ComboFix 15-05-13.01 - Carl 14-05-2015  11:36:58.1.2 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.31.1043.18.2013.1156 [GMT 2:00]
Gestart vanuit: c:\users\Carl\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\test
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2015-04-14 to 2015-05-14  ))))))))))))))))))))))))))))))
.
.
2015-05-14 09:44 . 2015-05-14 09:44	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-05-13 09:54 . 2015-05-01 13:16	102608	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 08:32 . 2015-05-13 08:17	24064	----a-w-	c:\windows\zoek-delete.exe
2015-05-13 08:32 . 2015-05-14 09:44	--------	d-----w-	c:\users\Carl\AppData\Local\Temp
2015-05-13 08:25 . 2015-04-13 03:19	259072	----a-w-	c:\windows\system32\services.exe
2015-05-13 08:17 . 2015-05-13 08:33	--------	d-----w-	C:\zoek_backup
2015-05-12 17:38 . 2015-05-12 17:38	--------	d-----w-	C:\rsit
2015-05-09 15:34 . 2015-05-09 15:34	--------	d-----w-	c:\users\Carl\AppData\Roaming\AVG2015
2015-05-09 15:33 . 2015-05-09 15:33	--------	d-----w-	c:\users\Carl\AppData\Roaming\TuneUp Software
2015-05-09 15:32 . 2015-05-09 15:34	--------	d-----w-	c:\programdata\AVG2015
2015-05-09 15:32 . 2015-05-09 15:32	--------	d-----w-	C:\$AVG
2015-05-09 15:31 . 2015-05-09 15:31	--------	d-----w-	c:\program files\AVG
2015-05-09 15:29 . 2015-05-14 08:10	--------	d-----w-	c:\programdata\MFAData
2015-05-09 15:29 . 2015-05-09 17:00	--------	d-----w-	c:\users\Carl\AppData\Local\Avg2015
2015-05-09 15:29 . 2015-05-09 15:29	--------	d--h--w-	c:\programdata\Common Files
2015-05-09 15:29 . 2015-05-09 15:29	--------	d-----w-	c:\users\Carl\AppData\Local\MFAData
2015-05-01 16:36 . 2015-05-01 16:36	--------	d-----w-	c:\users\Carl\Tracing
2015-05-01 15:58 . 2015-05-01 15:58	--------	d-----w-	c:\users\Carl\AppData\Local\Skype
2015-05-01 15:58 . 2015-05-07 09:57	--------	d-----w-	c:\users\Carl\AppData\Roaming\Skype
2015-05-01 15:58 . 2015-05-01 15:58	--------	d-----r-	c:\program files\Skype
2015-05-01 15:58 . 2015-05-01 15:58	--------	d-----w-	c:\program files\Common Files\Skype
2015-05-01 15:58 . 2015-05-01 15:58	--------	d-----w-	c:\programdata\Skype
2015-04-15 11:05 . 2015-04-15 11:05	206816	----a-w-	c:\windows\system32\drivers\avgldx86.sys
2015-04-15 10:47 . 2015-03-10 03:08	1237504	----a-w-	c:\windows\system32\msxml3.dll
2015-04-15 10:47 . 2015-03-10 03:05	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-04-14 11:19 . 2015-04-14 11:19	16917184	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE12\MSO.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-10 09:14 . 2015-01-25 10:24	114904	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-09 12:12 . 2015-04-09 12:12	226784	----a-w-	c:\windows\system32\drivers\avgidsdriverx.sys
2015-04-07 10:45 . 2015-04-07 10:45	213984	----a-w-	c:\windows\system32\drivers\avgtdix.sys
2015-04-03 07:37 . 2015-04-03 07:37	110048	----a-w-	c:\windows\system32\drivers\avgmfx86.sys
2015-03-20 10:18 . 2015-03-20 10:18	35808	----a-w-	c:\windows\system32\drivers\avgrkx86.sys
2015-03-11 10:13 . 2015-03-11 10:13	269792	----a-w-	c:\windows\system32\drivers\avglogx.sys
2015-03-11 10:13 . 2015-03-11 10:13	166880	----a-w-	c:\windows\system32\drivers\avgidshx.sys
2015-03-11 10:13 . 2015-03-11 10:13	132576	----a-w-	c:\windows\system32\drivers\avgdiskx.sys
2015-03-11 10:08 . 2015-03-11 10:08	29664	----a-w-	c:\windows\system32\drivers\avgidsshimx.sys
2015-03-04 04:10 . 2015-05-13 08:25	470528	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-13 08:25	2178560	----a-w-	c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-13 08:25	2560	----a-w-	c:\windows\apppatch\AcRes.dll
2015-03-02 09:14 . 2015-03-02 09:14	912928	----a-w-	c:\windows\system32\FTBSaver.scr
2015-02-20 04:13 . 2015-03-11 09:20	26624	----a-w-	c:\windows\system32\lpk.dll
2015-02-20 04:13 . 2015-03-11 09:20	70656	----a-w-	c:\windows\system32\fontsub.dll
2015-02-20 04:13 . 2015-03-11 09:20	10240	----a-w-	c:\windows\system32\dciman32.dll
2015-02-20 04:13 . 2015-03-11 09:20	34304	----a-w-	c:\windows\system32\atmlib.dll
2015-02-20 03:09 . 2015-03-11 09:20	299008	----a-w-	c:\windows\system32\atmfd.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VoipConnect"="c:\program files\VoipConnect.com\VoipConnect\voipconnect.exe" [2015-03-08 31445088]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2014-12-12 5489944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Family Tree Builder Update"="c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe" [2015-03-02 2477056]
"AVG_UI"="c:\program files\AVG\AVG2015\avgui.exe" [2015-04-15 3745232]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer PowerSaver]
2009-04-17 22:17	434176	----a-w-	c:\program files\Acer\Acer PowerSaver\PowerSaverTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer SmartBoot]
2009-05-13 03:05	376832	----a-w-	c:\program files\Acer\Acer SmartBoot\ASLTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-12-19 16:50	1022152	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoLockProcess]
2009-02-17 21:31	446464	----a-w-	c:\program files\Acer\Empowering Technology\eLock\autolockprocess\AutoLockProcess.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
2009-11-17 23:18	261888	----a-w-	c:\program files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2014-12-12 17:21	5489944	----a-w-	c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget\P0000000000000000]
2012-02-28 21:03	249440	----a-w-	c:\windows\System32\spool\drivers\w32x86\3\E_FATIJAE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2011-02-11 18:26	171032	------w-	c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2011-02-11 18:26	137752	------w-	c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2011-02-11 18:26	172568	------w-	c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
2009-04-15 22:52	91432	------w-	c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2009-11-17 12:46	8092192	------w-	c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 03:17	1174016	----a-w-	c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-12-11 02:30	39408	----a-w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipConnect]
2015-03-08 19:03	31445088	----a-w-	c:\program files\VoipConnect.com\VoipConnect\voipconnect.exe
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2015\avgidsagent.exe [2015-04-15 3438032]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-02-18 315488]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-04-21 102912]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2015-03-11 166880]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2015-03-11 269792]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2015-03-20 35808]
S0 eLock2BurnerLockDriver;Disk Performance Monitor Filter Driver;c:\windows\system32\DRIVERS\eLock2BurnerLockDriver.sys [2008-03-12 22560]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2015-03-11 132576]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2015-04-09 226784]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2015-03-11 29664]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2015-04-15 206816]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2015-04-07 213984]
S2 ASLSvc;Acer SmartBoot Service;c:\program files\Acer\Acer SmartBoot\ASLSvc.exe [2009-05-13 417792]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2015\avgwdsvc.exe [2015-04-15 311792]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\DRIVERS\eLock2FSCTLDriver.sys [2008-03-11 87072]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2009-02-18 24576]
S2 Greg_Service;GRegService;c:\program files\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-11-17 255744]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [2014-01-23 1335344]
S2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [2014-01-23 856112]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc	REG_MULTI_SZ   	DiagTrack
.
Inhoud van de 'Gedeelde Taken' map
.
2015-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-01-23 14:01]
.
2015-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-01-23 14:01]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.54.44.54 212.54.40.25
.
- - - - ORPHANS VERWIJDERD - - - -
.
BHO-{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - (no file)
Toolbar-Locked - (no file)
HKCU-Run-*LABAL* - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\*]
"3140710900063D11C8EF10054038389C"="C?\\Windows\\system32\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2015-05-14  11:46:49
ComboFix-quarantined-files.txt  2015-05-14 09:46
.
Pre-Run: 29.875.245.056 bytes beschikbaar
Post-Run: 29.780.213.760 bytes beschikbaar
.
- - End Of File - - D5D617CC92A8901F6473A2E82252A60F
A36C5E4F47E84449FF07ED3517B43A31