ComboFix 15-04-28.01 - gebruiker 29-04-2015  15:18:29.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.31.1043.18.1783.971 [GMT 2:00]
Gestart vanuit: c:\users\gebruiker\Downloads\ComboFix.exe
gebruikte Opdracht switches :: c:\users\gebruiker\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
	/wow section - STAGE 6A
Het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
Het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
Het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
Het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
Het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
Het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
Het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
Het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2015-03-28 to 2015-04-29  ))))))))))))))))))))))))))))))
.
.
2015-04-29 13:51 . 2015-04-29 13:51	--------	d-----w-	c:\users\marga\AppData\Local\temp
2015-04-29 13:51 . 2015-04-29 13:51	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-04-24 11:33 . 2015-04-24 11:33	--------	d-----w-	c:\users\gebruiker\AppData\Roaming\Windows Live Writer
2015-04-21 08:59 . 2015-04-21 08:59	--------	d-s---w-	c:\windows\system32\CompatTel
2015-04-21 08:59 . 2015-04-21 08:59	--------	d-----w-	c:\windows\system32\appraiser
2015-04-20 08:40 . 2015-03-23 03:25	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-04-20 08:39 . 2015-02-25 03:18	754688	----a-w-	c:\windows\system32\drivers\http.sys
2015-04-20 08:38 . 2015-03-04 04:55	367552	----a-w-	c:\windows\system32\clfs.sys
2015-04-20 08:38 . 2015-03-04 04:41	79360	----a-w-	c:\windows\system32\clfsw32.dll
2015-04-20 08:38 . 2015-03-04 04:10	58880	----a-w-	c:\windows\SysWow64\clfsw32.dll
2015-04-20 07:52 . 2015-04-20 07:52	--------	d-----w-	c:\users\gebruiker\AppData\Local\ElevatedDiagnostics
2015-04-19 08:56 . 2015-04-19 08:56	--------	d--h--w-	c:\programdata\CanonIJQTB
2015-04-19 08:16 . 2015-04-19 06:54	24064	----a-w-	c:\windows\zoek-delete.exe
2015-04-19 08:16 . 2015-04-29 13:51	--------	d-----w-	c:\users\gebruiker\AppData\Local\Temp
2015-04-16 09:00 . 2015-04-16 09:01	--------	d-----w-	c:\program files\paint.net
2015-04-16 08:59 . 2015-04-16 09:11	--------	d-----w-	c:\users\gebruiker\AppData\Local\paint.net
2015-04-16 08:43 . 2015-04-16 08:43	--------	d-----w-	c:\windows\Migration
2015-04-16 08:01 . 2015-04-16 08:01	18178736	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-04-14 07:24 . 2015-04-14 11:23	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-04-13 11:55 . 2015-04-14 07:24	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-13 11:55 . 2015-04-14 07:23	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-04-13 11:55 . 2014-11-21 04:14	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-04-13 11:55 . 2015-04-13 11:56	--------	d-----w-	c:\program files (x86)\Malwarebytes Anti-Malware
2015-04-13 11:55 . 2014-11-21 04:14	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-04-13 08:27 . 2015-04-13 08:28	--------	d--h--w-	c:\programdata\CanonIJScan
2015-04-13 08:27 . 2015-04-13 08:27	--------	d-----w-	c:\users\gebruiker\AppData\Roaming\Canon
2015-04-12 18:44 . 2014-05-01 14:04	337408	----a-w-	c:\windows\SysWow64\CNC_CCL.dll
2015-04-12 18:44 . 2008-08-25 16:02	15872	----a-w-	c:\windows\SysWow64\CNHMCA.dll
2015-04-12 18:43 . 2015-04-12 18:43	--------	d--h--w-	c:\programdata\CanonIJFAX
2015-04-12 18:42 . 2015-04-12 18:43	--------	d-----w-	c:\windows\system32\STRING
2015-04-12 18:42 . 2014-03-17 19:15	39424	----a-w-	c:\windows\system32\CNMN6UI.DLL
2015-04-12 18:42 . 2014-03-17 19:15	375296	----a-w-	c:\windows\system32\CNMN6PPM.DLL
2015-04-12 18:42 . 2014-03-17 19:15	380928	----a-w-	c:\windows\SysWow64\CNMNPPM.DLL
2015-04-12 18:42 . 2015-04-12 18:42	--------	d-----w-	c:\programdata\CanonIJWSpt
2015-04-12 18:40 . 2015-04-12 18:41	--------	d-----w-	c:\program files\Canon
2015-04-12 18:38 . 2015-04-12 18:38	--------	d--h--w-	c:\programdata\CanonBJ
2015-04-12 18:38 . 2014-04-23 03:00	30208	----a-w-	c:\windows\system32\Spool\prtprocs\x64\CNMPDCC.DLL
2015-04-12 18:38 . 2014-04-23 03:00	102912	----a-w-	c:\windows\system32\Spool\prtprocs\x64\CNMPPCC.DLL
2015-04-12 18:38 . 2014-04-23 03:00	406016	----a-w-	c:\windows\system32\CNMLMCC.DLL
2015-04-12 18:37 . 2014-04-28 03:00	303104	----a-w-	c:\windows\system32\CNCALCC.DLL
2015-04-12 18:22 . 2015-04-12 18:22	--------	d--h--w-	c:\programdata\CanonIJETV
2015-04-12 18:21 . 2015-04-12 19:14	--------	d-----w-	c:\program files (x86)\Canon
2015-04-09 19:01 . 2015-04-09 19:22	--------	d-----w-	c:\users\gebruiker\AppData\Roaming\Dropbox
2015-04-09 18:50 . 2015-04-09 18:50	--------	d-----w-	c:\users\gebruiker\AppData\Roaming\AVAST Software
2015-04-09 18:48 . 2015-04-09 18:47	88408	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2015-04-09 18:48 . 2015-04-09 18:47	65736	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2015-04-09 18:48 . 2015-04-09 18:47	442264	----a-w-	c:\windows\system32\drivers\aswSP.sys
2015-04-09 18:48 . 2015-04-09 18:47	271200	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2015-04-09 18:48 . 2015-04-09 18:47	136752	----a-w-	c:\windows\system32\drivers\aswStm.sys
2015-04-09 18:48 . 2015-04-09 18:47	29168	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2015-04-09 18:48 . 2015-04-09 18:47	93528	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2015-04-09 18:48 . 2015-04-09 18:47	1047320	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2015-04-09 18:48 . 2015-04-09 18:47	364472	----a-w-	c:\windows\system32\aswBoot.exe
2015-04-09 18:47 . 2015-04-09 18:47	43112	----a-w-	c:\windows\avastSS.scr
2015-04-09 18:45 . 2015-04-09 18:45	--------	d-----w-	c:\program files\AVAST Software
2015-04-09 18:44 . 2015-04-09 18:44	--------	d-----w-	c:\programdata\AVAST Software
2015-04-07 09:23 . 2015-04-07 09:23	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-04-07 09:23 . 2015-04-07 09:22	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-07 09:22 . 2015-04-07 09:22	--------	d-----w-	c:\programdata\Oracle
2015-04-05 18:33 . 2015-04-22 08:40	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2015-04-05 16:25 . 2015-04-05 16:25	--------	d-s---w-	c:\windows\SysWow64\GWX
2015-04-05 16:25 . 2015-04-05 16:26	--------	d-s---w-	c:\windows\system32\GWX
2015-04-04 15:31 . 2015-04-04 17:50	--------	d-----w-	C:\zoek_backup
2015-04-04 08:02 . 2015-04-04 08:02	--------	d-----w-	c:\program files\trend micro
2015-04-04 08:02 . 2015-04-04 08:03	--------	d-----w-	C:\rsit
2015-04-04 07:35 . 2015-04-04 07:35	--------	d-----w-	c:\program files\CCleaner
2015-04-03 14:21 . 2015-04-03 14:21	--------	d-----w-	c:\program files\Speccy
2015-04-01 01:05 . 2014-06-27 02:08	2777088	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2015-04-01 01:05 . 2014-06-27 01:45	2285056	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2015-03-31 20:48 . 2014-06-24 03:29	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2015-03-31 20:48 . 2014-06-24 02:59	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2015-03-31 20:46 . 2015-03-31 20:46	--------	d-----w-	c:\users\gebruiker\AppData\Roaming\TuneUp Software
2015-03-31 20:43 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDYAK.DLL
2015-03-31 20:43 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDTAT.DLL
2015-03-31 20:43 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDRU1.DLL
2015-03-31 20:43 . 2014-07-09 02:03	6656	----a-w-	c:\windows\system32\KBDRU.DLL
2015-03-31 20:43 . 2014-07-09 02:03	7168	----a-w-	c:\windows\system32\KBDBASH.DLL
2015-03-31 20:43 . 2014-07-09 01:31	7168	----a-w-	c:\windows\SysWow64\KBDYAK.DLL
2015-03-31 20:43 . 2014-07-09 01:31	6656	----a-w-	c:\windows\SysWow64\KBDBASH.DLL
2015-03-31 20:43 . 2013-11-22 22:48	3928064	----a-w-	c:\windows\system32\d2d1.dll
2015-03-31 20:43 . 2013-11-26 08:16	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
2015-03-31 19:45 . 2015-03-23 00:32	12002392	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{10549903-1350-4633-AAED-E76BB289392D}\mpengine.dll
2015-03-31 15:41 . 2015-03-31 15:41	--------	d-sh--w-	c:\users\gebruiker\AppData\Local\EmieUserList
2015-03-31 15:41 . 2015-03-31 15:41	--------	d-sh--w-	c:\users\gebruiker\AppData\Local\EmieSiteList
2015-03-31 15:41 . 2015-03-31 15:41	--------	d-sh--w-	c:\users\gebruiker\AppData\Local\EmieBrowserModeList
2015-03-31 10:03 . 2015-02-03 03:31	1424896	----a-w-	c:\windows\system32\WindowsCodecs.dll
2015-03-31 10:03 . 2015-02-03 03:12	1230848	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2015-03-31 10:03 . 2015-02-04 03:16	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2015-03-31 10:03 . 2015-02-04 02:54	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2015-03-31 08:57 . 2013-10-14 16:00	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2015-03-31 07:39 . 2015-03-31 07:39	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-03-31 05:16 . 2012-07-26 07:49	2560	----a-w-	c:\windows\system32\drivers\nl-NL\wdf01000.sys.mui
2015-03-31 02:32 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2015-03-31 02:32 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2015-03-31 02:32 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2015-03-31 02:32 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2015-03-31 02:32 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2015-03-31 02:32 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2015-03-31 02:32 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2015-03-31 01:54 . 2015-04-21 08:06	--------	d-----w-	c:\windows\system32\MRT
2015-03-31 01:10 . 2014-03-09 21:48	171160	----a-w-	c:\windows\system32\infocardapi.dll
2015-03-31 01:10 . 2014-03-09 21:47	99480	----a-w-	c:\windows\SysWow64\infocardapi.dll
2015-03-31 01:10 . 2014-03-09 21:48	1389208	----a-w-	c:\windows\system32\icardagt.exe
2015-03-31 01:10 . 2014-03-09 21:47	619672	----a-w-	c:\windows\SysWow64\icardagt.exe
2015-03-31 01:10 . 2014-06-30 22:24	8856	----a-w-	c:\windows\system32\icardres.dll
2015-03-31 01:10 . 2014-06-30 22:14	8856	----a-w-	c:\windows\SysWow64\icardres.dll
2015-03-31 01:10 . 2014-06-06 06:16	35480	----a-w-	c:\windows\SysWow64\TsWpfWrp.exe
2015-03-31 01:10 . 2014-06-06 06:12	35480	----a-w-	c:\windows\system32\TsWpfWrp.exe
2015-03-30 22:28 . 2015-01-09 03:14	91136	----a-w-	c:\windows\system32\wdi.dll
2015-03-30 22:28 . 2015-01-09 03:14	950272	----a-w-	c:\windows\system32\perftrack.dll
2015-03-30 22:28 . 2015-01-09 03:14	29696	----a-w-	c:\windows\system32\powertracker.dll
2015-03-30 22:28 . 2015-01-09 02:48	76800	----a-w-	c:\windows\SysWow64\wdi.dll
2015-03-30 22:21 . 2014-12-11 17:47	52736	----a-w-	c:\windows\system32\TSWbPrxy.exe
2015-03-30 22:18 . 2014-06-03 10:02	1719296	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2015-03-30 22:18 . 2014-06-03 10:02	1354240	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-03-30 22:18 . 2014-06-03 10:02	1389568	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2015-03-30 22:18 . 2014-06-03 10:02	1380864	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2015-03-30 22:18 . 2014-06-03 09:29	936960	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2015-03-30 22:18 . 2014-04-25 02:34	801280	----a-w-	c:\windows\system32\usp10.dll
2015-03-30 22:18 . 2014-04-25 02:06	626688	----a-w-	c:\windows\SysWow64\usp10.dll
2015-03-30 22:18 . 2014-08-01 11:53	1031168	----a-w-	c:\windows\system32\TSWorkspace.dll
2015-03-30 22:18 . 2014-08-01 11:35	793600	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2015-03-30 22:14 . 2014-12-19 03:06	210432	----a-w-	c:\windows\system32\profsvc.dll
2015-03-30 22:14 . 2014-06-18 22:23	73880	----a-w-	c:\windows\system32\mscories.dll
2015-03-30 22:14 . 2014-06-18 22:23	1943696	----a-w-	c:\windows\system32\dfshim.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-21 07:47 . 2011-09-02 14:14	128913832	----a-w-	c:\windows\system32\MRT.exe
2015-04-16 08:01 . 2012-07-09 21:09	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-16 08:01 . 2012-07-09 21:09	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-17 04:56 . 2015-04-20 08:40	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-03-11 15:04 . 2013-01-12 14:49	535576	----a-w-	c:\windows\system32\drivers\RapportKE64.sys
2015-02-24 02:17 . 2010-11-21 03:27	295552	------w-	c:\windows\system32\MpSigStub.exe
2015-02-17 13:26 . 2015-02-17 13:26	1217184	----a-w-	c:\windows\SysWow64\FM20.DLL
2015-02-04 10:23 . 2015-02-04 10:23	875688	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-04 10:13 . 2015-02-04 10:13	869536	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2014-05-29 10:04 . 2014-05-29 10:03	27093992	----a-w-	c:\program files (x86)\Common Files\lpuninstall.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-03-13 7451928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-03-07 335232]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-04-09 5512912]
"CanonQuickToolbox"="c:\program files (x86)\Canon\Quick Toolbox\cnqtbapp.exe" [2014-05-13 1854544]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2014-01-15 438888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 cpuz138;cpuz138;c:\users\GEBRUI~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys;c:\users\GEBRUI~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RapportKE64;RapportKE64;c:\windows\system32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\RapportKE64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTMouseFilterx64.sys [x]
R3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVHidMiniVistaAmd64.sys [x]
R3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVTabletPCx64.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 RapportCerberus_80128;RapportCerberus_80128;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [x]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 lxdp_device;lxdp_device;c:\windows\system32\lxdpcoms.exe;c:\windows\SYSNATIVE\lxdpcoms.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - RAPPORTIASO
*NewlyCreated* - WS2IFSL
*Deregistered* - RapportIaso
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-18 07:24	988488	----a-w-	c:\program files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2015-04-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-09 08:01]
.
2015-04-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-369559010-3167483839-1072793060-1000Core.job
- c:\users\marga\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-15 17:58]
.
2015-04-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-369559010-3167483839-1072793060-1000UA.job
- c:\users\marga\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-15 17:58]
.
2015-04-29 c:\windows\Tasks\G2MUpdateTask-S-1-5-21-369559010-3167483839-1072793060-1007.job
- c:\users\gebruiker\AppData\Local\Citrix\GoToMeeting\2553\g2mupdate.exe [2015-04-13 10:27]
.
2015-04-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-10 09:42]
.
2015-04-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-10 09:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2015-02-11 14:13	997536	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2015-02-11 14:13	997536	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2015-02-11 14:13	997536	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-02 18:38	184856	----a-w-	c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-02 18:38	184856	----a-w-	c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-02 18:38	184856	----a-w-	c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-02 18:38	184856	----a-w-	c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-02 18:38	184856	----a-w-	c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-02 18:38	184856	----a-w-	c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-02 18:38	184856	----a-w-	c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-04-02 18:38	184856	----a-w-	c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-04-09 18:47	722400	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-23 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-23 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-23 415256]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-05 860040]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Verzenden naar OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: SafeKey - file://c:\users\gebruiker\AppData\LocalLow\SafeKey\context.html?cmd=lastpass
IE: SafeKey Fill Forms - file://c:\users\gebruiker\AppData\LocalLow\SafeKey\context.html?cmd=fillforms
TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
FF - ProfilePath - c:\users\gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\4kstka23.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: network.proxy.ftp - 10.128.16.115
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 10.128.16.115
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 10.128.16.115
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 10.128.16.115
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{7f51bdb9-ee21-49ee-94d6-90afc321780e} - c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2015-04-29  16:06:17
ComboFix-quarantined-files.txt  2015-04-29 14:06
ComboFix2.txt  2015-04-27 19:23
.
Pre-Run: 120.425.992.192 bytes beschikbaar
Post-Run: 120.102.313.984 bytes beschikbaar
.
- - End Of File - - EF1FDC229B8D2D1990CC308D9CF6250F