
ComboFix 15-05-13.01 - jan 13-05-2015  20:04:24.1.2 - x64
Microsoft Windows 7 Enterprise   6.1.7601.1.1252.31.1043.18.1977.183 [GMT 2:00]
Gestart vanuit: c:\users\jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NBJ8JOJE\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2015-04-13 to 2015-05-13  ))))))))))))))))))))))))))))))
.
.
2015-05-13 17:43 . 2015-05-13 17:43	--------	d-----w-	c:\program files (x86)\Cisco
2015-05-13 17:43 . 2014-01-10 02:22	2978520	----a-r-	c:\windows\system32\drivers\rtwlanu.sys
2015-05-13 17:43 . 2012-02-14 17:37	594432	----a-w-	c:\windows\system32\Rtlihvs.dll
2015-05-13 17:42 . 2007-04-26 12:05	100000	----a-w-	c:\windows\SysWow64\EAPPkt9x.VXD
2015-05-13 17:42 . 2001-09-26 09:03	12981	----a-w-	c:\windows\SysWow64\REALPKT.VXD
2015-05-13 17:42 . 2009-03-31 12:31	380928	----a-w-	c:\windows\RtlUI2.exe
2015-05-13 17:42 . 2013-10-18 14:42	48856	----a-w-	c:\windows\runSW.exe
2015-05-13 17:42 . 2008-07-01 10:31	614400	----a-w-	c:\windows\SysWow64\Rtlihvs.dll
2015-05-13 17:42 . 2013-12-05 12:39	454360	----a-w-	c:\windows\SwUSB.exe
2015-05-13 17:42 . 2015-05-13 17:42	--------	d-----w-	c:\program files (x86)\REALTEK
2015-05-13 17:42 . 2010-12-01 07:31	451072	----a-w-	c:\windows\SysWow64\ISSRemoveSP.exe
2015-05-11 18:49 . 2015-05-11 18:52	--------	d-----w-	c:\windows\system32\catroot2
2015-05-11 17:08 . 2015-05-11 19:42	--------	d-----w-	c:\users\jan\AppData\Roaming\uTorrent
2015-05-11 16:28 . 2015-04-04 06:25	12032440	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C3FBE7C2-F657-41DC-8F5A-88CF831BFAC6}\mpengine.dll
2015-05-10 09:48 . 2015-05-10 09:48	--------	d-----w-	c:\users\jan\AppData\Roaming\Lavasoft
2015-05-10 09:48 . 2015-05-10 09:48	--------	d-----w-	c:\users\jan\AppData\Roaming\OpenCandy
2015-05-10 09:48 . 2015-05-10 09:48	--------	d-----w-	c:\program files (x86)\Magical Jelly Bean
2015-05-10 08:25 . 2015-04-04 06:25	12032440	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-05-08 07:13 . 2015-05-13 18:12	--------	d-----w-	c:\users\jan\AppData\Local\Temp
2015-05-08 07:13 . 2015-05-08 06:57	24064	----a-w-	c:\windows\zoek-delete.exe
2015-05-02 18:24 . 2015-05-02 18:24	70144	----a-w-	c:\windows\SysWow64\tasks.dll
2015-05-01 15:41 . 2015-05-01 15:41	--------	d-----w-	c:\program files (x86)\AFC Secure Net
2015-05-01 08:48 . 2015-05-01 08:48	--------	d-----w-	c:\users\lianne\AppData\Local\Google
2015-05-01 08:24 . 2015-03-14 03:21	82944	----a-w-	c:\windows\system32\dwmapi.dll
2015-05-01 08:24 . 2015-03-14 03:21	1632768	----a-w-	c:\windows\system32\dwmcore.dll
2015-05-01 08:24 . 2015-03-14 03:04	67584	----a-w-	c:\windows\SysWow64\dwmapi.dll
2015-05-01 08:24 . 2015-03-14 03:04	1372160	----a-w-	c:\windows\SysWow64\dwmcore.dll
2015-04-30 17:28 . 2015-01-29 03:19	2543104	----a-w-	c:\windows\system32\wpdshext.dll
2015-04-30 17:28 . 2015-01-29 03:02	2311168	----a-w-	c:\windows\SysWow64\wpdshext.dll
2015-04-30 17:28 . 2015-02-18 07:06	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
2015-04-30 17:28 . 2015-02-18 07:04	142336	----a-w-	c:\windows\system32\poqexec.exe
2015-04-30 17:27 . 2015-03-04 04:41	72192	----a-w-	c:\windows\system32\aelupsvc.dll
2015-04-30 17:27 . 2015-03-04 04:41	342016	----a-w-	c:\windows\system32\apphelp.dll
2015-04-30 17:27 . 2015-03-04 04:10	295936	----a-w-	c:\windows\SysWow64\apphelp.dll
2015-04-30 17:27 . 2015-03-04 04:41	23552	----a-w-	c:\windows\system32\sdbinst.exe
2015-04-30 17:27 . 2015-03-04 04:41	6656	----a-w-	c:\windows\system32\shimeng.dll
2015-04-30 17:27 . 2015-03-04 04:11	5120	----a-w-	c:\windows\SysWow64\shimeng.dll
2015-04-30 17:27 . 2015-03-04 04:10	20992	----a-w-	c:\windows\SysWow64\sdbinst.exe
2015-04-30 14:11 . 2015-04-30 15:30	--------	d-----w-	c:\users\jan\AppData\Roaming\Belastingdienst
2015-04-30 14:10 . 2015-04-30 14:10	--------	d-----w-	c:\program files (x86)\Belastingdienst
2015-04-27 16:05 . 2015-04-27 16:05	--------	d-----w-	c:\users\monique\AppData\Roaming\SumatraPDF
2015-04-27 16:03 . 2015-04-27 16:03	--------	d-----w-	c:\users\monique\AppData\Local\Adobe
2015-04-22 19:07 . 2015-05-10 12:33	--------	d-----w-	c:\users\jan\AppData\Local\Popcorn-Time
2015-04-22 19:06 . 2015-04-28 12:30	--------	d-----w-	c:\users\jan\AppData\Local\Popcorn Time
2015-04-19 09:28 . 2013-07-12 20:57	539648	----a-w-	c:\windows\SysWow64\LblCtlsU.ocx
2015-04-19 09:28 . 2013-04-05 11:55	476160	----a-w-	c:\windows\SysWow64\TabStripCtlU.ocx
2015-04-19 09:28 . 2013-03-03 12:37	1061888	----a-w-	c:\windows\SysWow64\ExLvwU.ocx
2015-04-19 09:28 . 2013-09-01 10:59	1103872	----a-w-	c:\windows\SysWow64\CBLCtlsU.ocx
2015-04-19 09:28 . 2013-07-13 10:15	805376	----a-w-	c:\windows\SysWow64\EditCtlsU.ocx
2015-04-19 09:28 . 2013-03-28 21:13	645632	----a-w-	c:\windows\SysWow64\BtnCtlsU.ocx
2015-04-19 08:52 . 2015-04-19 08:52	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2015-04-19 08:50 . 2009-07-14 01:41	101376	----a-w-	c:\windows\system32\Spool\prtprocs\x64\HPZPPWN7.DLL
2015-04-19 08:49 . 1999-05-06 22:00	140288	----a-w-	c:\windows\SysWow64\comdlg32.OCX
2015-04-19 08:37 . 2015-04-19 08:37	--------	d-----w-	c:\programdata\GlarySoft
2015-04-18 09:26 . 2013-04-09 23:34	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2015-04-18 09:26 . 2013-04-02 22:51	1643520	----a-w-	c:\windows\system32\DWrite.dll
2015-04-18 08:10 . 2015-04-18 08:10	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-04-17 15:45 . 2015-04-17 15:45	--------	d-----r-	c:\users\jan\AppData\Roaming\Brother
2015-04-17 11:14 . 2015-04-17 11:14	--------	d-----w-	c:\program files\VideoLAN
2015-04-17 11:11 . 2015-05-12 05:17	--------	d-----w-	c:\users\jan\AppData\Roaming\GlarySoft
2015-04-17 11:11 . 2015-04-28 15:17	20160	----a-w-	c:\windows\system32\drivers\GUBootStartup.sys
2015-04-17 11:11 . 2015-05-13 17:52	--------	d-----w-	c:\program files (x86)\Glary Utilities 5
2015-04-17 10:03 . 2015-03-04 04:55	367552	----a-w-	c:\windows\system32\clfs.sys
2015-04-17 10:03 . 2015-03-04 04:41	79360	----a-w-	c:\windows\system32\clfsw32.dll
2015-04-17 10:03 . 2015-03-04 04:10	58880	----a-w-	c:\windows\SysWow64\clfsw32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-18 09:35 . 2014-04-01 07:37	128913832	----a-w-	c:\windows\system32\MRT.exe
2015-04-18 08:09 . 2015-04-03 17:13	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-15 15:29 . 2014-04-01 07:25	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-15 15:29 . 2014-04-01 07:25	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-26 09:33 . 2015-04-02 11:54	1187344	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BDDAE1B7-6EF9-4929-940D-2694FB1B8C1A}\gapaengine.dll
2015-03-26 09:33 . 2014-04-04 16:43	1187344	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-03-25 03:24 . 2015-04-11 09:13	98304	----a-w-	c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-11 09:13	37376	----a-w-	c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-11 09:13	35328	----a-w-	c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-11 09:13	3298816	----a-w-	c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-11 09:13	2553856	----a-w-	c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-11 09:13	191488	----a-w-	c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-11 09:13	696320	----a-w-	c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-11 09:13	60416	----a-w-	c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-11 09:13	12288	----a-w-	c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-11 09:13	36864	----a-w-	c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-11 09:13	135168	----a-w-	c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-11 09:13	92672	----a-w-	c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-11 09:13	566784	----a-w-	c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-11 09:13	29696	----a-w-	c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-11 09:13	173056	----a-w-	c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-11 09:13	33792	----a-w-	c:\windows\SysWow64\wuapp.exe
2015-03-23 03:25 . 2015-04-08 08:18	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-03-23 03:25 . 2015-04-08 08:18	769536	----a-w-	c:\windows\system32\invagent.dll
2015-03-23 03:24 . 2015-04-08 08:18	419840	----a-w-	c:\windows\system32\devinv.dll
2015-03-23 03:24 . 2015-04-08 08:18	957952	----a-w-	c:\windows\system32\appraiser.dll
2015-03-23 03:24 . 2015-04-08 08:18	30720	----a-w-	c:\windows\system32\acmigration.dll
2015-03-23 03:24 . 2015-04-08 08:18	192000	----a-w-	c:\windows\system32\aepic.dll
2015-03-23 03:24 . 2015-04-08 08:18	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-03-23 03:17 . 2015-04-08 08:18	1111552	----a-w-	c:\windows\system32\aeinv.dll
2015-03-17 04:56 . 2015-04-17 10:06	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-03-16 20:43 . 2015-03-16 20:43	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2015-03-16 20:43 . 2015-03-16 20:43	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-03-16 20:43 . 2015-03-16 20:43	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2015-03-16 20:43 . 2015-03-16 20:43	235008	----a-w-	c:\windows\system32\elshyph.dll
2015-03-16 20:43 . 2015-03-16 20:43	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2015-03-16 20:43 . 2015-03-16 20:43	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2015-03-16 20:43 . 2015-03-16 20:43	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2015-03-16 20:43 . 2015-03-16 20:43	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2015-03-16 20:43 . 2015-03-16 20:43	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2015-03-16 20:43 . 2015-03-16 20:43	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2015-03-16 20:43 . 2015-03-16 20:43	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2015-03-16 20:43 . 2015-03-16 20:43	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2015-03-16 20:43 . 2015-03-16 20:43	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2015-03-16 20:43 . 2015-03-16 20:43	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2015-03-16 20:43 . 2015-03-16 20:43	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2015-03-16 20:43 . 2015-03-16 20:43	942592	----a-w-	c:\windows\system32\jsIntl.dll
2015-03-16 20:43 . 2015-03-16 20:43	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2015-03-16 20:43 . 2015-03-16 20:43	247808	----a-w-	c:\windows\system32\msls31.dll
2015-03-16 20:43 . 2015-03-16 20:43	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2015-03-16 20:43 . 2015-03-16 20:43	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2015-03-16 20:43 . 2015-03-16 20:43	48640	----a-w-	c:\windows\system32\mshtmler.dll
2015-03-16 20:43 . 2015-03-16 20:43	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2015-03-16 20:43 . 2015-03-16 20:43	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2015-03-16 20:43 . 2015-03-16 20:43	105984	----a-w-	c:\windows\system32\iesysprep.dll
2015-03-16 20:43 . 2015-03-16 20:43	81408	----a-w-	c:\windows\system32\icardie.dll
2015-03-16 20:43 . 2015-03-16 20:43	77312	----a-w-	c:\windows\system32\tdc.ocx
2015-03-16 20:43 . 2015-03-16 20:43	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2015-03-16 20:43 . 2015-03-16 20:43	30208	----a-w-	c:\windows\system32\licmgr10.dll
2015-03-16 20:43 . 2015-03-16 20:43	243200	----a-w-	c:\windows\system32\webcheck.dll
2015-03-16 20:43 . 2015-03-16 20:43	235520	----a-w-	c:\windows\system32\url.dll
2015-03-16 20:43 . 2015-03-16 20:43	167424	----a-w-	c:\windows\system32\iexpress.exe
2015-03-16 20:43 . 2015-03-16 20:43	143872	----a-w-	c:\windows\system32\wextract.exe
2015-03-16 20:43 . 2015-03-16 20:43	101376	----a-w-	c:\windows\system32\inseng.dll
2015-03-16 20:43 . 2015-03-16 20:43	62464	----a-w-	c:\windows\system32\pngfilt.dll
2015-03-16 20:43 . 2015-03-16 20:43	147968	----a-w-	c:\windows\system32\occache.dll
2015-03-16 20:43 . 2015-03-16 20:43	13824	----a-w-	c:\windows\system32\mshta.exe
2015-03-16 20:43 . 2015-03-16 20:43	774144	----a-w-	c:\windows\system32\jscript.dll
2015-03-16 20:43 . 2015-03-16 20:43	48128	----a-w-	c:\windows\system32\imgutil.dll
2015-03-16 20:43 . 2015-03-16 20:43	135680	----a-w-	c:\windows\system32\iepeers.dll
2015-03-16 20:39 . 2015-03-16 20:39	878080	----a-w-	c:\windows\system32\advapi32.dll
2015-03-16 20:39 . 2015-03-16 20:39	859648	----a-w-	c:\windows\system32\tdh.dll
2015-03-16 20:39 . 2015-03-16 20:39	640512	----a-w-	c:\windows\SysWow64\advapi32.dll
2015-03-16 20:39 . 2015-03-16 20:39	619520	----a-w-	c:\windows\SysWow64\tdh.dll
2015-03-16 20:37 . 2015-03-16 20:37	327168	----a-w-	c:\windows\system32\mswsock.dll
2015-03-16 20:37 . 2015-03-16 20:37	231424	----a-w-	c:\windows\SysWow64\mswsock.dll
2015-03-16 20:34 . 2015-03-16 20:34	9728	----a-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	9728	----a-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	5632	----a-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	5632	----a-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	5632	----a-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	5632	----a-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	4096	----a-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	4096	----a-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	3072	----a-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	3072	----a-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	3072	----a-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	3072	----a-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	2560	----a-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	3584	----a-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2015-03-16 20:34 . 2015-03-16 20:34	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2015-03-16 20:34 . 2015-03-16 20:34	3584	----a-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	2560	----a-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2015-03-16 20:34 . 2015-03-16 20:34	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2015-03-16 20:34 . 2015-03-16 20:34	10752	----a-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	10752	----a-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-03-16 20:34 . 2015-03-16 20:34	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2015-03-16 20:34 . 2015-03-16 20:34	363008	----a-w-	c:\windows\system32\dxgi.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GUDelayStartup"="c:\program files (x86)\Glary Utilities 5\StartupManager.exe" [2015-05-11 37152]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-04-23 8204056]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk * 
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 RTLDHCPService;Realtek DHCP Service;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe [x]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
S2 RealtekWlanU;RealtekWlanU;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [x]
S2 RunSwUSB;RunSwUSB;c:\windows\runSW.exe;c:\windows\runSW.exe [x]
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2015-05-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-01 15:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-01-30 1332296]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-01-06 418336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-01-06 387616]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-01-06 163360]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.nl/
uInternet Settings,ProxyServer = 127.0.0.1:8118
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 212.54.40.25 212.54.44.54
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
.
.
.
Voltooingstijd: 2015-05-13  20:15:50
ComboFix-quarantined-files.txt  2015-05-13 18:15
.
Pre-Run: 41.052.381.184 bytes beschikbaar
Post-Run: 40.378.085.376 bytes beschikbaar
.
- - End Of File - - 56C53EA515FDDA33497E738B8F706623
A36C5E4F47E84449FF07ED3517B43A31