ComboFix 15-04-09.01 - Daan 11-04-2015 16:33:41.1.8 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1033.18.12285.9086 [GMT 2:00] Gestart vanuit: d:\gebruikers\Daan\Downloads\ComboFix.exe AV: Bitdefender Antivirus *Disabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D} FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46} SP: Bitdefender Antispyware *Disabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\1426278950.bdinstall.bin c:\windows\SysWow64\X86 d:\gebruikers\Daan\b920b168b320db5a1efedad57a97bb3a.jpg I:\install.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2015-03-11 to 2015-04-11 )))))))))))))))))))))))))))))) . . 2015-04-11 14:40 . 2015-04-11 14:40 -------- d-----w- d:\gebruikers\Guest\AppData\Local\temp 2015-04-11 14:40 . 2015-04-11 14:40 -------- d-----w- d:\gebruikers\Annabel\AppData\Local\temp 2015-04-04 20:44 . 2015-04-04 20:44 -------- d-s---w- c:\windows\system32\GWX 2015-04-04 20:44 . 2015-04-04 20:44 -------- d-s---w- c:\windows\SysWow64\GWX 2015-04-04 14:18 . 2015-04-04 14:18 512 ----a-w- C:\PhysicalDisk0_MBR.bin 2015-04-04 13:35 . 2015-04-06 10:41 -------- d-----w- c:\program files (x86)\ZHPDiag 2015-04-04 13:35 . 2015-04-04 14:46 -------- d-----w- d:\gebruikers\Daan\AppData\Roaming\ZHP 2015-04-03 20:02 . 2015-04-03 20:02 -------- d-----w- c:\programdata\Synology 2015-04-03 19:58 . 2015-04-03 19:36 24064 ----a-w- c:\windows\zoek-delete.exe 2015-04-02 19:05 . 2015-04-02 19:31 -------- d-----w- C:\zoek_backup 2015-04-02 17:17 . 2015-04-02 19:40 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird 2015-03-31 19:15 . 2015-03-31 19:15 -------- d-----w- C:\rsit 2015-03-31 19:15 . 2015-03-31 19:15 -------- d-----w- c:\program files\trend micro 2015-03-24 18:31 . 2015-03-11 04:06 677888 ----a-w- c:\windows\system32\generaltel.dll 2015-03-24 18:31 . 2015-03-11 04:06 760832 ----a-w- c:\windows\system32\invagent.dll 2015-03-24 18:31 . 2015-03-11 04:06 414720 ----a-w- c:\windows\system32\devinv.dll 2015-03-24 18:31 . 2015-03-11 04:06 943616 ----a-w- c:\windows\system32\appraiser.dll 2015-03-24 18:31 . 2015-03-11 04:05 30720 ----a-w- c:\windows\system32\acmigration.dll 2015-03-24 18:31 . 2015-03-11 04:05 227328 ----a-w- c:\windows\system32\aepdu.dll 2015-03-24 18:31 . 2015-03-11 04:05 192000 ----a-w- c:\windows\system32\aepic.dll 2015-03-24 18:31 . 2015-03-11 04:02 1107456 ----a-w- c:\windows\system32\aeinv.dll 2015-03-19 23:39 . 2015-03-19 23:39 -------- d-----w- c:\windows\Simple Port Tester 2015-03-19 23:39 . 2015-03-19 23:39 -------- d-----w- c:\program files (x86)\Simple Port Tester 2015-03-19 22:45 . 2015-03-19 22:45 -------- d-----w- d:\gebruikers\Daan\AppData\Local\TeamViewer 2015-03-15 07:00 . 2015-03-15 07:00 -------- d-----w- d:\gebruikers\Daan\Tracing 2015-03-13 20:41 . 2015-03-13 20:41 262544 ----a-w- c:\windows\system32\drivers\avchv.sys 2015-03-13 20:41 . 2015-03-13 20:41 677104 ----a-w- c:\windows\system32\drivers\avckf.sys 2015-03-13 20:38 . 2015-03-13 20:41 82824 ----a-w- c:\windows\system32\drivers\bdsandbox.sys 2015-03-13 20:38 . 2013-11-13 14:41 93600 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys 2015-03-13 20:38 . 2012-04-17 13:34 76944 ----a-w- c:\windows\system32\drivers\bdvedisk.sys 2015-03-13 20:38 . 2015-03-13 20:41 1306464 ----a-w- c:\windows\system32\drivers\avc3.sys 2015-03-13 20:37 . 2015-03-13 20:43 -------- d-----w- d:\gebruikers\Daan\AppData\Roaming\Bitdefender 2015-03-13 20:37 . 2013-08-13 12:38 3271472 ---ha-w- C:\bdr-bz01 2015-03-13 20:35 . 2015-03-17 12:07 160544 ----a-w- c:\windows\system32\drivers\gzflt.sys 2015-03-13 20:35 . 2015-03-13 20:38 -------- d-----w- c:\programdata\Bitdefender 2015-03-13 20:35 . 2014-10-15 15:14 452040 ----a-w- c:\windows\system32\drivers\trufos.sys 2015-03-13 08:23 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F5CE2093-6EE1-41A3-AE88-FBF0492C014C}\mpengine.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-03-13 20:41 . 2014-09-22 21:10 33360 ----a-w- c:\windows\system32\bdsandboxuh.dll 2015-03-13 20:41 . 2014-09-22 21:20 74000 ----a-w- c:\windows\system32\bdsandboxuiskin32.dll 2015-03-13 20:41 . 2014-09-22 21:10 84848 ----a-w- c:\windows\system32\bdsandboxuiskin.dll 2015-03-11 22:34 . 2011-07-30 10:57 122905848 ----a-w- c:\windows\system32\MRT.exe 2015-03-06 05:56 . 2015-03-11 08:32 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2015-03-06 05:56 . 2015-03-11 08:32 155576 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2015-03-06 05:42 . 2015-03-11 08:32 210944 ----a-w- c:\windows\system32\wdigest.dll 2015-03-06 05:42 . 2015-03-11 08:32 86528 ----a-w- c:\windows\system32\TSpkg.dll 2015-03-06 05:42 . 2015-03-11 08:32 29184 ----a-w- c:\windows\system32\sspisrv.dll 2015-03-06 05:42 . 2015-03-11 08:32 136192 ----a-w- c:\windows\system32\sspicli.dll 2015-03-06 05:42 . 2015-03-11 08:32 341504 ----a-w- c:\windows\system32\schannel.dll 2015-03-06 05:42 . 2015-03-11 08:32 28160 ----a-w- c:\windows\system32\secur32.dll 2015-03-06 05:42 . 2015-03-11 08:32 314880 ----a-w- c:\windows\system32\msv1_0.dll 2015-03-06 05:42 . 2015-03-11 08:32 309760 ----a-w- c:\windows\system32\ncrypt.dll 2015-03-06 05:42 . 2015-03-11 08:32 728064 ----a-w- c:\windows\system32\kerberos.dll 2015-03-06 05:42 . 2015-03-11 08:32 1461760 ----a-w- c:\windows\system32\lsasrv.dll 2015-03-06 05:42 . 2015-03-11 08:32 22016 ----a-w- c:\windows\system32\credssp.dll 2015-03-06 05:41 . 2015-03-11 08:32 31232 ----a-w- c:\windows\system32\lsass.exe 2015-03-06 05:41 . 2015-03-11 08:32 64000 ----a-w- c:\windows\system32\auditpol.exe 2015-03-06 05:39 . 2015-03-11 08:32 60416 ----a-w- c:\windows\system32\msobjs.dll 2015-03-06 05:38 . 2015-03-11 08:32 146432 ----a-w- c:\windows\system32\msaudite.dll 2015-03-06 05:36 . 2015-03-11 08:32 686080 ----a-w- c:\windows\system32\adtschema.dll 2015-03-06 05:10 . 2015-03-11 08:32 172032 ----a-w- c:\windows\SysWow64\wdigest.dll 2015-03-06 05:10 . 2015-03-11 08:32 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll 2015-03-06 05:10 . 2015-03-11 08:32 248832 ----a-w- c:\windows\SysWow64\schannel.dll 2015-03-06 05:10 . 2015-03-11 08:32 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2015-03-06 05:10 . 2015-03-11 08:32 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll 2015-03-06 05:10 . 2015-03-11 08:32 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll 2015-03-06 05:10 . 2015-03-11 08:32 550912 ----a-w- c:\windows\SysWow64\kerberos.dll 2015-03-06 05:10 . 2015-03-11 08:32 17408 ----a-w- c:\windows\SysWow64\credssp.dll 2015-03-06 05:09 . 2015-03-11 08:32 50176 ----a-w- c:\windows\SysWow64\auditpol.exe 2015-03-06 05:09 . 2015-03-11 08:32 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2015-03-06 05:07 . 2015-03-11 08:32 60416 ----a-w- c:\windows\SysWow64\msobjs.dll 2015-03-06 05:07 . 2015-03-11 08:32 146432 ----a-w- c:\windows\SysWow64\msaudite.dll 2015-03-06 05:06 . 2015-03-11 08:32 686080 ----a-w- c:\windows\SysWow64\adtschema.dll 2015-02-26 03:25 . 2015-03-11 08:32 3204096 ----a-w- c:\windows\system32\win32k.sys 2015-02-24 03:15 . 2015-03-11 08:32 389800 ----a-w- c:\windows\system32\iedkcs32.dll 2015-02-24 02:17 . 2011-07-30 09:43 295552 ------w- c:\windows\system32\MpSigStub.exe 2015-02-21 01:16 . 2015-03-11 08:32 25021440 ----a-w- c:\windows\system32\mshtml.dll 2015-02-20 23:58 . 2015-03-11 08:32 92160 ----a-w- c:\windows\system32\mshtmled.dll 2015-02-20 04:41 . 2015-03-11 08:33 41984 ----a-w- c:\windows\system32\lpk.dll 2015-02-20 04:40 . 2015-03-11 08:33 100864 ----a-w- c:\windows\system32\fontsub.dll 2015-02-20 04:40 . 2015-03-11 08:33 14336 ----a-w- c:\windows\system32\dciman32.dll 2015-02-20 04:40 . 2015-03-11 08:33 46080 ----a-w- c:\windows\system32\atmlib.dll 2015-02-20 04:13 . 2015-03-11 08:33 70656 ----a-w- c:\windows\SysWow64\fontsub.dll 2015-02-20 04:13 . 2015-03-11 08:33 10240 ----a-w- c:\windows\SysWow64\dciman32.dll 2015-02-20 04:13 . 2015-03-11 08:33 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2015-02-20 04:12 . 2015-03-11 08:33 25600 ----a-w- c:\windows\SysWow64\lpk.dll 2015-02-20 03:29 . 2015-03-11 08:33 372224 ----a-w- c:\windows\system32\atmfd.dll 2015-02-20 03:09 . 2015-03-11 08:33 299008 ----a-w- c:\windows\SysWow64\atmfd.dll 2015-02-20 03:06 . 2015-03-11 08:32 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2015-02-20 03:05 . 2015-03-11 08:32 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll 2015-02-20 02:50 . 2015-03-11 08:32 66560 ----a-w- c:\windows\system32\iesetup.dll 2015-02-20 02:49 . 2015-03-11 08:32 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll 2015-02-20 02:49 . 2015-03-11 08:32 584192 ----a-w- c:\windows\system32\vbscript.dll 2015-02-20 02:48 . 2015-03-11 08:32 2886144 ----a-w- c:\windows\system32\iertutil.dll 2015-02-20 02:47 . 2015-03-11 08:32 88064 ----a-w- c:\windows\system32\MshtmlDac.dll 2015-02-20 02:41 . 2015-03-11 08:32 54784 ----a-w- c:\windows\system32\jsproxy.dll 2015-02-20 02:40 . 2015-03-11 08:32 34304 ----a-w- c:\windows\system32\iernonce.dll 2015-02-20 02:36 . 2015-03-11 08:32 633856 ----a-w- c:\windows\system32\ieui.dll 2015-02-20 02:35 . 2015-03-11 08:32 144384 ----a-w- c:\windows\system32\ieUnatt.exe 2015-02-20 02:35 . 2015-03-11 08:32 114688 ----a-w- c:\windows\system32\ieetwcollector.exe 2015-02-20 02:34 . 2015-03-11 08:32 814080 ----a-w- c:\windows\system32\jscript9diag.dll 2015-02-20 02:32 . 2015-03-11 08:32 6035456 ----a-w- c:\windows\system32\jscript9.dll 2015-02-20 02:26 . 2015-03-11 08:32 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2015-02-20 02:22 . 2015-03-11 08:32 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb 2015-02-20 02:22 . 2015-03-11 08:32 490496 ----a-w- c:\windows\system32\dxtmsft.dll 2015-02-20 02:13 . 2015-03-11 08:32 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll 2015-02-20 02:09 . 2015-03-11 08:32 503296 ----a-w- c:\windows\SysWow64\vbscript.dll 2015-02-20 02:08 . 2015-03-11 08:32 62464 ----a-w- c:\windows\SysWow64\iesetup.dll 2015-02-20 02:08 . 2015-03-11 08:32 199680 ----a-w- c:\windows\system32\msrating.dll 2015-02-20 02:08 . 2015-03-11 08:32 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll 2015-02-20 02:06 . 2015-03-11 08:32 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll 2015-02-20 02:05 . 2015-03-11 08:32 316928 ----a-w- c:\windows\system32\dxtrans.dll 2015-02-20 01:56 . 2015-03-11 08:32 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2015-02-20 01:56 . 2015-03-11 08:32 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll 2015-02-20 01:49 . 2015-03-11 08:32 718848 ----a-w- c:\windows\system32\ie4uinit.exe 2015-02-20 01:49 . 2015-03-11 08:32 801280 ----a-w- c:\windows\system32\msfeeds.dll 2015-02-20 01:47 . 2015-03-11 08:32 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll 2015-02-20 01:46 . 2015-03-11 08:32 2125824 ----a-w- c:\windows\system32\inetcpl.cpl 2015-02-20 01:43 . 2015-03-11 08:32 14398976 ----a-w- c:\windows\system32\ieframe.dll 2015-02-20 01:41 . 2015-03-11 08:32 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll 2015-02-20 01:30 . 2015-03-11 08:32 4300288 ----a-w- c:\windows\SysWow64\jscript9.dll 2015-02-20 01:28 . 2015-03-11 08:32 2358784 ----a-w- c:\windows\system32\wininet.dll 2015-02-20 01:24 . 2015-03-11 08:32 2052608 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2015-02-20 01:23 . 2015-03-11 08:32 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2015-02-20 01:16 . 2015-03-11 08:32 1548288 ----a-w- c:\windows\system32\urlmon.dll 2015-02-20 01:03 . 2015-03-11 08:32 800768 ----a-w- c:\windows\system32\ieapfltr.dll 2015-02-20 01:01 . 2015-03-11 08:32 1888256 ----a-w- c:\windows\SysWow64\wininet.dll 2015-02-13 05:22 . 2015-03-11 08:32 14177280 ----a-w- c:\windows\system32\shell32.dll 2015-02-06 15:45 . 2012-04-03 18:33 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2015-02-06 15:45 . 2011-07-30 09:59 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2015-02-04 03:16 . 2015-03-11 08:32 465920 ----a-w- c:\windows\system32\WMPhoto.dll 2015-02-04 02:54 . 2015-03-11 08:32 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll 2015-02-03 03:34 . 2015-03-11 08:32 693176 ----a-w- c:\windows\system32\winload.efi 2015-02-03 03:34 . 2015-03-11 08:32 5554104 ----a-w- c:\windows\system32\ntoskrnl.exe 2015-02-03 03:34 . 2015-03-11 08:32 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys 2015-02-03 03:33 . 2015-03-11 08:32 616360 ----a-w- c:\windows\system32\winresume.efi 2015-02-03 03:31 . 2015-03-11 08:32 14632960 ----a-w- c:\windows\system32\wmp.dll 2015-02-03 03:31 . 2015-03-11 08:32 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{037C06D5-3893-49E8-9AC0-41F7524AFBF5}] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)] @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}" [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}] 2012-10-01 19:33 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)] @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}] 2012-10-01 19:33 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)] @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}] 2012-10-01 19:33 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-10-17 43816] "GoogleChromeAutoLaunch_35765335B3B5C680009F09F21956C5FA"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-03-30 809288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-02-13 60712] "AirPort Base Station Agent"="c:\program files (x86)\AirPort\APAgent.exe" [2009-11-11 771360] "ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2012-05-23 371896] "BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168] "ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688] "Agile1pAgent"="c:\program files (x86)\1Password 4\Agile1pAgent.exe" [2015-04-02 3803408] "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2014-09-12 3499920] . d:\gebruikers\Daan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-4-2 43382072] MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2015-1-12 576000] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 PostgreSQL_For_OpenERP;PostgreSQL_For_OpenERP - PostgreSQL Server 9.2;C:/Program Files (x86)/OpenERP 7.0-20130131-000102/PostgreSQL/bin/pg_ctl.exe runservice -N PostgreSQL_For_OpenERP -D C:/Program Files (x86)/OpenERP 7.0-20130131-000102/PostgreSQL/data -w;C:/Program Files (x86)/OpenERP 7.0-20130131-000102/PostgreSQL/bin/pg_ctl.exe runservice -N PostgreSQL_For_OpenERP -D C:/Program Files (x86)/OpenERP 7.0-20130131-000102/PostgreSQL/data -w [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x] R3 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2015\bdparentalservice.exe;c:\program files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [x] R3 bdfwfpf_pc;bdfwfpf_pc;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [x] R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys;c:\windows\SYSNATIVE\drivers\bdsandbox.sys [x] R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x] R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x] R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 MailbirdUpdater.exe;Mailbird Updater;c:\program files (x86)\Mailbird\MailbirdUpdater.exe;c:\program files (x86)\Mailbird\MailbirdUpdater.exe [x] R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x] R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;tsusbhub [x] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x] R4 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [x] R4 SQLAgent$MAMUT;SQL Server Agent (MAMUT);c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\SQLAGENT.EXE [x] S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x] S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x] S0 MDFSYSNT;MacDrive file system driver; [x] S0 MDPMGRNT;MacDrive Partition Driver;c:\windows\system32\DRIVERS\MDPMGRNT.SYS;c:\windows\SYSNATIVE\DRIVERS\MDPMGRNT.SYS [x] S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x] S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x] S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys;c:\windows\SYSNATIVE\DRIVERS\bdvedisk.sys [x] S1 CBDisk;CBDisk;c:\windows\system32\drivers\CBDisk.sys;c:\windows\SYSNATIVE\drivers\CBDisk.sys [x] S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys;c:\windows\SYSNATIVE\DRIVERS\ctxusbm.sys [x] S2 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x] S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x] S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x] S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x] S2 chromoting;Chrome Remote Desktop Service;c:\program files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe;c:\program files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [x] S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [x] S2 M4LIC;Mediafour M4LIC service;c:\program files (x86)\Common Files\Mediafour\M4LIC.EXE;c:\program files (x86)\Common Files\Mediafour\M4LIC.EXE [x] S2 MacDrive8Service;MacDrive 8 service;c:\program files\Mediafour\MacDrive 8\MacDrive8Service.exe;c:\program files\Mediafour\MacDrive 8\MacDrive8Service.exe [x] S2 MamutSyncService;Mamut Synchronization Service;c:\program files (x86)\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe;c:\program files (x86)\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe [x] S2 MSSQL$MAMUT;SQL Server (MAMUT);c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe [x] S2 MSSQL$PAPEXPRESS;SQL Server (PAPEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [x] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x] S2 TabletServiceWacom;TabletServiceWacom;c:\program files\Tablet\Wacom\Wacom_Tablet.exe;c:\program files\Tablet\Wacom\Wacom_Tablet.exe [x] S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x] S3 busenum;Synology Virtual USB Hub;c:\windows\system32\DRIVERS\busenum.sys;c:\windows\SYSNATIVE\DRIVERS\busenum.sys [x] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x] S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-04-04 18:12 1061704 ----a-w- c:\program files (x86)\Google\Chrome\Application\41.0.2272.118\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2015-04-11 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 15:45] . 2015-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 17:53] . 2015-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 17:53] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{037C06D5-3893-49E8-9AC0-41F7524AFBF5}] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)] @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}" [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}] 2012-10-01 19:47 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)] @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}] 2012-10-01 19:47 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)] @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}] 2012-10-01 19:47 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- d:\gebruikers\Daan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1] @="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}" [HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}] 2014-07-04 16:58 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2] @="{342DAA0B-D796-460D-8566-901E08A1CCAD}" [HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}] 2014-07-04 16:58 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3] @="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}" [HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}] 2014-07-04 16:58 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4] @="{33816773-98AE-4723-ADE0-EBE54C8B5A67}" [HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}] 2014-07-04 16:58 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MacDrive 8 application"="c:\program files\Mediafour\MacDrive 8\MacDrive.exe" [2010-02-04 345688] "Getting started with MacDrive 8"="c:\program files\Mediafour\MacDrive 8\MDGetStarted.exe" [2009-03-31 151040] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-02-13 169768] "Bdagent"="c:\program files\Bitdefender\Bitdefender 2015\bdagent.exe" [2015-03-17 1691112] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = about:blank mStart Page = about:blank mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105 IE: {{35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - {67C241CC-D372-4BC0-BA82-12652D200F0C} - c:\progra~2\1PASSW~1\x86\AGILE1~1.DLL TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{344C265B-1EE9-44B7-91FA-F2D75758ADDF}: NameServer = 208.67.222.222,208.67.220.220 Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL . . ------- Bestandsassociaties ------- . inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1 txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1 . - - - - ORPHANS VERWIJDERD - - - - . URLSearchHooks-{66bd2442-241b-44cd-8c7a-b51037053cdb} - (no file) Wow6432Node-HKCU-Run-AdobeBridge - (no file) Wow6432Node-HKLM-Run- - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start WebBrowser-{66BD2442-241B-44CD-8C7A-B51037053CDB} - (no file) ShellIconOverlayIdentifiers-MacDrive volume icons - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PostgreSQL_For_OpenERP] "ImagePath"="C:/Program Files (x86)/OpenERP 7.0-20130131-000102/PostgreSQL/bin/pg_ctl.exe runservice -N \"PostgreSQL_For_OpenERP\" -D \"C:/Program Files (x86)/OpenERP 7.0-20130131-000102/PostgreSQL/data\" -w" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL] "ImagePath"="\"c:\mysql\bin\mysqld\" --defaults-file=\"c:\mysql\my.ini\" MySQL" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PostgreSQL_For_OpenERP] "ImagePath"="C:/Program Files (x86)/OpenERP 7.0-20130131-000102/PostgreSQL/bin/pg_ctl.exe runservice -N \"PostgreSQL_For_OpenERP\" -D \"C:/Program Files (x86)/OpenERP 7.0-20130131-000102/PostgreSQL/data\" -w" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.16" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*] "Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d, bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\ "Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d, bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\ "Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d, bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\ "Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d, bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\BDSandBox\Daan\machine\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="!shallow!" . [HKEY_LOCAL_MACHINE\SYSTEM\BDSandBox\Daan\machine\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="!shallow!" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2015-04-11 16:43:32 ComboFix-quarantined-files.txt 2015-04-11 14:43 . Pre-Run: 39.506.231.296 bytes beschikbaar Post-Run: 39.179.358.208 bytes beschikbaar . - - End Of File - - FE05E1353AEC30A9B655F5E4E19AEDF7 FF1761EF7140665743A6D636F95DFD81