ComboFix 14-10-24.01 - Gebruiker 25-10-2014 11:13:41.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8131.6200 [GMT 2:00] Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe AV: Panda Antivirus Pro 2014 *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59} FW: Panda Personal Firewall 2014 *Disabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22} SP: Panda Antivirus Pro 2014 *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\CFLog c:\cflog\EPLog.txt c:\users\Gebruiker\Desktop\Internet Explorer.lnk c:\users\Gebruiker\Documents\DCSCMIN c:\windows\capsys184523.log c:\windows\windefendam.log . . (((((((((((((((((((( Bestanden Gemaakt van 2014-09-25 to 2014-10-25 )))))))))))))))))))))))))))))) . . 2014-10-24 19:34 . 2014-10-24 19:34 -------- d-----w- c:\program files (x86)\ESET 2014-10-24 18:03 . 2014-10-24 22:08 -------- d-----w- c:\users\Gebruiker\AppData\Local\Arma 3 2014-10-24 18:03 . 2014-10-24 18:03 -------- d-----w- c:\programdata\Bohemia Interactive 2014-10-24 17:53 . 2014-10-24 17:53 -------- d-----w- c:\windows\Migration 2014-10-23 17:33 . 2014-10-23 17:39 -------- d-----w- c:\users\Gebruiker\Heaven 2014-10-22 23:01 . 2014-10-22 23:05 -------- d-----w- c:\program files (x86)\ Borderlands The Pre-Sequel 2014-10-22 20:44 . 2014-10-22 19:15 24064 ----a-w- c:\windows\zoek-delete.exe 2014-10-22 20:44 . 2014-10-25 09:21 -------- d-----w- c:\users\Gebruiker\AppData\Local\Temp 2014-10-22 19:14 . 2014-10-22 19:14 -------- d-----w- c:\program files (x86)\Common Files\Java 2014-10-21 12:37 . 2014-10-21 12:37 -------- d-----w- c:\programdata\Nexon 2014-10-21 12:21 . 2014-10-21 12:21 -------- d-----w- c:\program files (x86)\NEXON 2014-10-21 12:20 . 2014-10-21 12:21 136292055 ----a-w- c:\users\Gebruiker\Setup-4.bin 2014-10-21 12:15 . 2014-10-21 12:20 2000000000 ----a-w- c:\users\Gebruiker\Setup-3.bin 2014-10-21 12:09 . 2014-10-21 12:15 2000000000 ----a-w- c:\users\Gebruiker\Setup-2.bin 2014-10-21 12:04 . 2014-10-21 12:09 1999496704 ----a-w- c:\users\Gebruiker\Setup-1.bin 2014-10-21 12:03 . 2014-10-23 14:04 -------- d-----w- c:\users\Gebruiker\AppData\Local\Akamai 2014-10-17 18:05 . 2014-10-17 18:05 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\springlobby 2014-10-17 16:27 . 2014-10-17 16:27 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Mirillis 2014-10-17 16:27 . 2014-10-17 16:27 -------- d-----w- c:\programdata\Mirillis 2014-10-17 16:27 . 2014-10-17 16:27 -------- d-----w- c:\users\Gebruiker\AppData\Local\Mirillis 2014-10-17 16:27 . 2014-10-22 22:25 -------- d-----w- c:\program files (x86)\Mirillis 2014-10-07 16:50 . 2014-10-07 16:50 -------- d-----w- c:\program files\Oracle 2014-10-07 16:36 . 2014-09-09 15:29 910920 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2014-10-07 16:36 . 2014-09-09 15:27 129168 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2014-09-30 18:40 . 2014-09-30 18:40 -------- d-----w- c:\program files (x86)\SplitmediaLabs 2014-09-30 18:31 . 2014-09-30 18:35 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\OBS 2014-09-30 18:30 . 2014-09-30 18:30 -------- d-----w- c:\program files\OBS 2014-09-30 18:30 . 2014-09-30 18:30 -------- d-----w- c:\program files (x86)\OBS 2014-09-30 18:29 . 2014-09-30 18:29 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\SplitmediaLabs 2014-09-25 16:25 . 2014-09-25 16:25 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\LolClient 2014-09-25 15:40 . 2014-09-25 15:40 -------- d-----w- c:\program files (x86)\Common Files\Skype . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-10-24 19:08 . 2014-07-24 08:37 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin 2014-10-22 19:13 . 2014-01-28 11:50 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2014-10-21 15:58 . 2013-10-07 16:30 215416 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2014-10-20 16:52 . 2014-09-16 14:55 76152 ----a-w- c:\windows\system32\PnkBstrA.exe 2014-10-20 16:52 . 2013-10-07 16:30 215416 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2014-10-20 15:57 . 2013-10-07 16:30 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2014-10-04 06:42 . 2014-07-29 20:37 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll 2014-10-04 06:42 . 2013-12-27 22:19 2197680 ----a-w- c:\windows\SysWow64\nvspcap.dll 2014-10-04 06:41 . 2014-07-29 20:37 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll 2014-10-04 06:41 . 2013-12-27 22:19 2800296 ----a-w- c:\windows\system32\nvspcap64.dll 2014-10-01 13:38 . 2014-07-21 13:41 175136 ----a-w- c:\windows\SysWow64\EasyAntiCheat.exe 2014-09-24 15:01 . 2013-01-08 08:46 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-09-24 15:01 . 2013-01-08 08:46 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-09-14 11:21 . 2013-12-19 21:18 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2014-09-09 15:27 . 2014-09-09 15:27 142528 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys 2014-09-04 19:14 . 2014-09-24 16:56 38048 ----a-w- c:\windows\system32\drivers\nvvad64v.sys 2014-09-04 19:14 . 2014-09-24 16:56 32416 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll 2014-09-04 19:14 . 2013-10-07 16:34 34976 ----a-w- c:\windows\system32\nvaudcap64v.dll 2014-08-25 04:53 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe 2014-08-23 18:43 . 2014-08-23 18:43 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll 2014-08-23 18:43 . 2014-08-23 18:43 100312 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys 2014-08-23 18:42 . 2014-08-23 18:42 941272 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2014-08-23 18:42 . 2014-08-23 18:42 73800 ----a-w- c:\windows\system32\RtNicProp64.dll 2014-08-23 18:42 . 2013-01-05 11:01 107552 ----a-w- c:\windows\system32\RTNUninst64.dll 2014-08-23 18:41 . 2014-08-23 18:41 948952 ----a-w- c:\windows\system32\RCoInstII64.dll 2014-08-23 18:41 . 2014-08-23 18:41 947760 ----a-w- c:\windows\system32\SFSS_APO.dll 2014-08-23 18:41 . 2014-08-23 18:41 942384 ----a-w- c:\windows\system32\NAHIMICAPOSettingsIPC.dll 2014-08-23 18:41 . 2014-08-23 18:41 889592 ----a-w- c:\windows\system32\sl3apo64.dll 2014-08-23 18:41 . 2014-08-23 18:41 871856 ----a-w- c:\windows\system32\tossaeapo64.dll 2014-08-23 18:41 . 2014-08-23 18:41 75024 ----a-w- c:\windows\system32\R4EEG64A.dll 2014-08-23 18:41 . 2014-08-23 18:41 724728 ----a-w- c:\windows\system32\sltech64.dll 2014-08-23 18:41 . 2014-08-23 18:41 7164176 ----a-w- c:\windows\system32\R4EEP64A.dll 2014-08-23 18:41 . 2014-08-23 18:41 628952 ----a-w- c:\windows\system32\RtDataProc64.dll 2014-08-23 18:41 . 2014-08-23 18:41 60636160 ----a-w- c:\windows\system32\RCoRes64.dat 2014-08-23 18:41 . 2014-08-23 18:41 582056 ----a-w- c:\windows\system32\tosasfapo64.dll 2014-08-23 18:41 . 2014-08-23 18:41 434960 ----a-w- c:\windows\system32\R4EED64A.dll 2014-08-23 18:41 . 2014-08-23 18:41 3962840 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys 2014-08-23 18:41 . 2014-08-23 18:41 2834648 ----a-w- c:\windows\system32\RtPgEx64.dll 2014-08-23 18:41 . 2014-08-23 18:41 2800344 ----a-w- c:\windows\system32\RltkAPO64.dll 2014-08-23 18:41 . 2014-08-23 18:41 246008 ----a-w- c:\windows\system32\slprp64.dll 2014-08-23 18:41 . 2014-08-23 18:41 2162992 ----a-w- c:\windows\system32\YamahaAE.dll 2014-08-23 18:41 . 2014-08-23 18:41 2117424 ----a-w- c:\windows\system32\SStudio.dll 2014-08-23 18:41 . 2014-08-23 18:41 2101848 ----a-w- c:\windows\system32\WavesGUILib64.dll 2014-08-23 18:41 . 2014-08-23 18:41 1959128 ----a-w- c:\windows\system32\RTSnMg64.cpl 2014-08-23 18:41 . 2014-08-23 18:41 162224 ----a-w- c:\windows\system32\toseaeapo64.dll 2014-08-23 18:41 . 2014-08-23 18:41 141584 ----a-w- c:\windows\system32\R4EEL64A.dll 2014-08-23 18:41 . 2014-08-23 18:41 1286872 ----a-w- c:\windows\system32\RTCOM64.dll 2014-08-23 18:41 . 2014-08-23 18:41 124176 ----a-w- c:\windows\system32\R4EEA64A.dll 2014-08-23 18:41 . 2014-08-23 18:41 1048824 ----a-w- c:\windows\system32\slcnt64.dll 2014-08-23 18:41 . 2014-08-23 18:41 1022168 ----a-w- c:\windows\system32\RtkApi64.dll 2014-08-23 18:41 . 2014-08-23 18:41 5751048 ----a-w- c:\windows\system32\NAHIMICAPOlfx.dll 2014-08-23 18:41 . 2014-08-23 18:41 956504 ----a-w- c:\windows\system32\MaxxVoiceAPO2064.dll 2014-08-23 18:41 . 2014-08-23 18:41 906800 ----a-w- c:\windows\system32\MISS_APO.dll 2014-08-23 18:41 . 2014-08-23 18:41 900696 ----a-w- c:\windows\SysWow64\MaxxAudioAPOShell.dll 2014-08-23 18:41 . 2014-08-23 18:41 662784 ----a-w- c:\windows\system32\MaxxVolumeSDAPO.dll 2014-08-23 18:41 . 2014-08-23 18:41 3959384 ----a-w- c:\windows\system32\MaxxAudioVnN64.dll 2014-08-23 18:41 . 2014-08-23 18:41 28343384 ----a-w- c:\windows\system32\MaxxAudioVnA64.dll 2014-08-23 18:41 . 2014-08-23 18:41 2041432 ----a-w- c:\windows\system32\MaxxAudioEQ64.dll 2014-08-23 18:41 . 2014-08-23 18:41 1934424 ----a-w- c:\windows\system32\MaxxAudioRealtek264.dll 2014-08-23 18:41 . 2014-08-23 18:41 14863448 ----a-w- c:\windows\system32\MaxxAudioRealtek64.dll 2014-08-23 18:41 . 2014-08-23 18:41 1313904 ----a-w- c:\windows\system32\MaxxSpeechAPO64.dll 2014-08-23 18:41 . 2014-08-23 18:41 12894808 ----a-w- c:\windows\system32\MaxxVoiceAPO3064.dll 2014-08-23 18:41 . 2014-08-23 18:41 1063512 ----a-w- c:\windows\system32\MaxxAudioAPOShell64.dll 2014-08-23 18:41 . 2014-08-23 18:41 1317976 ----a-w- c:\windows\system32\MaxxAudioAPO6064.dll 2014-08-23 18:41 . 2014-08-23 18:41 663296 ----a-w- c:\windows\system32\MaxxAudioAPO30.dll 2014-08-23 18:41 . 2014-08-23 18:41 6218072 ----a-w- c:\windows\system32\DDPP64A.dll 2014-08-23 18:41 . 2014-08-23 18:41 501184 ----a-w- c:\windows\system32\DTSU2PLFX64.dll 2014-08-23 18:41 . 2014-08-23 18:41 487360 ----a-w- c:\windows\system32\DTSU2PGFX64.dll 2014-08-23 18:41 . 2014-08-23 18:41 415680 ----a-w- c:\windows\system32\DTSU2PREC64.dll 2014-08-23 18:41 . 2014-08-23 18:41 33592 ----a-w- c:\windows\system32\audioLibVc.dll 2014-08-23 18:41 . 2014-08-23 18:41 315736 ----a-w- c:\windows\system32\DDPO64A.dll 2014-08-23 18:41 . 2014-08-23 18:41 291488 ----a-w- c:\windows\system32\ICEsoundAPO64.dll 2014-08-23 18:41 . 2014-08-23 18:41 2770976 ----a-w- c:\windows\system32\FMAPO64.dll 2014-08-23 18:41 . 2014-08-23 18:41 261464 ----a-w- c:\windows\system32\DDPA64.dll 2014-08-23 18:41 . 2014-08-23 18:41 209096 ----a-w- c:\windows\system32\AERTAC64.dll 2014-08-23 18:41 . 2014-08-23 18:41 1939800 ----a-w- c:\windows\system32\DDPD64A.dll 2014-08-23 18:41 . 2014-08-23 18:41 1168472 ----a-w- c:\windows\system32\MaxxAudioAPO5064.dll 2014-08-23 18:41 . 2014-08-23 18:41 1136728 ----a-w- c:\windows\system32\MaxxAudioAPO4064.dll 2014-08-23 18:41 . 2014-08-23 18:41 113576 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll 2014-08-23 18:41 . 2014-08-23 18:41 109848 ----a-w- c:\windows\system32\AcpiServiceVnA64.dll 2014-08-21 09:34 . 2012-07-17 13:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2014-08-21 03:43 . 2014-09-14 03:05 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{93D3DC75-2D2A-4C13-A220-FA840F578B06}\mpengine.dll 2014-08-20 22:57 . 2014-08-20 22:57 14175744 ----a-w- c:\windows\system32\shell32.dll 2014-08-20 22:57 . 2014-08-20 22:57 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2014-08-20 22:57 . 2014-08-20 22:57 2048 ----a-w- c:\windows\system32\tzres.dll 2014-08-20 22:56 . 2014-08-20 22:56 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll 2014-08-20 22:56 . 2014-08-20 22:56 1216000 ----a-w- c:\windows\system32\rpcrt4.dll 2014-08-20 22:56 . 2014-08-20 22:56 985536 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2014-08-20 22:56 . 2014-08-20 22:56 504320 ----a-w- c:\windows\system32\msihnd.dll 2014-08-20 22:56 . 2014-08-20 22:56 337408 ----a-w- c:\windows\SysWow64\msihnd.dll 2014-08-20 22:56 . 2014-08-20 22:56 3241984 ----a-w- c:\windows\system32\msi.dll 2014-08-20 22:56 . 2014-08-20 22:56 2363392 ----a-w- c:\windows\SysWow64\msi.dll 2014-08-20 22:56 . 2014-08-20 22:56 1941504 ----a-w- c:\windows\system32\authui.dll 2014-08-20 22:56 . 2014-08-20 22:56 1805824 ----a-w- c:\windows\SysWow64\authui.dll 2014-08-20 22:56 . 2014-08-20 22:56 112064 ----a-w- c:\windows\system32\consent.exe 2014-08-20 22:55 . 2014-08-20 22:55 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll 2014-08-20 22:55 . 2014-08-20 22:55 8856 ----a-w- c:\windows\SysWow64\icardres.dll 2014-08-20 22:55 . 2014-08-20 22:55 619672 ----a-w- c:\windows\SysWow64\icardagt.exe 2014-08-20 22:55 . 2014-08-20 22:55 8856 ----a-w- c:\windows\system32\icardres.dll 2014-08-20 22:55 . 2014-08-20 22:55 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2014-09-10 18:45 233128 ----a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2014-09-10 18:45 233128 ----a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2014-09-10 18:45 233128 ----a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gyazo"="c:\program files (x86)\Gyazo\GyStation.exe" [2013-10-30 2990304] "Spotify Web Helper"="c:\users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-10-08 1514040] "Akamai NetSession Interface"="c:\users\Gebruiker\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "APVXDWIN"="c:\program files (x86)\Panda Security\Panda Antivirus Pro 2014\APVXDWIN.EXE" [2013-09-30 1062880] "SCANINICIO"="c:\program files (x86)\Panda Security\Panda Antivirus Pro 2014\Inicio.exe" [2013-09-30 71648] "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-26 291608] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-03-06 133400] "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312] "Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-09-03 2237328] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x] R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x] R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x] R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x] R3 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x] R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys;c:\windows\SYSNATIVE\DRIVERS\Prot6Flt.sys [x] R3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys;c:\windows\SYSNATIVE\DRIVERS\PSKMAD.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x] R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x] R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x] R3 X6va013;X6va013;c:\windows\SysWOW64\Drivers\X6va013;c:\windows\SysWOW64\Drivers\X6va013 [x] R3 X6va016;X6va016;c:\windows\SysWOW64\Drivers\X6va016;c:\windows\SysWOW64\Drivers\X6va016 [x] S0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S0 pavboot;Panda boot driver;c:\windows\system32\Drivers\pavboot64.sys;c:\windows\SYSNATIVE\Drivers\pavboot64.sys [x] S1 ShldFlt;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShldFlt.sys;c:\windows\SYSNATIVE\DRIVERS\ShldFlt.sys [x] S2 AmFSM;AmFSM;c:\windows\system32\DRIVERS\amm6460.sys;c:\windows\SYSNATIVE\DRIVERS\amm6460.sys [x] S2 APPFLT;App Filter Plugin;c:\windows\system32\Drivers\APPFLT64.SYS;c:\windows\SYSNATIVE\Drivers\APPFLT64.SYS [x] S2 ASGT;ASGT;c:\windows\SysWOW64\ASGT.exe;c:\windows\SysWOW64\ASGT.exe [x] S2 DSAFLT;DSA Filter Plugin;c:\windows\system32\Drivers\DSAFLT64.SYS;c:\windows\SYSNATIVE\Drivers\DSAFLT64.SYS [x] S2 FNETMON;NetMon Filter Plugin;c:\windows\system32\Drivers\fnetm64.SYS;c:\windows\SYSNATIVE\Drivers\fnetm64.SYS [x] S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x] S2 IDSFLT;Ids Filter Plugin;c:\windows\system32\Drivers\IDSFLT64.SYS;c:\windows\SYSNATIVE\Drivers\IDSFLT64.SYS [x] S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x] S2 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\Drivers\NETTDI64.SYS;c:\windows\SYSNATIVE\Drivers\NETTDI64.SYS [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] S2 PskSvcRetail;Panda PSK service;c:\program files (x86)\Panda Security\Panda Antivirus Pro 2014\PskSvc.exe;c:\program files (x86)\Panda Security\Panda Antivirus Pro 2014\PskSvc.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] S2 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\Drivers\WNMFLT64.SYS;c:\windows\SYSNATIVE\Drivers\WNMFLT64.SYS [x] S3 clwvd6;CyberLink WebCam Virtual Driver 6.0 Service;c:\windows\system32\DRIVERS\clwvd6.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd6.sys [x] S3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] S3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\DRIVERS\n64i1644.sys;c:\windows\SYSNATIVE\DRIVERS\n64i1644.sys [x] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 PavTPK.sys;PavTPK.sys;c:\windows\system32\PavTPK.sys;c:\windows\SYSNATIVE\PavTPK.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-10-18 22:37 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2014-10-25 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-08 15:01] . 2014-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-13 15:56] . 2014-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-13 15:56] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2014-09-10 18:45 260776 ----a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2014-09-10 18:45 260776 ----a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2014-09-10 18:45 260776 ----a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-10-04 2800296] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-03-20 6468712] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-10-04 2463552] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-12-10 472984] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyServer = 86.82.238.152:5128 uInternet Settings,ProxyOverride = Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 192.168.2.254 . - - - - ORPHANS VERWIJDERD - - - - . Wow6432Node-HKCU-Run-AdobeBridge - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file) AddRemove-BattlEye for A2 - e:\steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe AddRemove-{7f51bdb9-ee21-49ee-94d6-90afc321780e} - c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe AddRemove-{8e70e4e1-06d7-470b-9f74-a51bef21088e} - c:\programdata\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe AddRemove-UnityWebPlayer - c:\users\Gebruiker\AppData\Local\Unity\WebPlayer\Uninstall.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011] "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va013] "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va013" . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va016] "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va016" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07, 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0, b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:d6,87,5b,a7,2d,2b,cf,01 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fb,48,31,79,0a,19,90,47,87,93,18,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fb,48,31,79,0a,19,90,47,87,93,18,\ . [HKEY_USERS\S-1-5-21-223674675-785221109-3218615783-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-223674675-785221109-3218615783-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_USERS\S-1-5-21-223674675-785221109-3218615783-1000\Software\SecuROM\License information*] "datasecu"=hex:75,c1,48,e8,0e,9f,51,e7,a1,d5,48,cd,39,0b,80,4c,dd,05,90,4c,5d, 18,c3,24,56,99,55,e3,8b,25,18,6c,d9,92,88,31,a8,66,7c,07,1a,cc,7d,97,cf,6c,\ "rkeysecu"=hex:da,70,bd,dd,d8,83,a0,21,87,46,21,75,3e,48,e9,f4 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.15" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Panda Security\Panda Antivirus Pro 2014\TPSrvWow.exe c:\program files (x86)\PANDA SECURITY\PANDA ANTIVIRUS PRO 2014\WebProxy.exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Panda Security\Panda Antivirus Pro 2014\PsCtrls.exe c:\program files (x86)\Panda Security\Panda Antivirus Pro 2014\PavFnSvr.exe c:\program files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe c:\program files (x86)\Panda Security\Panda Antivirus Pro 2014\pavsrvx86.exe c:\windows\system32\PnkBstrA.exe c:\program files (x86)\Panda Security\Panda Antivirus Pro 2014\Firewall\PSHOST.EXE c:\program files (x86)\Panda Security\Panda Antivirus Pro 2014\PsImSvc.exe c:\program files (x86)\Panda Security\Panda Antivirus Pro 2014\AVENGINE.EXE c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe . ************************************************************************** . Voltooingstijd: 2014-10-25 11:26:34 - machine werd herstart ComboFix-quarantined-files.txt 2014-10-25 09:26 . Pre-Run: 123.350.786.048 bytes beschikbaar Post-Run: 123.155.345.408 bytes beschikbaar . - - End Of File - - 1C99E443FC4C9029769C6C7D9A829D6C A36C5E4F47E84449FF07ED3517B43A31