system32\MshtmlDac.dll 2014-06-19 00:32 . 2014-07-09 06:49 51200 ----a-w- c:\windows\system32\jsproxy.dll 2014-06-19 00:31 . 2014-07-09 06:49 33792 ----a-w- c:\windows\system32\iernonce.dll 2014-06-19 00:26 . 2014-07-09 06:49 598016 ----a-w- c:\windows\system32\ieui.dll 2014-06-19 00:24 . 2014-07-09 06:49 139264 ----a-w- c:\windows\system32\ieUnatt.exe 2014-06-19 00:24 . 2014-07-09 06:49 111616 ----a-w- c:\windows\system32\ieetwcollector.exe 2014-06-19 00:23 . 2014-07-09 06:49 752640 ----a-w- c:\windows\system32\jscript9diag.dll 2014-06-19 00:14 . 2014-07-09 06:49 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2014-06-19 00:09 . 2014-07-09 06:49 452608 ----a-w- c:\windows\system32\dxtmsft.dll 2014-06-18 23:59 . 2014-07-09 06:49 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll 2014-06-18 23:56 . 2014-07-09 06:49 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb 2014-06-18 23:53 . 2014-07-09 06:49 195584 ----a-w- c:\windows\system32\msrating.dll 2014-06-18 23:51 . 2014-07-09 06:49 5721088 ----a-w- c:\windows\system32\jscript9.dll 2014-06-18 23:50 . 2014-07-09 06:49 85504 ----a-w- c:\windows\system32\mshtmled.dll 2014-06-18 23:48 . 2014-07-09 06:49 292864 ----a-w- c:\windows\system32\dxtrans.dll 2014-06-18 23:39 . 2014-07-09 06:49 608768 ----a-w- c:\windows\system32\ie4uinit.exe 2014-06-18 23:38 . 2014-07-09 06:49 455168 ----a-w- c:\windows\SysWow64\vbscript.dll 2014-06-18 23:37 . 2014-07-09 06:49 61952 ----a-w- c:\windows\SysWow64\iesetup.dll 2014-06-18 23:36 . 2014-07-09 06:49 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll 2014-06-18 23:35 . 2014-07-09 06:49 62464 ----a-w- c:\windows\SysWow64\MshtmlDac.dll 2014-06-18 23:33 . 2014-07-09 06:49 631808 ----a-w- c:\windows\system32\msfeeds.dll 2014-06-18 23:27 . 2014-07-09 06:49 1249280 ----a-w- c:\windows\system32\mshtmlmedia.dll 2014-06-18 23:27 . 2014-07-09 06:49 2040832 ----a-w- c:\windows\system32\inetcpl.cpl 2014-06-18 23:23 . 2014-07-09 06:49 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2014-06-18 23:22 . 2014-07-09 06:49 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll 2014-06-18 23:06 . 2014-07-09 06:49 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll 2014-06-18 22:58 . 2014-07-09 06:49 2266112 ----a-w- c:\windows\system32\wininet.dll 2014-06-18 22:52 . 2014-07-09 06:49 4254720 ----a-w- c:\windows\SysWow64\jscript9.dll 2014-06-18 22:51 . 2014-07-09 06:49 13527040 ----a-w- c:\windows\system32\ieframe.dll 2014-06-18 22:46 . 2014-07-09 06:49 1068032 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2014-06-18 22:45 . 2014-07-09 06:49 1964544 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2014-06-18 22:34 . 2014-07-09 06:49 1393664 ----a-w- c:\windows\system32\urlmon.dll 2014-06-18 22:15 . 2014-07-09 06:49 846336 ----a-w- c:\windows\system32\ieapfltr.dll 2014-06-18 22:13 . 2014-07-09 06:49 1791488 ----a-w- c:\windows\SysWow64\wininet.dll 2014-06-18 02:18 . 2014-07-09 06:49 692736 ----a-w- c:\windows\system32\osk.exe 2014-06-18 01:51 . 2014-07-09 06:49 646144 ----a-w- c:\windows\SysWow64\osk.exe 2014-06-18 01:10 . 2014-07-09 06:49 3157504 ----a-w- c:\windows\system32\win32k.sys 2014-06-10 10:39 . 2014-02-15 11:05 92768 ----a-w- c:\windows\system32\drivers\klflt.sys 2014-06-10 10:39 . 2014-02-15 11:05 628288 ----a-w- c:\windows\system32\drivers\klif.sys 2014-06-06 10:10 . 2014-07-09 06:49 624128 ----a-w- c:\windows\system32\qedit.dll 2014-06-06 09:44 . 2014-07-09 06:49 509440 ----a-w- c:\windows\SysWow64\qedit.dll 2014-06-05 14:45 . 2014-07-09 06:48 1460736 ----a-w- c:\windows\system32\lsasrv.dll 2014-06-05 14:26 . 2014-07-09 06:48 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2014-06-05 14:25 . 2014-07-09 06:48 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2014-05-30 08:08 . 2014-07-09 06:49 210944 ----a-w- c:\windows\system32\wdigest.dll 2014-05-30 08:08 . 2014-07-09 06:49 86528 ----a-w- c:\windows\system32\TSpkg.dll 2014-05-30 08:08 . 2014-07-09 06:49 340992 ----a-w- c:\windows\system32\schannel.dll 2014-05-30 08:08 . 2014-07-09 06:49 314880 ----a-w- c:\windows\system32\msv1_0.dll 2014-05-30 08:08 . 2014-07-09 06:49 307200 ----a-w- c:\windows\system32\ncrypt.dll 2014-05-30 08:08 . 2014-07-09 06:49 728064 ----a-w- c:\windows\system32\kerberos.dll 2014-05-30 08:08 . 2014-07-09 06:49 22016 ----a-w- c:\windows\system32\credssp.dll 2014-05-30 07:52 . 2014-07-09 06:49 172032 ----a-w- c:\windows\SysWow64\wdigest.dll 2014-05-30 07:52 . 2014-07-09 06:49 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll 2014-05-30 07:52 . 2014-07-09 06:49 247808 ----a-w- c:\windows\SysWow64\schannel.dll 2014-05-30 07:52 . 2014-07-09 06:49 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll 2014-05-30 07:52 . 2014-07-09 06:49 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll 2014-05-30 07:52 . 2014-07-09 06:49 550912 ----a-w- c:\windows\SysWow64\kerberos.dll 2014-05-30 07:52 . 2014-07-09 06:49 17408 ----a-w- c:\windows\SysWow64\credssp.dll 2014-05-30 06:45 . 2014-07-09 06:49 497152 ----a-w- c:\windows\system32\drivers\afd.sys 2014-05-20 02:44 . 2014-05-26 15:39 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll 2014-05-20 02:44 . 2014-05-26 15:39 895776 ----a-w- c:\windows\system32\NvIFR64.dll 2014-05-20 02:44 . 2014-05-26 15:39 892704 ----a-w- c:\windows\system32\NvFBC64.dll 2014-05-20 02:44 . 2014-05-26 15:39 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll 2014-05-20 02:44 . 2014-05-26 15:39 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll 2014-05-20 02:44 . 2014-05-26 15:39 837056 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2014-05-20 02:44 . 2014-05-26 15:39 354016 ----a-w- c:\windows\system32\nvoglshim64.dll 2014-05-20 02:44 . 2014-05-26 15:39 31520 ----a-w- c:\windows\system32\nvhdap64.dll 2014-05-20 02:44 . 2014-05-26 15:39 31387936 ----a-w- c:\windows\system32\nvoglv64.dll 2014-05-20 02:44 . 2014-05-26 15:39 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll 2014-05-20 02:44 . 2014-05-26 15:39 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2014-05-20 02:44 . 2014-05-26 15:39 197408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys 2014-05-20 02:44 . 2014-05-26 15:39 1889112 ----a-w- c:\windows\system32\nvdispco6433788.dll 2014-05-20 02:44 . 2014-05-26 15:39 166568 ----a-w- c:\windows\system32\nvinitx.dll 2014-05-20 02:44 . 2014-05-26 15:39 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2014-05-20 02:44 . 2014-05-26 15:39 1541576 ----a-w- c:\windows\system32\nvdispgenco6433788.dll 2014-05-20 02:44 . 2014-05-26 15:39 146480 ----a-w- c:\windows\SysWow64\nvinit.dll 2014-05-20 02:44 . 2014-05-26 15:39 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2014-05-20 02:44 . 2014-05-26 15:39 11599072 ----a-w- c:\windows\system32\nvopencl.dll 2014-05-20 02:44 . 2014-05-26 15:39 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll 2014-05-20 02:44 . 2014-05-26 15:39 3141976 ----a-w- c:\windows\system32\nvcuvid.dll 2014-05-20 02:44 . 2014-05-26 15:39 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2014-05-20 02:44 . 2014-05-26 15:39 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll 2014-05-20 02:44 . 2014-05-26 15:39 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll 2014-05-20 02:44 . 2014-05-26 15:39 25256224 ----a-w- c:\windows\system32\nvcompiler.dll 2014-05-20 02:44 . 2014-05-26 15:39 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2014-05-20 02:44 . 2014-05-26 15:39 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2014-05-20 02:44 . 2014-05-26 15:39 11644928 ----a-w- c:\windows\system32\nvcuda.dll 2014-05-20 02:44 . 2013-04-13 16:14 1515296 ----a-w- c:\windows\system32\nvhdagenco6420103.dll 2014-05-20 02:44 . 2013-02-25 22:32 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2014-04-24 17:26 223432 ----a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2014-04-24 17:26 223432 ----a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2014-04-24 17:26 223432 ----a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon] @="{dd230880-495a-11d1-b064-008048ec2fc5}" [HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}] 2014-04-23 14:44 458944 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-08-16 2736128] "DAEMON Tools Lite"="f:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] "72FE543E55C56A623C5B190740454A8A8B79F232._service_run"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-07-15 860488] "Spotify Web Helper"="c:\users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-05-20 1176632] "GoogleChromeAutoLaunch_5FEA36A39174F28C3634662B2D565CAA"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-07-15 860488] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "MDS_Menu"="c:\program files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408] "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-12-15 103720] "LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" [2012-11-03 27760] "UnlockerAssistant"="f:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904] "CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448] "IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2012-03-26 449168] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888] "TrayServer"="c:\program files (x86)\MAGIX\Video_deluxe_16_Plus_Download-versie\TrayServer.exe" [2008-09-10 90112] "PowerDVD13Agent"="f:\program files (x86)\CyberLink\PowerDVD13\PowerDVD13\PowerDVD13Agent.exe" [2013-07-05 517144] "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2013-09-05 3478392] "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe" [2013-11-28 356128] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 CyberLink PowerDVD 13 Media Server Monitor Service;CyberLink PowerDVD 13 Media Server Monitor Service;f:\program files (x86)\CyberLink\PowerDVD13\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe;f:\program files (x86)\CyberLink\PowerDVD13\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [x] R2 CyberLink PowerDVD 13 Media Server Service;CyberLink PowerDVD 13 Media Server Service;f:\program files (x86)\CyberLink\PowerDVD13\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe;f:\program files (x86)\CyberLink\PowerDVD13\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [x] R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x] R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\DRIVERS\CSCrySec.sys;c:\windows\SYSNATIVE\DRIVERS\CSCrySec.sys [x] S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x] S1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\DRIVERS\CSVirtualDiskDrv.sys;c:\windows\SYSNATIVE\DRIVERS\CSVirtualDiskDrv.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x] S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x] S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x] S2 {09F57980-3432-4AFC-957D-27AC45FAE1F5};Power Control [2013/10/14 13:09];f:\program files (x86)\CyberLink\PowerDVD13\PowerDVD13\Common\NavFilter\000.fcl;f:\program files (x86)\CyberLink\PowerDVD13\PowerDVD13\Common\NavFilter\000.fcl [x] S2 CSObjectsSrv;CryptoStorage control service;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [x] S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x] S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 WlanWpsSvc;WlanWpsSvc;c:\program files (x86)\Thomson\TG122n\WlanWpsSvc.exe;c:\program files (x86)\Thomson\TG122n\WlanWpsSvc.exe [x] S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-08-16 12:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-07-17 16:22 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2014-08-12 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-04 13:02] . 2014-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-02 15:38] . 2014-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-02 15:38] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2014-04-24 17:26 262344 ----a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2014-04-24 17:26 262344 ----a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2014-04-24 17:26 262344 ----a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon] @="{dd230880-495a-11d1-b064-008048ec2fc5}" [HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}] 2014-04-23 14:44 491200 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-27 11660904] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-03-20 1797064] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler] "{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "f:\program files (x86)\Stardock\ObjectDockPlus2\ODMenu64.dll" [2010-03-24 633200] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.nl/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000 IE: Toevoegen aan Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm TCP: DhcpNameServer = 192.168.2.254 . - - - - ORPHANS VERWIJDERD - - - - . Wow6432Node-HKLM-Run-UpdateLBPShortCut - c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe Wow6432Node-HKLM-Run-UpdateP2GoShortCut - c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe Wow6432Node-HKLM-Run-UpdatePPShortCut - c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe Wow6432Node-HKLM-Run-UCam_Menu - c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe Wow6432Node-HKLM-Run-UpdatePSTShortCut - c:\program files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe Wow6432Node-HKLM-Run- - (no file) ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file) AddRemove-ObjectDock Plus 2 - c:\programdata\{0F4A7EFE-5950-4389-BF36-1E625D72456B}\shareware.exe AddRemove-{69d72156-6582-4556-8637-06f40aa7f85b} - c:\programdata\Package Cache\{69d72156-6582-4556-8637-06f40aa7f85b}\ImageResizerSetup.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\{09F57980-3432-4AFC-957D-27AC45FAE1F5}] "ImagePath"="\??\f:\program files (x86)\CyberLink\PowerDVD13\PowerDVD13\Common\NavFilter\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2014-08-12 17:25:55 ComboFix-quarantined-files.txt 2014-08-12 15:25 . Pre-Run: 915.638.353.920 bytes beschikbaar Post-Run: 915.505.876.992 bytes beschikbaar . - - End Of File - - 16D319961A61FE5FB11D935D6A8543FE A36C5E4F47E84449FF07ED3517B43A31