ComboFix 15-07-18.01 - Nancy 19/07/2015   8:40.2.4 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.32.1043.18.3511.1950 [GMT 2:00]
Gestart vanuit: c:\users\Nancy\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0413.exe
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2015-06-19 to 2015-07-19  ))))))))))))))))))))))))))))))
.
.
2015-07-19 06:49 . 2015-07-19 06:49	--------	d-----w-	c:\users\Public\AppData\Local\temp
2015-07-19 06:49 . 2015-07-19 06:49	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-07-19 06:42 . 2015-07-19 06:42	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B112882-22F8-4AC8-9D13-4EF7DAA5BA27}\offreg.2940.dll
2015-07-18 19:54 . 2015-07-18 19:54	--------	d-----w-	c:\users\Nancy\AppData\Roaming\VSRevoGroup
2015-07-18 19:49 . 2015-03-25 07:53	28256	----a-w-	c:\windows\system32\drivers\rawdsk3.sys
2015-07-18 19:49 . 2015-07-18 19:49	--------	d-----w-	C:\logs
2015-07-18 19:49 . 2015-07-18 23:37	--------	d-----w-	c:\programdata\iolo
2015-07-18 19:49 . 2015-07-18 19:49	--------	d-----w-	c:\users\Nancy\AppData\Roaming\iolo
2015-07-18 16:50 . 2015-07-18 16:50	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B112882-22F8-4AC8-9D13-4EF7DAA5BA27}\offreg.3328.dll
2015-07-18 15:36 . 2015-06-12 07:54	9252600	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B112882-22F8-4AC8-9D13-4EF7DAA5BA27}\mpengine.dll
2015-07-18 08:01 . 2015-07-18 08:02	98520	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-18 08:01 . 2015-07-18 08:01	--------	d-----w-	c:\program files\Malwarebytes Anti-Malware
2015-07-18 08:01 . 2015-06-18 06:41	51928	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-07-18 08:01 . 2015-06-18 06:41	94936	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-07-18 08:01 . 2015-06-18 06:41	23256	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-07-18 06:03 . 2015-07-18 06:03	--------	d-----w-	c:\users\Nancy\AppData\Local\Apple Computer
2015-07-18 06:03 . 2015-07-18 06:03	--------	d-----w-	c:\users\Nancy\AppData\Roaming\Titanium
2015-07-18 06:02 . 2015-07-18 06:02	26624	----a-w-	c:\windows\system32\drivers\tap0901.sys
2015-07-18 06:01 . 2015-07-18 06:05	--------	d-----w-	c:\program files\pia_manager
2015-07-16 11:53 . 2015-07-16 11:53	--------	d-----w-	c:\users\Nancy\AppData\Local\CEF
2015-07-08 19:46 . 2015-07-08 19:46	--------	d-----w-	c:\windows\system32\siscardplugins
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-05 21:18 . 2012-09-29 14:41	778416	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2015-07-05 21:18 . 2011-11-06 13:09	142512	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2015-06-23 11:27 . 2010-06-28 23:04	246952	------w-	c:\windows\system32\MpSigStub.exe
2015-04-22 20:10 . 2014-10-16 09:34	96680	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-24 10:05	723976	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SybaseCentral43"="c:\top\SQL Anywhere 9\Shared\Sybase Central 4.3\win32\scjview.exe" [2005-03-31 102400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-06-02 9222760]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-03-17 5227648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2010-08-25 18:45	171032	----a-w-	c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2010-08-25 18:45	136216	----a-w-	c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LMgrVolOSD]
2009-12-11 13:18	348960	----a-w-	c:\program files\Launch Manager\OSD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2010-08-25 18:45	170520	----a-w-	c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2015-07-18 16:46	1694560	----a-w-	c:\users\Nancy\AppData\Roaming\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wbutton]
2010-06-21 11:53	436264	----a-w-	c:\program files\Launch Manager\WButton.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DBISQL9"="c:\top\SQL Anywhere 9\SQL Anywhere 9\win32\dbisqlg.exe" -preload
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"RtHDVBg"=c:\program files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3 
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-12-24 91496]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R3 cxbu0wdm;OMNIKEY 3x21;c:\windows\system32\DRIVERS\cxbu0wdm.sys [2014-05-14 131064]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-09-19 108032]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-06-18 51928]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-02-09 14848]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-05-24 193056]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [2009-12-29 583680]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-02-09 49664]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-19 1343400]
R3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [2009-10-22 118560]
R3 X10Hid;X10 Hid Device;c:\windows\System32\Drivers\x10hid.sys [2009-05-13 13720]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
R4 RsFx0151;RsFx0151 Driver;c:\windows\system32\DRIVERS\RsFx0151.sys [2011-06-17 240736]
R4 SQLAgent$KLUWER2008R2;SQL Server Agent (KLUWER2008R2);c:\program files\Microsoft SQL Server\MSSQL10_50.KLUWER2008R2\MSSQL\Binn\SQLAGENT.EXE [2011-06-17 370016]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-12-24 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-12-24 423784]
S1 RawDisk3;RawDisk3;c:\windows\system32\drivers\rawdsk3.sys [2015-03-25 28256]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-12-24 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-12-24 70384]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 MSSQL$KLUWER2008R2;SQL Server (KLUWER2008R2);c:\program files\Microsoft SQL Server\MSSQL10_50.KLUWER2008R2\MSSQL\Binn\sqlservr.exe [2011-06-17 43040096]
S2 Realtek11nSU;Realtek11nSU;c:\program files\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2009-12-07 40960]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [2015-06-24 5097232]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-10 2320920]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-12-24 218192]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-12-24 3192344]
S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\DRIVERS\BazisVirtualCDBus.sys [2011-06-20 115808]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 132480]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 232960]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-03-04 67624]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-06-18 23256]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-04-01 1009184]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
.
Inhoud van de 'Gedeelde Taken' map
.
2015-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 21:18]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
Trusted Zone: fgov.be
Trusted Zone: fgov.be\*.minfin
Trusted Zone: fgov.be\ccff02.minfin
Trusted Zone: fgov.be\minfin
Trusted Zone: nbb.be\cbso
Trusted Zone: nbb.be\www
Trusted Zone: nespresso.com\nesclub
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Nancy\AppData\Roaming\Mozilla\Firefox\Profiles\cd6dpzrg.default-1437237930325\
.
- - - - ORPHANS VERWIJDERD - - - -
.
MSConfigStartUp-swg - c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
MSConfigStartUp-SynTPEnh - c:\program files\synaptics\syntp\syntpenh.exe
AddRemove-BDE Install - c:\windows\ISUN0413.EXE
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2015-07-19  08:50:48
ComboFix-quarantined-files.txt  2015-07-19 06:50
ComboFix2.txt  2014-02-25 16:29
.
Pre-Run: 144.164.032.512 bytes beschikbaar
Post-Run: 144.229.609.472 bytes beschikbaar
.
- - End Of File - - DFF9AD44660CACDC7D22303ABCE05A07
4624822E540EC83CD0819525C65846BA