ComboFix 15-06-18.01 - Pol 21/06/2015 17:44:05.1.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.1976.846 [GMT 2:00] Gestart vanuit: c:\users\Pol\Desktop\ComboFix.exe AV: Norton 360 Premier Edition *Disabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB} FW: Norton 360 Premier Edition *Enabled* {6BFC5632-188D-B806-D13E-C607121B42A0} SP: Norton 360 Premier Edition *Disabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\BF31EC6D50.sys c:\windows\IsUn0413.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2015-05-21 to 2015-06-21 )))))))))))))))))))))))))))))) . . 2015-06-21 16:23 . 2015-06-21 16:23 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-06-20 08:01 . 2015-06-20 08:01 -------- dc----w- C:\OneDriveTemp 2015-06-19 11:34 . 2015-06-19 11:34 -------- d-----w- c:\programdata\ioloGovernor 2015-06-19 11:28 . 2015-06-19 08:56 24064 ----a-w- c:\windows\zoek-delete.exe 2015-06-19 11:28 . 2015-06-21 18:20 -------- dc----w- c:\users\Pol\AppData\Local\Temp 2015-06-19 11:21 . 2015-06-19 20:02 -------- d-----w- c:\users\Pol\AppData\Roaming\iolo 2015-06-19 10:42 . 2015-06-19 10:42 -------- dc----w- C:\zoek_backup 2015-06-18 13:50 . 2015-06-18 13:50 -------- d-----w- c:\users\Pol\AppData\Local\Dropbox 2015-06-18 13:50 . 2015-06-18 13:50 -------- d-----w- c:\programdata\Dropbox 2015-06-12 13:43 . 2015-06-12 14:15 -------- dc----w- C:\Mijn website DF test 2015-06-11 14:58 . 2012-10-17 02:04 580712 ------w- c:\windows\system32\HPDiscoPMa011.dll 2015-06-10 22:42 . 2015-06-10 22:42 -------- d-----w- c:\program files\Common Files\AV 2015-06-10 07:52 . 2015-05-25 17:00 2384384 ----a-w- c:\windows\system32\win32k.sys 2015-06-06 08:09 . 2015-06-06 08:09 -------- d-----w- c:\users\Pol\AppData\Local\GWX 2015-06-05 12:12 . 2015-05-22 18:03 571392 ----a-w- c:\windows\system32\generaltel.dll 2015-06-05 12:12 . 2015-05-22 18:02 621568 ----a-w- c:\windows\system32\invagent.dll 2015-06-05 12:12 . 2015-05-22 18:02 879104 ----a-w- c:\windows\system32\appraiser.dll 2015-06-05 12:12 . 2015-05-22 17:58 901120 ----a-w- c:\windows\system32\aeinv.dll 2015-06-05 12:12 . 2015-05-21 13:20 163840 ----a-w- c:\windows\system32\aepic.dll 2015-06-05 12:12 . 2015-05-22 18:02 333824 ----a-w- c:\windows\system32\devinv.dll 2015-06-05 12:12 . 2015-05-22 18:02 37888 ----a-w- c:\windows\system32\acmigration.dll 2015-06-05 12:12 . 2015-05-22 18:02 202752 ----a-w- c:\windows\system32\aepdu.dll 2015-05-28 13:16 . 2015-05-28 13:16 68280 ----a-w- c:\windows\system32\drivers\RapportHades.sys 2015-05-28 13:16 . 2015-05-28 13:16 218008 ----a-w- c:\windows\system32\drivers\RapportKELL.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-06-15 10:25 . 2013-04-21 08:45 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2015-06-15 10:25 . 2011-05-23 09:33 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2015-05-07 10:49 . 2015-05-07 10:49 23776 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2015-05-06 07:34 . 2015-05-06 07:34 74703 ----a-w- c:\windows\system32\mfc45.dat 2015-05-01 13:16 . 2015-05-13 21:31 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-04-29 20:39 . 2015-04-29 20:39 558448 ----a-w- c:\windows\system32\shareLite3.dll 2015-04-20 02:56 . 2015-05-15 07:43 909312 ----a-w- c:\windows\system32\FntCache.dll 2015-04-20 02:56 . 2015-05-15 07:43 1250816 ----a-w- c:\windows\system32\DWrite.dll 2015-04-18 02:56 . 2015-05-13 07:55 342016 ----a-w- c:\windows\system32\certcli.dll 2015-04-13 03:19 . 2015-05-13 07:55 259072 ----a-w- c:\windows\system32\services.exe 2015-04-08 03:14 . 2015-05-13 07:55 216064 ----a-w- c:\windows\system32\InkEd.dll 2015-04-08 03:14 . 2015-05-13 07:55 22528 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\jnwppr.dll 2015-04-08 03:14 . 2015-05-13 07:55 19968 ----a-w- c:\windows\system32\jnwmon.dll 2015-04-01 17:47 . 2015-04-28 15:14 99208 ----a-w- c:\windows\system32\pdfcmon.dll 2015-04-01 11:42 . 2015-04-01 11:42 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5A4D9557-C2E5-4058-8972-C8BA0317170F}\offreg.dll 2015-03-25 03:00 . 2015-04-15 07:59 92672 ----a-w- c:\windows\system32\wudriver.dll 2015-03-25 03:00 . 2015-04-15 07:59 566784 ----a-w- c:\windows\system32\wuapi.dll 2015-03-25 03:00 . 2015-04-15 07:59 35328 ----a-w- c:\windows\system32\wups2.dll 2015-03-25 03:00 . 2015-04-15 07:59 3088384 ----a-w- c:\windows\system32\wucltux.dll 2015-03-25 03:00 . 2015-04-15 07:59 29696 ----a-w- c:\windows\system32\wups.dll 2015-03-25 03:00 . 2015-04-15 07:59 2020864 ----a-w- c:\windows\system32\wuaueng.dll 2015-03-25 03:00 . 2015-04-15 07:59 173056 ----a-w- c:\windows\system32\wuwebv.dll 2015-03-25 03:00 . 2015-04-15 07:59 50176 ----a-w- c:\windows\system32\WinSetupUI.dll 2015-03-25 03:00 . 2015-04-15 07:59 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll 2015-03-25 03:00 . 2015-04-15 07:59 33792 ----a-w- c:\windows\system32\wuapp.exe 2015-03-25 03:00 . 2015-04-15 07:59 131584 ----a-w- c:\windows\system32\wuauclt.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2015-05-22 09:03 1605832 ----a-w- c:\users\Pol\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2015-05-22 09:03 1605832 ----a-w- c:\users\Pol\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2015-05-22 09:03 1605832 ----a-w- c:\users\Pol\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2015-06-10 20:34 151576 ----a-w- c:\users\Pol\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2015-06-10 20:34 151576 ----a-w- c:\users\Pol\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2015-06-10 20:34 151576 ----a-w- c:\users\Pol\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "Google+ Auto Backup"="c:\users\Pol\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" [2015-02-13 3754312] "OneDrive"="c:\users\Pol\AppData\Local\Microsoft\OneDrive\OneDrive.exe" [2015-05-22 382664] "GoogleChromeAutoLaunch_579742569BC839997C43F7836E24B15F"="c:\program files\Google\Chrome\Application\chrome.exe" [2015-06-05 813896] "Sync2"="c:\program files\4Team Corporation\Sync2\Sync2.exe" [2015-04-29 7711592] "HP Deskjet 3050A J611 series (NET)"="c:\program files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 1837672] "MusicManager"="c:\users\Pol\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [2015-05-29 7646208] "Dropbox Update"="c:\users\Pol\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-18 134512] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-12 166936] "IsaKbcCertUpdate"="c:\program files\Common Files\Isabel\isa_kbc_certupdate.exe" [2012-10-15 1085528] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056] . c:\users\Pol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Pol\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 43871584] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer9"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk /p \??\g:\0autocheck autochk *\0autocheck smrgdf c:\users\Pol\AppData\Roaming\iolo\ . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders credssp.dll, schannel.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service] 2010-10-27 17:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid] 2010-08-12 06:21 2060288 ----a-w- c:\program files\Belgium Identity Card\beid35gui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisorDock] 2010-02-10 02:01 1515576 ----a-w- c:\program files\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2010-01-22 18:08 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe] 2013-05-23 11:53 455608 ----a-w- c:\program files\MyTomTom 3\MyTomTomSA.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe] 2013-10-02 19:28 1090912 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl11] 2011-09-14 13:48 230696 ----a-w- c:\program files\CyberLink\PowerDVD11\PDVD11Serv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2014-12-11 09:20 30877280 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify] 2013-07-05 07:14 4640768 ----a-w- c:\users\Pol\AppData\Roaming\Spotify\spotify.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2010-06-04 00:17 1791272 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp] 2011-11-12 09:42 495708 ----a-w- c:\program files\IDT\WDM\sttray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R2 AdminService10.2B;AdminService for OpenEdge 10.2B;c:\program files\OpenEdge\bin\AdmSrvc.exe [2009-12-14 28672] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2014-05-14 54144] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2014-06-16 89856] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-05-23 102912] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 184192] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-14 1343400] R4 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2011-11-12 81920] R4 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-09-14 83240] R4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-10-12 75048] R4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-10-12 292136] R4 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-01-28 265272] R4 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [2013-04-08 1320496] R4 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [2013-04-08 799280] R4 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752] R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2014-12-11 315496] S0 RapportHades;RapportHades;c:\windows\System32\Drivers\RapportHades.sys [2015-05-28 68280] S0 RapportKELL;RapportKELL;c:\windows\System32\Drivers\RapportKELL.sys [2015-05-28 218008] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\1507000.00B\SYMDS.SYS [2014-07-23 367704] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\1507000.00B\SYMEFA.SYS [2014-07-23 936152] S1 BHDrvx86;BHDrvx86;c:\program files\Norton 360\NortonData\21.5.0.19\Definitions\BASHDefs\20150602.001\BHDrvx86.sys [2015-05-21 1172696] S1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\N360\1507000.00B\ccSetx86.sys [2014-02-20 127064] S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2012-10-18 26248] S1 IDSVix86;IDSVix86;c:\program files\Norton 360\NortonData\21.5.0.19\Definitions\IPSDefs\20150619.001\IDSvix86.sys [2015-06-20 523512] S1 RapportCerberus_1412108;RapportCerberus_1412108;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1412108.sys [2015-06-11 528600] S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [2015-05-28 279800] S1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [2015-05-28 348632] S1 RawDisk3;RawDisk3;c:\windows\system32\drivers\rawdsk3.sys [2014-10-23 28256] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\1507000.00B\Ironx86.SYS [2014-08-06 209624] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360\1507000.00B\SYMNETS.SYS [2014-07-23 447704] S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/11/05 17:12];c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-09-16 09:36 77296] S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992] S2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [2014-10-23 4700872] S2 N360;Norton 360;c:\program files\Norton 360\Engine\21.7.0.11\N360.exe [2015-03-07 265000] S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [2011-09-14 71664] S2 PDFsFilter;PDFsFilter;c:\windows\system32\DRIVERS\PDFsFilter.sys [2012-10-18 68464] S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-05-28 2222360] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2015-05-27 113456] S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-07-09 122880] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2011-09-07 1117800] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] utcsvc REG_MULTI_SZ DiagTrack . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-01-22 18:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-06-10 07:05 986440 ----a-w- c:\program files\Google\Chrome\Application\43.0.2357.124\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2015-06-21 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-21 10:25] . 2015-06-21 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3740741272-41367026-2587978378-1001Core.job - c:\users\Pol\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 13:50] . 2015-06-21 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3740741272-41367026-2587978378-1001UA.job - c:\users\Pol\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 13:50] . 2015-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d046058817a5fc.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-19 18:03] . 2015-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d046058a9b25f8.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-19 18:03] . 2015-06-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3740741272-41367026-2587978378-1001Core.job - c:\users\Pol\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-11 08:55] . 2015-06-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3740741272-41367026-2587978378-1001UA.job - c:\users\Pol\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-11 08:55] . 2015-06-20 c:\windows\Tasks\HPCeeScheduleForPol.job - c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.standaard.be/ IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 Trusted Zone: //about.htm/ Trusted Zone: //Exclude.htm/ Trusted Zone: //FWEvent.htm/ Trusted Zone: //LanguageSelection.htm/ Trusted Zone: //Message.htm/ Trusted Zone: //MyAgttryCmd.htm/ Trusted Zone: //MyAgttryNag.htm/ Trusted Zone: //MyNotification.htm/ Trusted Zone: //NOCLessUpdate.htm/ Trusted Zone: //quarantine.htm/ Trusted Zone: //ScanNow.htm/ Trusted Zone: //strings.vbs/ Trusted Zone: //Template.htm/ Trusted Zone: //Update.htm/ Trusted Zone: //VirFound.htm/ Trusted Zone: cbc.be\cbc-pdf Trusted Zone: cbc.be\cbconline Trusted Zone: cbc.be\static Trusted Zone: cbc.be\www Trusted Zone: cbc.eu\ipa-a Trusted Zone: cbc.eu\ipa-f Trusted Zone: cbc.eu\www Trusted Zone: cbccorporate.be\secure Trusted Zone: cbccorporate.be\www Trusted Zone: csob.cz\www Trusted Zone: csob.sk\www Trusted Zone: fgov.be\*.minfin Trusted Zone: isabel.be\*.IBS6 Trusted Zone: isabel.be\col Trusted Zone: isabel.be\gotoIBS6 Trusted Zone: isabel.be\my Trusted Zone: isabel.be\my.beta Trusted Zone: isabel.be\pki Trusted Zone: isabel.be\www Trusted Zone: isabel.be\www.beta Trusted Zone: isabel.eu\col Trusted Zone: isabel.eu\www Trusted Zone: isabel.eu\www.beta Trusted Zone: kbc.be\kbc-pdf Trusted Zone: kbc.be\kbconline Trusted Zone: kbc.be\static Trusted Zone: kbc.be\www Trusted Zone: kbc.com\www Trusted Zone: kbc.eu\www Trusted Zone: kbcam.be\www Trusted Zone: kbcam.com\www Trusted Zone: kbcbankingforbusiness.com\www Trusted Zone: kbccorporates.com\secure Trusted Zone: kbccorporates.com\www Trusted Zone: kbcfi.com\secure Trusted Zone: kbcfi.com\www Trusted Zone: kbcgroup.eu\multimediafiles Trusted Zone: kbcgroup.eu\www Trusted Zone: kbcmerchantbanking.com\secure Trusted Zone: kbcmerchantbanking.com\www Trusted Zone: kh.hu\www Trusted Zone: mcafee.com\* Trusted Zone: mcafeeasap.com\betavscan Trusted Zone: mcafeeasap.com\vs Trusted Zone: mcafeeasap.com\www Trusted Zone: nbb.be\* Trusted Zone: socialsecurity.be\* Trusted Zone: wise-corporate-ebanking.com\www Trusted Zone: zoomit.be\* TCP: DhcpNameServer = 195.130.131.129 195.130.130.1 DPF: Microsoft XML Parser for Java - file:///C:/windows/Java/classes/xmldso.cab . . ------- Bestandsassociaties ------- . JSEFile=NOTEPAD.EXE "%1" . - - - - ORPHANS VERWIJDERD - - - - . HKLM-Run-UDC Integration - (no file) HKLM-Run-NPSStartup - (no file) AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0413.EXE AddRemove-Finale 2012 - c:\program files\Finale 2012\uninstallFinale.exe AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\21.7.0.11\N360.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\21.7.0.11\diMaster.dll\" /prefetch:1" "ImagePath"="\SystemRoot\System32\Drivers\N360\1507000.00B\SYMNETS.SYS" "TrustedImagePaths"="c:\program files\Norton 360\Engine\21.7.0.11" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:0000000f . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2015-06-21 20:29:13 ComboFix-quarantined-files.txt 2015-06-21 18:29 . Pre-Run: 62.216.908.800 bytes beschikbaar Post-Run: 62.131.916.800 bytes beschikbaar . - - End Of File - - CF7BDB73292FBEE80BA622E32E3A7E51 A36C5E4F47E84449FF07ED3517B43A31