Ga naar inhoud

Windows (7) Security Center service niet in te schakelen

Monda

Door Monda
in Archief Windows 10

 Delen

Aanbevolen berichten

Monda Leerling

Monda

Geplaatst:
Geplaatst:

Goedemiddag!

 

Ik ben op dit forum terecht gekomen door zoeken naar vergelijkbare problemen. Ik hoop dat jullie mij kunnen helpen.

 

Ik kreeg een tijd terug de melding dat Security Center was uitgeschakeld. Deze weer inschakelen via services werkt niet. Ik krijg dan de melding:  Kan de Security Center service op lokale computer niet starten. Ik heb het gevoel dat mn pc niet veilig is. Wellicht wordt dit veroorzaakt door een virus?

 

Ik heb op dit forum een aantal dingen gevonden en uitgevoerd   

 

1. MAMB gedraaid

2. ComboFix gedraaid

3. HijackThis

 

Ik heb hier niet zo veel verstand van dus hoop dat jullie mij verder kunnen helpen. Hieronder post ik de logbestanden van ComboFix en HijackThis.

Alvast bedankt!

 

HijackThis:

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:50:42, on 17-8-2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\TimTa\Desktop\Scans\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ajaxshowtime.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: CtxIEInterceptorBHO - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files (x86)\Citrix\ICA Client\IEInterceptor.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\TimTa\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10999 bytes

 

 

 

ComboFix log:

 

ComboFix 15-08-17.01 - TimTa 17-08-2015  11:49:20.1.2 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.3199.1809 [GMT 2:00]

AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2015-07-17 to 2015-08-17  )))))))))))))))))))))))))))))))
.
.
2015-08-17 10:01 . 2015-08-17 10:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-08-16 20:59 . 2015-07-15 01:12 12222168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1F7F9965-77FD-497F-AB14-5823FE759B4F}\mpengine.dll
2015-08-15 18:24 . 2015-07-15 01:12 12222168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-08-14 20:08 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 20:08 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 19:29 . 2015-07-01 20:49 260096 ----a-w- c:\windows\system32\WebClnt.dll
2015-08-14 19:28 . 2015-07-16 19:56 628736 ----a-w- c:\program files\Internet Explorer\jsprofilerui.dll
2015-08-14 19:22 . 2015-07-15 03:19 2004992 ----a-w- c:\windows\system32\msxml6.dll
2015-08-14 19:19 . 2015-07-10 17:51 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-08-14 15:55 . 2015-07-01 16:39 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CDF18536-87D2-43CC-A1FC-D21C64734B89}\gapaengine.dll
2015-08-09 09:09 . 2015-07-28 20:05 774656 ----a-w- c:\windows\system32\invagent.dll
2015-08-09 09:09 . 2015-07-28 20:05 743424 ----a-w- c:\windows\system32\generaltel.dll
2015-08-09 09:09 . 2015-07-28 20:05 437760 ----a-w- c:\windows\system32\devinv.dll
2015-08-09 09:09 . 2015-07-28 20:05 1116672 ----a-w- c:\windows\system32\appraiser.dll
2015-08-09 09:09 . 2015-07-28 20:05 69120 ----a-w- c:\windows\system32\acmigration.dll
2015-08-09 09:09 . 2015-07-28 19:55 1148416 ----a-w- c:\windows\system32\aeinv.dll
2015-08-09 09:09 . 2015-07-28 20:09 17344 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-08-09 09:09 . 2015-07-28 20:05 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-08-01 20:19 . 2015-08-14 19:54 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2015-08-01 20:09 . 2014-11-10 14:17 1069584 ----a-w- c:\windows\system32\dbghelp.dll
2015-07-30 18:53 . 2015-07-30 18:53 -------- d-----w- c:\programdata\ATI
2015-07-30 18:53 . 2015-07-30 18:53 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2015-07-30 18:51 . 2015-07-30 18:51 -------- d-----w- c:\program files (x86)\AMD
2015-07-30 18:48 . 2015-07-30 18:48 -------- d-----w- c:\program files\Common Files\ATI Technologies
2015-07-30 18:47 . 2015-08-01 18:34 -------- d-----w- c:\program files\AMD
2015-07-30 14:25 . 2015-07-30 14:25 -------- d-----w- c:\users\TimTa\AppData\Local\Steam
2015-07-30 14:25 . 2015-07-30 14:25 -------- d-----w- c:\users\TimTa\AppData\Local\CEF
2015-07-29 13:09 . 2015-05-25 18:19 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-07-29 13:09 . 2015-05-25 18:18 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-07-29 13:09 . 2015-05-25 18:01 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-07-29 13:07 . 2015-06-03 20:16 193536 ----a-w- c:\windows\system32\aepic.dll
2015-07-29 13:04 . 2015-05-09 18:26 493504 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2015-07-29 10:18 . 2015-04-24 18:17 633856 ----a-w- c:\windows\system32\comctl32.dll
2015-07-29 10:18 . 2015-04-24 17:56 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2015-07-29 10:18 . 2015-07-04 18:07 2087424 ----a-w- c:\windows\system32\ole32.dll
2015-07-29 10:18 . 2015-07-04 17:48 1414656 ----a-w- c:\windows\SysWow64\ole32.dll
2015-07-21 13:27 . 2015-07-21 13:27 2731744 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA7.1\VBEUI.DLL
2015-07-21 03:57 . 2015-07-21 03:57 4379280 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA7.1\VBE7.DLL
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-17 09:27 . 2014-01-30 16:27 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-14 19:39 . 2013-06-27 13:28 132483416 ----a-w- c:\windows\system32\MRT.exe
2015-08-11 18:41 . 2013-06-27 13:48 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-11 18:41 . 2013-06-27 13:48 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-16 02:12 . 2015-07-16 02:12 78432 ----a-w- c:\windows\system32\atimpc64.dll
2015-07-16 02:12 . 2015-07-16 02:12 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2015-07-16 02:12 . 2015-07-16 02:12 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2015-07-16 02:12 . 2015-07-16 02:12 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2015-07-16 02:11 . 2015-07-16 02:11 152056 ----a-w- c:\windows\system32\atiuxp64.dll
2015-07-16 02:11 . 2015-07-16 02:11 133016 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2015-07-16 02:11 . 2015-07-16 02:11 120144 ----a-w- c:\windows\system32\atiu9p64.dll
2015-07-16 02:11 . 2015-07-16 02:11 102616 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2015-07-16 02:11 . 2015-07-16 02:11 1445224 ----a-w- c:\windows\system32\aticfx64.dll
2015-07-16 02:11 . 2015-07-16 02:11 1193904 ----a-w- c:\windows\SysWow64\aticfx32.dll
2015-07-16 02:11 . 2015-07-16 02:11 11948704 ----a-w- c:\windows\system32\atidxx64.dll
2015-07-16 02:11 . 2015-07-16 02:11 10094152 ----a-w- c:\windows\SysWow64\atidxx32.dll
2015-07-16 02:11 . 2015-07-16 02:11 7929616 ----a-w- c:\windows\SysWow64\atiumdva.dll
2015-07-16 02:11 . 2015-07-16 02:11 7408936 ----a-w- c:\windows\SysWow64\atiumdag.dll
2015-07-16 02:11 . 2015-07-16 02:11 8893160 ----a-w- c:\windows\system32\atiumd6a.dll
2015-07-16 02:11 . 2015-07-16 02:11 8779872 ----a-w- c:\windows\system32\atiumd64.dll
2015-07-16 02:09 . 2015-07-16 02:09 297672 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2015-07-16 02:06 . 2015-07-16 02:06 21622272 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2015-07-16 02:01 . 2015-07-16 02:01 235008 ----a-w- c:\windows\system32\clinfo.exe
2015-07-16 02:01 . 2015-07-16 02:01 47785472 ----a-w- c:\windows\system32\amdocl64.dll
2015-07-16 02:00 . 2015-07-16 02:00 39714816 ----a-w- c:\windows\SysWow64\amdocl.dll
2015-07-16 01:59 . 2015-07-16 01:59 65024 ----a-w- c:\windows\system32\OpenCL.dll
2015-07-16 01:59 . 2015-07-16 01:59 59392 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-07-16 01:58 . 2015-07-16 01:58 27535872 ----a-w- c:\windows\system32\amdocl12cl64.dll
2015-07-16 01:57 . 2015-07-16 01:57 22318592 ----a-w- c:\windows\SysWow64\amdocl12cl.dll
2015-07-16 01:35 . 2015-07-16 01:35 127488 ----a-w- c:\windows\system32\mantle64.dll
2015-07-16 01:35 . 2015-07-16 01:35 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2015-07-16 01:35 . 2015-07-16 01:35 6477312 ----a-w- c:\windows\system32\amdmantle64.dll
2015-07-16 01:30 . 2015-07-16 01:30 5068288 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2015-07-16 01:28 . 2015-07-16 01:28 30752256 ----a-w- c:\windows\system32\atio6axx.dll
2015-07-16 01:26 . 2015-07-16 01:26 93184 ----a-w- c:\windows\system32\mantleaxl64.dll
2015-07-16 01:26 . 2015-07-16 01:26 86528 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2015-07-16 01:25 . 2015-07-16 01:25 50688 ----a-w- c:\windows\system32\amdmmcl6.dll
2015-07-16 01:25 . 2015-07-16 01:25 39424 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2015-07-16 01:22 . 2015-07-16 01:22 25299968 ----a-w- c:\windows\SysWow64\atioglxx.dll
2015-07-16 01:21 . 2015-07-16 01:21 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2015-07-16 01:21 . 2015-07-16 01:21 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2015-07-16 01:21 . 2015-07-16 01:21 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2015-07-16 01:21 . 2015-07-16 01:21 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2015-07-16 01:21 . 2015-07-16 01:21 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2015-07-16 01:21 . 2015-07-16 01:21 15716864 ----a-w- c:\windows\system32\aticaldd64.dll
2015-07-16 01:20 . 2015-07-16 01:20 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2015-07-16 01:17 . 2015-07-16 01:17 442368 ----a-w- c:\windows\system32\atidemgy.dll
2015-07-16 01:17 . 2015-07-16 01:17 160256 ----a-w- c:\windows\system32\atieah64.exe
2015-07-16 01:17 . 2015-07-16 01:17 204800 ----a-w- c:\windows\system32\amdgfxinfo64.dll
2015-07-16 01:17 . 2015-07-16 01:17 143872 ----a-w- c:\windows\SysWow64\atieah32.exe
2015-07-16 01:17 . 2015-07-16 01:17 29696 ----a-w- c:\windows\system32\atimuixx.dll
2015-07-16 01:17 . 2015-07-16 01:17 189952 ----a-w- c:\windows\SysWow64\amdgfxinfo32.dll
2015-07-16 01:17 . 2015-07-16 01:17 672768 ----a-w- c:\windows\system32\atieclxx.exe
2015-07-16 01:17 . 2015-07-16 01:17 246784 ----a-w- c:\windows\system32\atiesrxx.exe
2015-07-16 01:17 . 2015-07-16 01:17 190976 ----a-w- c:\windows\system32\atitmm64.dll
2015-07-16 01:14 . 2015-07-16 01:14 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2015-07-16 01:13 . 2015-07-16 01:13 1247744 ----a-w- c:\windows\system32\atiadlxx.dll
2015-07-16 01:13 . 2015-07-16 01:13 926720 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2015-07-16 01:13 . 2015-07-16 01:13 926720 ----a-w- c:\windows\SysWow64\atiadlxx.dll
2015-07-16 01:13 . 2015-07-16 01:13 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2015-07-16 01:13 . 2015-07-16 01:13 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2015-07-16 01:13 . 2015-07-16 01:13 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2015-07-16 01:13 . 2015-07-16 01:13 156672 ----a-w- c:\windows\system32\atig6txx.dll
2015-07-16 01:13 . 2015-07-16 01:13 141824 ----a-w- c:\windows\SysWow64\atigktxx.dll
2015-07-16 01:13 . 2015-07-16 01:13 665088 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2015-07-16 01:12 . 2015-07-16 01:12 865792 ----a-w- c:\windows\system32\coinst_15.20.dll
2015-07-16 01:12 . 2015-07-16 01:12 102912 ----a-w- c:\windows\system32\hsa-thunk64.dll
2015-07-16 01:12 . 2015-07-16 01:12 102400 ----a-w- c:\windows\SysWow64\hsa-thunk.dll
2015-07-15 17:54 . 2015-08-14 19:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-07-15 16:32 . 2015-06-18 07:23 110688 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-07-01 16:39 . 2013-07-17 07:04 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-06-23 11:30 . 2013-06-27 09:23 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-06-18 06:41 . 2014-01-30 16:25 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-06-18 06:41 . 2014-01-30 16:25 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-06-18 06:41 . 2014-01-30 16:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-06-16 14:31 . 2015-06-16 14:31 1691816 ----a-w- c:\windows\system32\FM20.DLL
2015-05-31 18:00 . 2015-06-18 07:44 126976 ----a-w- c:\windows\system32\ff_vfw.dll
2015-05-31 18:00 . 2015-06-18 07:44 112128 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2015-05-26 22:28 . 2015-05-26 22:28 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2015-05-26 22:28 . 2015-05-26 22:28 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2015-05-26 22:28 . 2015-05-26 22:28 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2015-05-26 22:28 . 2015-05-26 22:28 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-04-14 15:19 1729752 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-04-14 15:19 1729752 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-04-14 15:19 1729752 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\TimTa\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-08-05 2018360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-07-15 767176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 HtcVCom32;HTC Diagnostic Port;c:\windows\system32\DRIVERS\HtcVComV64.sys;c:\windows\SYSNATIVE\DRIVERS\HtcVComV64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys;c:\windows\SYSNATIVE\DRIVERS\ctxusbm.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe;c:\program files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8187.sys [x]
S3 ScpVBus;Scp Virtual Bus Driver;c:\windows\system32\DRIVERS\ScpVBus.sys;c:\windows\SYSNATIVE\DRIVERS\ScpVBus.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Contents of the 'Scheduled Tasks' folder
.
2015-08-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-27 18:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-04-14 15:14 2334936 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-04-14 15:14 2334936 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-04-14 15:14 2334936 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-05-09 13672152]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.ajaxshowtime.com/
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: &Verzenden naar OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.254 195.121.1.34 195.121.1.66
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3023224 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3035490 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3037581 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-790048904-797808528-2902581416-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-790048904-797808528-2902581416-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-08-17  12:05:29
ComboFix-quarantined-files.txt  2015-08-17 10:05
.
Pre-Run: 841.773.817.856 bytes beschikbaar
Post-Run: 841.592.307.712 bytes beschikbaar
.
- - End Of File - - 4EDE314488E89B22D0DD5FBC62BED50C
A36C5E4F47E84449FF07ED3517B43A31

                 

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.