ComboFix 16-07-10.01 - pinky 12/07/2016  11:04:49.1.4 - x64
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.32.1043.18.11254.9089 [GMT 2:00]
Gestart vanuit: c:\users\pinky\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\users\pinky\AppData\Roaming\.#
c:\users\pinky\AppData\Roaming\Microsoft\~DFK37fe7313.tmp
c:\users\pinky\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\pinky\AppData\Roaming\Microsoft\bass.dll
c:\users\pinky\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\pinky\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\pinky\AppData\Roaming\Microsoft\peaadje.dll
c:\users\pinky\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\pinky\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\pinky\AppData\Roaming\Roaming
c:\users\pinky\AppData\Roaming\Roaming\HoldemManager\config\PokerstarsZoomTables.xml
c:\windows\desktop
c:\windows\desktop\Akai Converter V1.0.lnk
c:\windows\msdownld.tmp
c:\windows\SysWow64\ccrpTmr6.dll
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\hookdll.dll
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2016-06-12 to 2016-07-12  ))))))))))))))))))))))))))))))
.
.
2016-07-12 11:35 . 2016-07-12 11:35	--------	d-----w-	C:\found.001
2016-07-12 09:19 . 2016-07-12 09:19	--------	d-----w-	c:\users\postgres\AppData\Local\temp
2016-07-10 23:47 . 2016-07-10 23:47	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{E59D2A60-01FF-4DAE-8E2A-F803DFB8E9E8}\offreg.692.dll
2016-07-10 16:13 . 2016-07-10 16:13	--------	d-----w-	C:\zoek_backup
2016-07-08 15:50 . 2016-07-08 15:50	--------	d-----w-	C:\rsit
2016-07-08 15:50 . 2016-07-08 15:50	--------	d-----w-	c:\program files\trend micro
2016-07-06 23:57 . 2016-07-06 23:57	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{E59D2A60-01FF-4DAE-8E2A-F803DFB8E9E8}\offreg.956.dll
2016-07-02 00:33 . 2016-07-09 20:33	--------	d-----w-	c:\programdata\ProductData
2016-07-02 00:31 . 2016-07-02 00:31	--------	d-----w-	c:\users\pinky\AppData\Roaming\ProductData
2016-07-02 00:30 . 2016-07-02 00:30	--------	d-----w-	c:\programdata\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-07-02 00:30 . 2016-07-02 03:56	--------	d-----w-	c:\program files (x86)\Common Files\IObit
2016-07-02 00:30 . 2016-07-02 00:44	--------	d-----w-	c:\users\pinky\AppData\Roaming\IObit
2016-07-02 00:30 . 2016-07-02 00:36	--------	d-----w-	c:\programdata\IObit
2016-07-02 00:30 . 2016-07-02 00:30	--------	d-----w-	c:\program files (x86)\IObit
2016-06-30 18:01 . 2016-06-30 18:01	--------	d-----w-	c:\users\pinky\AppData\Local\Intel
2016-06-30 18:01 . 2015-06-04 11:33	21984	----a-w-	c:\windows\system32\drivers\semav6msr64.sys
2016-06-30 18:01 . 2016-06-30 18:01	--------	d-----w-	c:\programdata\Intel
2016-06-29 19:59 . 2016-06-29 19:59	--------	d-----w-	c:\program files\ESEA
2016-06-28 15:27 . 2016-05-04 02:23	129824	----a-w-	c:\windows\SysWow64\vulkan-1.dll
2016-06-28 15:27 . 2016-05-04 02:22	40224	----a-w-	c:\windows\SysWow64\vulkaninfo.exe
2016-06-28 15:27 . 2016-05-04 02:22	130848	----a-w-	c:\windows\system32\vulkan-1.dll
2016-06-28 15:27 . 2016-05-04 02:22	45344	----a-w-	c:\windows\system32\vulkaninfo.exe
2016-06-18 02:55 . 2016-06-18 02:55	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{E59D2A60-01FF-4DAE-8E2A-F803DFB8E9E8}\offreg.556.dll
2016-06-14 12:30 . 2016-06-14 12:30	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2016-06-14 00:07 . 2016-06-14 00:07	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{E59D2A60-01FF-4DAE-8E2A-F803DFB8E9E8}\offreg.808.dll
2016-06-13 15:21 . 2016-06-13 15:21	--------	d-----w-	c:\program files\Windows Portable Devices
2016-06-13 15:21 . 2016-06-13 15:21	--------	d-----w-	c:\program files (x86)\Windows Portable Devices
2016-06-13 15:20 . 2009-10-01 01:02	30208	----a-w-	c:\windows\SysWow64\WPDShextAutoplay.exe
2016-06-13 15:20 . 2009-10-01 00:52	34816	----a-w-	c:\windows\system32\WPDShextAutoplay.exe
2016-06-13 15:20 . 2009-10-01 00:51	37888	----a-w-	c:\windows\system32\BthMtpContextHandler.dll
2016-06-13 15:20 . 2009-10-01 00:51	107008	----a-w-	c:\windows\system32\wpdbusenum.dll
2016-06-13 15:20 . 2009-10-01 00:56	2560	----a-w-	c:\windows\system32\drivers\UMDF\nl-NL\wpdmtpdr.dll.mui
2016-06-13 15:18 . 2016-03-10 17:07	501760	----a-w-	c:\windows\SysWow64\kerberos.dll
2016-06-13 15:18 . 2016-03-10 16:43	660480	----a-w-	c:\windows\system32\kerberos.dll
2016-06-13 15:18 . 2015-09-02 21:26	1402368	----a-w-	c:\windows\SysWow64\msxml6.dll
2016-06-13 15:18 . 2015-09-02 21:26	1796096	----a-w-	c:\windows\system32\msxml6.dll
2016-06-13 15:17 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2016-06-13 15:17 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2016-06-13 15:17 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2016-06-13 15:17 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2016-06-13 15:17 . 2012-07-26 07:49	2560	----a-w-	c:\windows\system32\drivers\nl-NL\wdf01000.sys.mui
2016-06-13 15:17 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2016-06-13 15:17 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2016-06-13 15:17 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2016-06-13 15:16 . 2016-03-17 19:00	152064	----a-w-	c:\windows\system32\mtxoci.dll
2016-06-13 15:16 . 2016-03-17 17:45	105472	----a-w-	c:\windows\SysWow64\mtxoci.dll
2016-06-13 15:16 . 2016-03-17 17:45	180224	----a-w-	c:\windows\SysWow64\msorcl32.dll
2016-06-13 15:16 . 2016-03-17 17:45	290816	----a-w-	c:\program files (x86)\Common Files\System\Ole DB\msdaora.dll
2016-06-13 15:15 . 2009-09-10 02:05	103424	----a-w-	c:\windows\system32\UIAnimation.dll
2016-06-13 15:15 . 2009-09-10 02:00	92672	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2016-06-13 15:15 . 2009-09-10 02:07	3815424	----a-w-	c:\windows\system32\UIRibbon.dll
2016-06-13 15:15 . 2009-09-10 02:06	1164800	----a-w-	c:\windows\system32\UIRibbonRes.dll
2016-06-13 15:15 . 2009-09-10 02:01	3023360	----a-w-	c:\windows\SysWow64\UIRibbon.dll
2016-06-13 15:15 . 2009-09-10 02:00	1164800	----a-w-	c:\windows\SysWow64\UIRibbonRes.dll
2016-06-13 15:15 . 2016-03-09 16:57	15872	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2016-06-13 15:15 . 2016-03-09 16:40	18432	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-07-10 16:18 . 2015-08-01 20:03	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-06-16 17:42 . 2012-08-03 07:40	796352	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2016-06-16 17:42 . 2012-08-03 07:40	142528	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-06-13 00:07 . 2016-06-10 23:49	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{E59D2A60-01FF-4DAE-8E2A-F803DFB8E9E8}\offreg.544.dll
2016-05-27 12:01 . 2016-06-10 17:59	11895896	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{E59D2A60-01FF-4DAE-8E2A-F803DFB8E9E8}\mpengine.dll
2016-05-13 16:15 . 2015-07-27 21:57	228712	----a-w-	c:\windows\system32\drivers\aswStmXP.sys
2016-05-13 16:15 . 2015-04-03 04:06	74544	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2016-05-13 16:15 . 2015-04-03 04:06	287528	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2016-05-13 16:15 . 2016-05-13 16:17	398152	----a-w-	c:\windows\system32\aswBoot.exe
2016-05-13 16:15 . 2015-04-03 04:05	465792	----a-w-	c:\windows\system32\drivers\aswSP.sys
2016-05-13 16:15 . 2015-04-03 04:05	74544	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2016-05-13 16:15 . 2015-04-03 04:05	107792	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2016-05-13 16:15 . 2015-04-03 04:05	37656	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2016-05-13 16:15 . 2015-04-03 04:05	74032	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2016-05-13 16:14 . 2016-05-13 16:14	52184	----a-w-	c:\windows\avastSS.scr
2016-05-13 16:13 . 2015-04-03 04:05	1070904	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2016-05-13 16:13 . 2016-05-13 16:17	37144	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2016-05-11 16:55 . 2006-11-02 12:35	139319312	----a-w-	c:\windows\system32\mrt.exe
2016-05-10 19:49 . 2016-05-10 19:49	20832	----a-w-	c:\windows\system32\drivers\ddcdrv.sys
2016-05-10 19:49 . 2016-05-10 19:49	155528	----a-w-	c:\windows\system32\DDCHELPER.dll
2016-05-10 04:07 . 2016-01-09 21:31	3286664	----a-w-	c:\windows\SysWow64\nvapi.dll
2016-05-09 23:40 . 2015-11-20 16:42	2993088	----a-w-	c:\windows\system32\nvsvc64.dll
2016-05-09 23:40 . 2015-11-20 16:42	6369728	----a-w-	c:\windows\system32\nvcpl.dll
2016-05-09 23:40 . 2016-01-09 21:33	81856	----a-w-	c:\windows\system32\nv3dappshextr.dll
2016-05-09 23:40 . 2016-01-09 21:33	532536	----a-w-	c:\windows\system32\nv3dappshext.dll
2016-05-09 23:40 . 2015-11-20 16:42	71224	----a-w-	c:\windows\system32\nvshext.dll
2016-05-09 23:40 . 2015-11-20 16:42	392128	----a-w-	c:\windows\system32\nvmctray.dll
2016-05-09 23:40 . 2015-11-20 16:42	2563128	----a-w-	c:\windows\system32\nvsvcr.dll
2016-05-09 23:40 . 2015-11-20 16:42	1201600	----a-w-	c:\windows\system32\nvvsvc.exe
2016-05-06 14:02 . 2015-11-20 16:42	6423191	----a-w-	c:\windows\system32\nvcoproc.bin
2016-05-05 20:08 . 2015-04-20 16:50	97856	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-05-04 02:23 . 2016-05-04 02:23	129824	----a-w-	c:\windows\SysWow64\vulkan-1-1-0-11-1.dll
2016-05-04 02:22 . 2016-05-04 02:22	40224	----a-w-	c:\windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
2016-05-04 02:22 . 2016-05-04 02:22	130848	----a-w-	c:\windows\system32\vulkan-1-1-0-11-1.dll
2016-05-04 02:22 . 2016-05-04 02:22	45344	----a-w-	c:\windows\system32\vulkaninfo-1-1-0-11-1.exe
2016-04-27 14:35 . 2016-05-04 11:00	1924152	----a-w-	c:\windows\system32\nvdispco6436510.dll
2016-04-27 14:35 . 2016-05-04 11:00	1571776	----a-w-	c:\windows\system32\nvdispgenco6436510.dll
2016-04-23 17:33 . 2016-05-11 15:58	17974784	----a-w-	c:\windows\system32\mshtml.dll
2016-04-23 17:30 . 2016-05-11 15:58	448512	----a-w-	c:\windows\system32\html.iec
2016-04-23 17:30 . 2016-05-11 15:58	10888192	----a-w-	c:\windows\system32\ieframe.dll
2016-04-23 17:30 . 2016-05-11 15:58	2265600	----a-w-	c:\windows\system32\jscript9.dll
2016-04-23 17:29 . 2016-05-11 15:58	1295872	----a-w-	c:\windows\system32\wininet.dll
2016-04-23 17:29 . 2016-05-11 15:58	1300480	----a-w-	c:\windows\system32\urlmon.dll
2016-04-23 17:29 . 2016-05-11 15:58	1494528	----a-w-	c:\windows\system32\inetcpl.cpl
2016-04-23 17:29 . 2016-05-11 15:58	887296	----a-w-	c:\windows\system32\jscript.dll
2016-04-23 17:29 . 2016-05-11 15:58	234496	----a-w-	c:\windows\system32\url.dll
2016-04-23 17:29 . 2016-05-11 15:58	81408	----a-w-	c:\windows\system32\jsproxy.dll
2016-04-23 17:29 . 2016-05-11 15:58	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2016-04-23 17:29 . 2016-05-11 15:58	524288	----a-w-	c:\windows\system32\vbscript.dll
2016-04-23 17:29 . 2016-05-11 15:58	724992	----a-w-	c:\windows\system32\msfeeds.dll
2016-04-23 17:29 . 2016-05-11 15:58	2129920	----a-w-	c:\windows\system32\iertutil.dll
2016-04-23 17:29 . 2016-05-11 15:58	452608	----a-w-	c:\windows\system32\dxtmsft.dll
2016-04-23 17:29 . 2016-05-11 15:58	269312	----a-w-	c:\windows\system32\dxtrans.dll
2016-04-23 17:29 . 2016-05-11 15:58	95744	----a-w-	c:\windows\system32\mshtmled.dll
2016-04-23 17:29 . 2016-05-11 15:58	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2016-04-23 17:29 . 2016-05-11 15:58	11264	----a-w-	c:\windows\system32\msfeedssync.exe
2016-04-23 17:29 . 2016-05-11 15:58	12800	----a-w-	c:\windows\system32\mshta.exe
2016-04-23 17:29 . 2016-05-11 15:58	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2016-04-23 17:29 . 2016-05-11 15:58	228864	----a-w-	c:\windows\system32\ieui.dll
2016-04-23 17:03 . 2016-05-11 15:58	367616	----a-w-	c:\windows\SysWow64\html.iec
2016-04-23 17:00 . 2016-05-11 15:58	1831424	----a-w-	c:\windows\SysWow64\jscript9.dll
2016-04-23 17:00 . 2016-05-11 15:58	1436160	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2016-04-23 17:00 . 2016-05-11 15:58	1089024	----a-w-	c:\windows\SysWow64\wininet.dll
2016-04-23 17:00 . 2016-05-11 15:58	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2016-04-23 16:59 . 2016-05-11 15:58	414208	----a-w-	c:\windows\SysWow64\vbscript.dll
2016-04-23 16:59 . 2016-05-11 15:58	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2016-04-23 16:59 . 2016-05-11 15:58	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2016-04-21 13:05 . 2012-08-06 20:10	453288	------w-	c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	211264	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	211264	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	211264	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	211264	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	211264	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	211264	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	211264	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	211264	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AdvancedSystemCareService9;Advanced SystemCare Service 9;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe [x]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-06-30 11:38	1106072	----a-w-	c:\program files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2016-07-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-12 17:42]
.
2016-07-03 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-07 13:00]
.
2016-07-03 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-07 13:00]
.
2016-07-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4041785693-1067887695-2243019297-1000Core.job
- c:\users\pinky\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-28 18:48]
.
2016-07-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4041785693-1067887695-2243019297-1000UA.job
- c:\users\pinky\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-28 18:48]
.
2016-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-17 23:37]
.
2016-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-17 23:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2015-11-12 08:39	2472224	----a-w-	c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	255296	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	255296	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	255296	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	255296	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	255296	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	255296	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	255296	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2016-06-13 20:10	255296	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.34.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-05-13 16:15	920784	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com
mDefault_Page_URL = www.google.com
mDefault_Search_URL = www.google.com
mSearch Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = hxxp://www.google.com
TCP: DhcpNameServer = 195.130.131.2 195.130.130.2
FF - ProfilePath - c:\users\pinky\AppData\Roaming\Mozilla\Firefox\Profiles\o9r1sqmn.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
ï»¿FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-ValhallaRoom_is1 - c:\programdata\Valhalla DSP
AddRemove-ValhallaUberMod_is1 - c:\programdata\Valhalla DSP
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\postgresql-9.3]
"ImagePath"="\"c:\program files (x86)\PostgreSQL\9.3\bin\pg_ctl.exe\" runservice -N \"postgresql-9.3\" -D \"C:/Program Files (x86)/PostgreSQL/9.3/data\" -w"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\ACPI\PNP0F03\4&6730480&0\Device Parameters\Interrupt Management]
@DACL=(02 0000)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\ASGT.exe
c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
c:\program files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
c:\program files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
.
**************************************************************************
.
Voltooingstijd: 2016-07-12  11:29:57 - machine werd herstart
ComboFix-quarantined-files.txt  2016-07-12 09:29
.
Pre-Run: 50.013.339.648 bytes beschikbaar
Post-Run: 50.907.090.944 bytes beschikbaar
.
- - End Of File - - 35D87E8BB427F65170A381468013EAA4
EF932EAA6EF4C94E66A7F6CEEC7EB422