ComboFix 15-01-22.02 - dannywintjens 22-01-2015  23:53:38.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.31.1043.18.32707.27667 [GMT 1:00]
Gestart vanuit: c:\users\dannywintjens\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\dannywintjens\23.txt
c:\users\dannywintjens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Bootcamp.exe.lnk
c:\users\dannywintjens\AppData\Roaming\poclbm120327GeForce GTX 680MXgv1w256l4.bin
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2014-12-22 to 2015-01-22  ))))))))))))))))))))))))))))))
.
.
2015-01-22 23:07 . 2015-01-22 23:07	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2015-01-21 23:33 . 2015-01-21 23:33	--------	d-----w-	c:\users\dannywintjens\AppData\Local\CrashRpt
2015-01-21 21:40 . 2015-01-21 21:40	--------	d-----w-	c:\programdata\Steam
2015-01-21 20:15 . 2015-01-21 20:15	--------	d-----w-	c:\users\dannywintjens\AppData\Local\Windows Live Writer
2015-01-21 20:15 . 2015-01-21 20:15	--------	d-----w-	c:\users\dannywintjens\AppData\Roaming\Windows Live Writer
2015-01-21 19:39 . 2015-01-21 19:39	--------	d-----w-	C:\2-click run
2015-01-21 19:19 . 2015-01-21 19:19	--------	d-----w-	c:\users\dannywintjens\AppData\Local\BridgeProject
2015-01-21 06:08 . 2014-12-02 10:26	11870360	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{752B09FD-C948-495A-9F19-E4A929A75AEA}\mpengine.dll
2015-01-20 01:57 . 2015-01-22 22:42	--------	d-----w-	C:\FRST
2015-01-20 01:12 . 2015-01-20 20:32	--------	d-----w-	c:\users\dannywintjens\AppData\Roaming\ZHP
2015-01-20 01:12 . 2015-01-20 01:12	--------	d-----w-	c:\program files (x86)\ZHPDiag
2015-01-19 21:27 . 2015-01-22 23:11	129752	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-19 21:27 . 2015-01-19 21:27	--------	d-----w-	c:\program files (x86)\Malwarebytes Anti-Malware
2015-01-19 21:27 . 2014-11-21 05:14	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-01-19 21:27 . 2014-11-21 05:14	93400	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-01-19 21:27 . 2014-11-21 05:14	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-01-19 20:10 . 2015-01-20 21:19	--------	d-----w-	C:\AdwCleaner
2015-01-19 19:01 . 2015-01-22 22:45	--------	d-----r-	c:\users\dannywintjens\Dropbox
2015-01-19 18:47 . 2015-01-19 13:09	24064	----a-w-	c:\windows\zoek-delete.exe
2015-01-19 18:46 . 2015-01-22 23:11	--------	d-----w-	c:\users\dannywintjens\AppData\Local\Temp
2015-01-19 04:20 . 2015-01-19 04:21	--------	d-----w-	C:\EEK
2015-01-18 15:36 . 2015-01-18 15:37	--------	d-----w-	c:\program files\trend micro
2015-01-15 20:21 . 2015-01-22 22:01	--------	d-----w-	c:\users\dannywintjens\AppData\Local\Replex64
2015-01-15 20:20 . 2015-01-15 20:20	--------	d-----w-	c:\program files\Replex
2015-01-14 19:03 . 2015-01-14 19:03	210432	----a-w-	c:\windows\system32\profsvc.dll
2015-01-14 19:03 . 2015-01-14 19:03	141312	----a-w-	c:\windows\system32\drivers\mrxdav.sys
2015-01-14 19:03 . 2015-01-14 19:03	52224	----a-w-	c:\windows\SysWow64\nlaapi.dll
2015-01-14 19:03 . 2015-01-14 19:03	303616	----a-w-	c:\windows\system32\nlasvc.dll
2015-01-14 19:03 . 2015-01-14 19:03	156672	----a-w-	c:\windows\SysWow64\ncsi.dll
2015-01-14 19:03 . 2015-01-14 19:03	87040	----a-w-	c:\windows\system32\TSWbPrxy.exe
2015-01-14 19:02 . 2015-01-14 19:02	5553592	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-01-14 19:02 . 2015-01-14 19:02	503808	----a-w-	c:\windows\system32\srcore.dll
2015-01-14 19:02 . 2015-01-14 19:02	50176	----a-w-	c:\windows\system32\srclient.dll
2015-01-14 19:02 . 2015-01-14 19:02	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2015-01-14 19:02 . 2015-01-14 19:02	3971512	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2015-01-14 19:02 . 2015-01-14 19:02	3916728	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2015-01-14 19:02 . 2015-01-14 19:02	296960	----a-w-	c:\windows\system32\rstrui.exe
2015-01-13 01:25 . 2015-01-13 01:26	--------	d-----w-	c:\program files\TAP-Windows
2015-01-13 01:25 . 2015-01-13 01:26	--------	d-----w-	c:\program files\OpenVPN
2015-01-02 13:06 . 2015-01-02 13:06	--------	d-----w-	c:\users\dannywintjens\AppData\Local\IsolatedStorage
2014-12-31 16:41 . 2014-12-31 17:18	--------	d-----w-	c:\users\dannywintjens\AppData\Local\Ubisoft Game Launcher
2014-12-31 16:40 . 2014-12-31 16:40	--------	d-----w-	c:\program files (x86)\Ubisoft
2014-12-30 09:17 . 2014-12-30 09:17	26528	----a-w-	c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2014-12-30 01:46 . 2014-12-30 01:46	144384	----a-w-	c:\windows\system32\ieUnatt.exe
2014-12-30 01:46 . 2014-12-30 01:46	115712	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-12-23 23:20 . 2014-12-23 23:20	165888	----a-w-	c:\windows\system32\charmap.exe
2014-12-23 23:20 . 2014-12-23 23:20	155136	----a-w-	c:\windows\SysWow64\charmap.exe
2014-12-23 23:18 . 2014-12-23 23:18	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-12-23 23:18 . 2014-12-23 23:18	2048	----a-w-	c:\windows\system32\tzres.dll
2014-12-23 23:18 . 2014-12-23 23:18	119296	----a-w-	c:\windows\system32\drivers\tdx.sys
2014-12-23 23:18 . 2014-12-23 23:18	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-12-23 23:18 . 2014-12-23 23:18	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-16 11:40 . 2014-01-17 13:31	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-16 11:40 . 2014-01-17 13:31	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-13 21:28 . 2014-10-04 17:08	32099472	----a-w-	c:\windows\system32\nvoglv64.dll
2015-01-13 21:28 . 2014-06-17 12:16	16040184	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2015-01-13 21:28 . 2014-08-20 19:20	14128496	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2015-01-13 21:28 . 2014-01-15 10:57	3293136	----a-w-	c:\windows\system32\nvapi64.dll
2015-01-06 03:36 . 2010-11-21 03:27	298120	------w-	c:\windows\system32\MpSigStub.exe
2014-12-20 08:18 . 2014-12-20 08:18	1876296	----a-w-	c:\windows\system32\nvdispco6434475.dll
2014-12-20 08:18 . 2014-12-20 08:18	1540424	----a-w-	c:\windows\system32\nvdispgenco6434475.dll
2014-12-13 08:03 . 2014-01-15 10:58	6859408	----a-w-	c:\windows\system32\nvcpl.dll
2014-12-13 08:03 . 2014-01-15 10:58	3513488	----a-w-	c:\windows\system32\nvsvc64.dll
2014-12-13 08:03 . 2014-01-15 10:58	935240	----a-w-	c:\windows\system32\nvvsvc.exe
2014-12-13 08:03 . 2014-01-15 10:58	62608	----a-w-	c:\windows\system32\nvshext.dll
2014-12-13 08:03 . 2014-01-15 10:58	386368	----a-w-	c:\windows\system32\nvmctray.dll
2014-12-13 08:03 . 2014-01-15 10:58	2558608	----a-w-	c:\windows\system32\nvsvcr.dll
2014-12-12 23:11 . 2014-06-17 12:17	4151176	----a-w-	c:\windows\system32\nvcoproc.bin
2014-12-12 02:21 . 2014-04-08 23:04	6656	----a-w-	c:\windows\system32\lpcio.dll
2014-12-09 22:21 . 2014-12-12 23:46	37184	----a-w-	c:\windows\system32\drivers\rzpmgrk.sys
2014-11-26 16:49 . 2014-11-26 16:49	358896	----a-w-	c:\windows\system32\drivers\iusb3hub.sys
2014-11-22 00:53 . 2014-03-20 17:28	1050432	----a-w-	c:\windows\system32\drivers\aswsnx.sys
2014-11-21 14:37 . 2014-11-21 14:37	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-11-21 14:37 . 2014-11-21 14:37	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-11-21 14:37 . 2014-11-21 14:37	241152	----a-w-	c:\windows\system32\pku2u.dll
2014-11-21 14:37 . 2014-11-21 14:37	186880	----a-w-	c:\windows\SysWow64\pku2u.dll
2014-11-21 14:37 . 2014-11-21 14:37	3241984	----a-w-	c:\windows\system32\msi.dll
2014-11-21 14:37 . 2014-11-21 14:37	2363904	----a-w-	c:\windows\SysWow64\msi.dll
2014-11-21 14:36 . 2014-11-21 14:36	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2014-11-21 14:36 . 2014-11-21 14:36	2048	----a-w-	c:\windows\system32\msxml3r.dll
2014-11-21 14:36 . 2014-11-21 14:36	1882624	----a-w-	c:\windows\system32\msxml3.dll
2014-11-21 14:36 . 2014-11-21 14:36	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2014-11-21 14:36 . 2014-11-21 14:36	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-11-21 14:36 . 2014-11-21 14:36	683520	----a-w-	c:\windows\system32\termsrv.dll
2014-11-21 14:36 . 2014-11-21 14:36	681984	----a-w-	c:\windows\SysWow64\adtschema.dll
2014-11-21 14:36 . 2014-11-21 14:36	681984	----a-w-	c:\windows\system32\adtschema.dll
2014-11-21 14:36 . 2014-11-21 14:36	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-11-21 14:36 . 2014-11-21 14:36	155064	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2014-11-21 14:36 . 2014-11-21 14:36	146432	----a-w-	c:\windows\SysWow64\msaudite.dll
2014-11-21 14:36 . 2014-11-21 14:36	146432	----a-w-	c:\windows\system32\msaudite.dll
2014-11-21 14:36 . 2014-11-21 14:36	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-11-21 14:34 . 2014-11-21 14:34	3198976	----a-w-	c:\windows\system32\win32k.sys
2014-11-21 14:34 . 2014-11-21 14:34	77824	----a-w-	c:\windows\system32\packager.dll
2014-11-21 14:34 . 2014-11-21 14:34	67584	----a-w-	c:\windows\SysWow64\packager.dll
2014-11-21 14:33 . 2014-11-21 14:33	861696	----a-w-	c:\windows\system32\oleaut32.dll
2014-11-21 14:33 . 2014-11-21 14:33	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2014-11-21 14:33 . 2014-11-21 14:33	680960	----a-w-	c:\windows\system32\audiosrv.dll
2014-11-21 14:33 . 2014-11-21 14:33	500224	----a-w-	c:\windows\system32\AUDIOKSE.dll
2014-11-21 14:33 . 2014-11-21 14:33	442880	----a-w-	c:\windows\SysWow64\AUDIOKSE.dll
2014-11-21 14:33 . 2014-11-21 14:33	440832	----a-w-	c:\windows\system32\AudioEng.dll
2014-11-21 14:33 . 2014-11-21 14:33	374784	----a-w-	c:\windows\SysWow64\AudioEng.dll
2014-11-21 14:33 . 2014-11-21 14:33	296448	----a-w-	c:\windows\system32\AudioSes.dll
2014-11-21 14:33 . 2014-11-21 14:33	284672	----a-w-	c:\windows\system32\EncDump.dll
2014-11-21 14:33 . 2014-11-21 14:33	195584	----a-w-	c:\windows\SysWow64\AudioSes.dll
2014-11-21 14:32 . 2014-11-21 14:32	878080	----a-w-	c:\windows\system32\IMJP10K.DLL
2014-11-21 14:32 . 2014-11-21 14:32	701440	----a-w-	c:\windows\SysWow64\IMJP10K.DLL
2014-11-21 14:31 . 2014-11-21 14:31	86528	----a-w-	c:\windows\system32\TSpkg.dll
2014-11-21 14:31 . 2014-11-21 14:31	65536	----a-w-	c:\windows\SysWow64\TSpkg.dll
2014-11-21 14:31 . 2014-11-21 14:31	342016	----a-w-	c:\windows\system32\schannel.dll
2014-11-21 14:31 . 2014-11-21 14:31	314880	----a-w-	c:\windows\system32\msv1_0.dll
2014-11-21 14:31 . 2014-11-21 14:31	309760	----a-w-	c:\windows\system32\ncrypt.dll
2014-11-21 14:31 . 2014-11-21 14:31	22016	----a-w-	c:\windows\system32\credssp.dll
2014-11-21 14:31 . 2014-11-21 14:31	210944	----a-w-	c:\windows\system32\wdigest.dll
2014-11-21 14:31 . 2014-11-21 14:31	17408	----a-w-	c:\windows\SysWow64\credssp.dll
2014-11-21 14:31 . 2014-11-21 14:31	259584	----a-w-	c:\windows\SysWow64\msv1_0.dll
2014-11-21 14:31 . 2014-11-21 14:31	248832	----a-w-	c:\windows\SysWow64\schannel.dll
2014-11-21 14:31 . 2014-11-21 14:31	221184	----a-w-	c:\windows\SysWow64\ncrypt.dll
2014-11-21 14:31 . 2014-11-21 14:31	172032	----a-w-	c:\windows\SysWow64\wdigest.dll
2014-11-21 14:21 . 2014-11-21 14:21	792560	----a-w-	c:\windows\system32\drivers\iusb3xhc.sys
2014-11-21 14:21 . 2013-09-05 00:36	1538880	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2014-11-21 14:20 . 2014-11-21 14:20	96560	----a-w-	c:\windows\system32\SET948.tmp
2014-11-21 14:20 . 2014-11-21 14:20	10434256	----a-w-	c:\windows\system32\drivers\BCMWL664.SYS
2014-11-21 14:20 . 2014-11-21 14:20	3667968	----a-w-	c:\windows\system32\bcmihvui64.dll
2014-11-21 14:20 . 2014-11-21 14:20	4400640	----a-w-	c:\windows\system32\SET7F.tmp
2014-11-21 14:18 . 2014-10-04 17:08	31891784	----a-w-	c:\windows\system32\SETC23F.tmp
2014-11-21 14:18 . 2014-11-21 14:18	1876296	----a-w-	c:\windows\system32\nvdispco6434465.dll
2014-11-21 14:18 . 2014-11-21 14:18	1539272	----a-w-	c:\windows\system32\nvdispgenco6434465.dll
2014-11-21 14:18 . 2014-01-15 10:57	3238040	----a-w-	c:\windows\system32\SETB3F6.tmp
2014-11-21 12:52 . 2014-04-29 17:28	29208	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2014-11-21 12:52 . 2014-03-20 17:28	116728	----a-w-	c:\windows\system32\drivers\aswstm.sys
2014-11-21 12:52 . 2014-03-20 17:28	436624	----a-w-	c:\windows\system32\drivers\aswsp.sys
2014-11-21 12:52 . 2014-03-20 17:28	267632	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-11-21 12:52 . 2014-03-20 17:28	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2014-11-21 12:52 . 2014-03-20 17:28	83280	----a-w-	c:\windows\system32\drivers\aswmonflt.sys
2014-11-21 12:52 . 2014-11-21 12:52	364512	----a-w-	c:\windows\system32\aswBoot.exe
2014-11-21 12:52 . 2014-03-20 17:28	93568	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2014-11-21 12:52 . 2014-11-21 12:52	43152	----a-w-	c:\windows\avastSS.scr
2014-11-21 12:52 . 2014-04-01 14:40	28184	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2014-11-21 12:51 . 2014-11-21 12:51	449936	----a-w-	c:\windows\system32\drivers\aswNdisFlt.sys
2014-11-19 04:31 . 2014-11-19 04:31	151552	----a-w-	c:\windows\SysWow64\nvRegDev.dll
2014-11-19 04:31 . 2014-11-19 04:31	61440	----a-w-	c:\windows\SysWow64\nvPhotoshopUtil.dll
2014-11-19 04:31 . 2014-11-19 04:31	40960	----a-w-	c:\windows\SysWow64\nvISWOW64.dll
2014-11-17 21:37 . 2014-12-12 23:46	129600	----a-w-	c:\windows\system32\drivers\rzpnk.sys
2014-11-05 13:16 . 2014-11-05 13:16	27136	----a-w-	c:\windows\system32\drivers\tap0901.sys
2014-11-01 21:47 . 2012-07-17 13:37	23256	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-10-27 19:47 . 2014-04-05 12:53	103265616	----a-w-	c:\windows\system32\MRT.exe
2014-05-23 09:21 . 2014-10-11 01:37	224	----a-w-	c:\program files (x86)\update-watchdogs.bat
2013-12-17 13:31 . 2014-11-04 00:22	224	----a-w-	c:\program files (x86)\update-walkingdead2.bat
2012-08-30 16:57 . 2014-11-04 00:18	81	----a-w-	c:\program files (x86)\update-walking-dead.bat
2009-12-06 09:18	26624	--sh--w-	c:\windows\bfcs2.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-11-01 21:44	223432	----a-w-	c:\users\dannywintjens\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-11-01 21:44	223432	----a-w-	c:\users\dannywintjens\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-11-01 21:44	223432	----a-w-	c:\users\dannywintjens\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2014-11-18 110160]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-12-11 30872168]
"Advanced SystemCare 8"="c:\program files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" [2014-11-17 2425632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-03-20 3854640]
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2014-10-13 1802048]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 8"="c:\program files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" [2014-11-17 2425632]
.
c:\users\dannywintjens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\dannywintjens\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-1-9 39206888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0SmartDefragBootTime.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleODD;Apple ODD;c:\windows\system32\DRIVERS\AppleODD.sys;c:\windows\SYSNATIVE\DRIVERS\AppleODD.sys [x]
R3 cleanhlp;cleanhlp;c:\eek\bin\cleanhlp64.sys;c:\eek\bin\cleanhlp64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [x]
R3 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [x]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 HideMyIpSRV;HideMyIpSRV;c:\program files (x86)\Hide My IP 6\HideMyIpSRV.exe;c:\program files (x86)\Hide My IP 6\HideMyIpSRV.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 Virtual Router;VirtualRouterService;c:\program files (x86)\Virtual Router\VirtualRouterService.exe;c:\program files (x86)\Virtual Router\VirtualRouterService.exe [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AppleHFS;AppleHFS; [x]
S0 AppleMNT;AppleMNT; [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1 A2DDA;A2 Direct Disk Access Support Driver;c:\eek\BIN\a2ddax64.sys;c:\eek\BIN\a2ddax64.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 AdvancedSystemCareService8;Advanced SystemCare Service 8;c:\program files (x86)\IObit\Advanced SystemCare 8\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [x]
S2 AppleOSSMgr;Apple OS Switch Manager;c:\windows\system32\AppleOSSMgr.exe;c:\windows\SYSNATIVE\AppleOSSMgr.exe [x]
S2 AppleTimeSrv;Apple tijdvoorziening;c:\windows\system32\AppleTimeSrv.exe;c:\windows\SYSNATIVE\AppleTimeSrv.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x]
S2 KeyAgent;KeyAgent;c:\windows\system32\drivers\KeyAgent.sys;c:\windows\SYSNATIVE\drivers\KeyAgent.sys [x]
S2 MacHALDriver;Mac HAL;c:\windows\system32\drivers\MacHALDriver.sys;c:\windows\SYSNATIVE\drivers\MacHALDriver.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 PfFilter;PfFilter;c:\program files (x86)\IObit\Protected Folder\pffilter.sys;c:\program files (x86)\IObit\Protected Folder\pffilter.sys [x]
S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
S3 acpials;ALS-sensorfilter;c:\windows\system32\DRIVERS\acpials.sys;c:\windows\SYSNATIVE\DRIVERS\acpials.sys [x]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
S3 applebmt;Apple Wireless Mouse;c:\windows\system32\DRIVERS\applebmt.sys;c:\windows\SYSNATIVE\DRIVERS\applebmt.sys [x]
S3 AppleBtBc;Apple Broadcom Built-in Bluetooth;c:\windows\system32\DRIVERS\AppleBtBc.sys;c:\windows\SYSNATIVE\DRIVERS\AppleBtBc.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 CirrusFilter;CS420xLowerFilter;c:\windows\system32\DRIVERS\CS420x64.sys;c:\windows\SYSNATIVE\DRIVERS\CS420x64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 KeyMagic;USB Keyboard HID Filter;c:\windows\system32\DRIVERS\KeyMagic.sys;c:\windows\SYSNATIVE\DRIVERS\KeyMagic.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Inhoud van de 'Gedeelde Taken' map
.
2015-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-17 11:40]
.
2015-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-17 13:49]
.
2015-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-17 13:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2015-01-13 20:05	2471744	----a-w-	c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-11-01 21:44	262344	----a-w-	c:\users\dannywintjens\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-11-01 21:44	262344	----a-w-	c:\users\dannywintjens\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-11-01 21:44	262344	----a-w-	c:\users\dannywintjens\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\dannywintjens\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\dannywintjens\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\dannywintjens\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\dannywintjens\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\dannywintjens\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\dannywintjens\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\dannywintjens\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\dannywintjens\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-03-20 17:28	290888	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apple_KbdMgr"="c:\program files\Boot Camp\Bootcamp.exe" [2014-01-31 746816]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;www.facebook.com;www.youtube.com;www.youtube.be;www.youtube.nl;<local>
IE: Formulieren Invullen - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
IE: Formulieren opslaan - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Menu aanpassen - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
IE: RoboForm Werkbalk - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
TCP: DhcpNameServer = 10.0.1.1
FF - ProfilePath - c:\users\dannywintjens\AppData\Roaming\Mozilla\Firefox\Profiles\c3sqde0w.default\
FF - prefs.js: browser.search.selectedEngine - Google
.
- - - - ORPHANS VERWIJDERD - - - -
.
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\39.0.2171.99\Installer\chrmstp.exe
AddRemove-Autodesk Application Manager - c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\removeAdAppMgr.exe
AddRemove-ExpressBurn - c:\program files (x86)\NCH Software\ExpressBurn\expressburn.exe
AddRemove-Google Chrome - c:\program files (x86)\Google\Chrome\Application\39.0.2171.99\Installer\setup.exe
AddRemove-MixPad - c:\program files (x86)\NCH Software\MixPad\mixpad.exe
AddRemove-Native Instruments Audio 2 DJ Driver - c:\programdata\{033B4844-E9C3-45D2-88D9-34DDF3F91100}\Audio 2 DJ Driver Setup PC.exe
AddRemove-Native Instruments Audio 4 DJ Driver - c:\programdata\{4682E4CB-7209-4099-8AA1-580ABCCCE731}\Audio 4 DJ Driver Setup PC.exe
AddRemove-Native Instruments Audio 8 DJ Driver - c:\programdata\{D2030082-F62A-402A-9456-8009276FD896}\Audio 8 DJ Driver Setup PC.exe
AddRemove-Native Instruments Controller Editor - c:\programdata\{95684022-A736-4575-ABB0-5B7388BB873D}\Controller Editor Setup PC.exe
AddRemove-Native Instruments Service Center - c:\programdata\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}\Service Center Setup PC.exe
AddRemove-Native Instruments Traktor 2 - c:\programdata\{05C334F7-C2A4-418A-9BC8-1542AE38D62B}\Traktor 2 Setup PC.exe
AddRemove-Native Instruments Traktor Audio 10 Driver - c:\programdata\{5EE4F9B1-7274-48A2-9C25-C287604C3058}\Traktor Audio 10 Driver Setup PC.exe
AddRemove-Native Instruments Traktor Audio 2 Driver - c:\programdata\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}\Traktor Audio 2 Driver Setup PC.exe
AddRemove-Native Instruments Traktor Audio 6 Driver - c:\programdata\{662EAAEC-9E9A-4C69-A658-884E51E909BB}\Traktor Audio 6 Driver Setup PC.exe
AddRemove-Native Instruments Traktor Kontrol F1 Driver - c:\programdata\{219191E6-6846-4329-889D-7956C487D9A6}\Traktor Kontrol F1 Driver Setup PC.exe
AddRemove-Native Instruments Traktor Kontrol S2 Driver - c:\programdata\{9F570B21-E27A-40BE-A508-292899A7D042}\Traktor Kontrol S2 Driver Setup PC.exe
AddRemove-Native Instruments Traktor Kontrol S2 MK2 Driver - c:\programdata\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}\Traktor Kontrol S2 MK2 Driver Setup PC.exe
AddRemove-Native Instruments Traktor Kontrol S4 MK2 Driver - c:\programdata\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}\Traktor Kontrol S4 MK2 Driver Setup PC.exe
AddRemove-Native Instruments Traktor Kontrol X1 - c:\programdata\{BED8681D-E6A2-4463-8EEA-09588F09C890}\Traktor Kontrol X1 Setup PC.exe
AddRemove-Native Instruments Traktor Kontrol Z2 Driver - c:\programdata\{EB21323D-3F46-4EF0-B849-B096B7705C69}\Traktor Kontrol Z2 Driver Setup PC.exe
AddRemove-Prism - c:\program files (x86)\NCH Software\Prism\prism.exe
AddRemove-Switch - c:\program files (x86)\NCH Software\Switch\switch.exe
AddRemove-WavePad - c:\program files (x86)\NCH Software\WavePad\wavepad.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-2480803176-3389462879-1122066420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-2480803176-3389462879-1122066420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2480803176-3389462879-1122066420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-2480803176-3389462879-1122066420-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2480803176-3389462879-1122066420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-2480803176-3389462879-1122066420-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2480803176-3389462879-1122066420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-2480803176-3389462879-1122066420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-2480803176-3389462879-1122066420-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2480803176-3389462879-1122066420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2480803176-3389462879-1122066420-1000)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2480803176-3389462879-1122066420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-2480803176-3389462879-1122066420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2480803176-3389462879-1122066420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-2480803176-3389462879-1122066420-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2480803176-3389462879-1122066420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-2480803176-3389462879-1122066420-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2480803176-3389462879-1122066420-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2480803176-3389462879-1122066420-1000)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\TeamViewer\TeamViewer.exe
c:\program files (x86)\TeamViewer\tv_w32.exe
.
**************************************************************************
.
Voltooingstijd: 2015-01-23  00:16:44 - machine werd herstart
ComboFix-quarantined-files.txt  2015-01-22 23:16
.
Pre-Run: 112.873.500.672 bytes beschikbaar
Post-Run: 112.726.708.224 bytes beschikbaar
.
- - End Of File - - 4636E5E03C7BFDCFA865199482526A71
5FB38429D5D77768867C76DCBDB35194