ComboFix 16-01-01.01 - WF 01/01/2016  13:12:07.1.3 - x86
Gestart vanuit: h:\00 pc vista\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
c:\users\WF\001.jpg
c:\users\WF\002.jpg
c:\users\WF\003.jpg
c:\users\WF\AppData\Roaming\inst.exe
c:\windows\system32\sysdir
c:\windows\system32\sysdir\sycd7.dll
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2015-12-01 to 2016-01-01  ))))))))))))))))))))))))))))))
.
.
2016-01-01 12:40 . 2016-01-01 12:41	--------	d-----w-	c:\users\WF\AppData\Local\temp
2016-01-01 12:40 . 2016-01-01 12:40	--------	d-----w-	c:\users\Default\AppData\Local\temp
2016-01-01 12:40 . 2016-01-01 12:40	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2015-12-31 18:11 . 2015-01-29 01:35	369664	----a-w-	c:\windows\system32\WMPhoto.dll
2015-12-31 18:10 . 2015-08-13 14:15	304640	----a-w-	c:\windows\system32\drivers\srv.sys
2015-12-31 18:10 . 2015-08-13 14:15	102912	----a-w-	c:\windows\system32\drivers\srvnet.sys
2015-12-31 18:09 . 2015-01-29 01:35	975360	----a-w-	c:\windows\system32\WindowsCodecs.dll
2015-12-31 18:09 . 2015-07-21 16:07	56256	----a-w-	c:\windows\system32\drivers\mountmgr.sys
2015-12-31 18:09 . 2015-07-21 16:07	140224	----a-w-	c:\windows\system32\drivers\ecache.sys
2015-12-31 18:09 . 2015-07-21 16:03	10752	----a-w-	c:\windows\system32\msmmsp.dll
2015-12-31 18:09 . 2015-07-21 16:03	564224	----a-w-	c:\windows\system32\emdmgmt.dll
2015-12-31 18:08 . 2015-07-03 16:04	1316864	----a-w-	c:\windows\system32\ole32.dll
2015-12-31 18:07 . 2015-09-02 21:26	1402368	----a-w-	c:\windows\system32\msxml6.dll
2015-12-31 18:07 . 2015-09-02 21:26	1253376	----a-w-	c:\windows\system32\msxml3.dll
2015-12-31 18:06 . 2015-07-31 19:27	103120	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-31 18:05 . 2015-06-17 15:09	73216	----a-w-	c:\windows\system32\msiexec.exe
2015-12-31 18:05 . 2015-06-17 16:50	2264576	----a-w-	c:\windows\system32\msi.dll
2015-12-31 18:05 . 2015-06-12 16:01	298496	----a-w-	c:\windows\system32\gdi32.dll
2015-12-31 18:04 . 2015-04-24 15:54	532480	----a-w-	c:\windows\system32\comctl32.dll
2015-12-31 18:03 . 2015-07-10 19:37	2067968	----a-w-	c:\windows\system32\mstscax.dll
2015-12-31 18:02 . 2015-03-05 02:32	244152	----a-w-	c:\windows\system32\clfs.sys
2015-12-31 18:02 . 2015-03-05 02:23	57344	----a-w-	c:\windows\system32\clfsw32.dll
2015-12-31 17:56 . 2014-11-26 02:05	564224	----a-w-	c:\windows\system32\oleaut32.dll
2015-12-31 17:51 . 2015-12-31 17:56	--------	d-----w-	C:\60810123da4076b6d5
2015-12-31 17:51 . 2015-11-02 17:04	179200	----a-w-	c:\windows\system32\els.dll
2015-12-31 17:50 . 2015-10-17 16:01	501248	----a-w-	c:\windows\system32\kerberos.dll
2015-12-31 17:49 . 2015-12-16 09:15	9014120	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3DFD05B9-609A-4912-835E-D1363A74BFBC}\mpengine.dll
2015-12-31 17:49 . 2015-07-18 16:03	68608	----a-w-	c:\windows\system32\basesrv.dll
2015-12-31 17:48 . 2015-01-21 02:02	807936	----a-w-	c:\windows\system32\msctf.dll
2015-12-31 16:47 . 2015-12-31 17:47	--------	d-----w-	C:\5e9cb318585a61335394f9281ff334
2015-12-31 14:38 . 2015-08-05 15:59	602112	----a-w-	c:\windows\system32\schedsvc.dll
2015-12-31 14:37 . 2015-10-14 20:22	1206192	----a-w-	c:\windows\system32\ntdll.dll
2015-12-31 14:37 . 2015-07-21 16:03	49664	----a-w-	c:\windows\system32\csrsrv.dll
2015-12-31 14:37 . 2015-01-09 00:18	64000	----a-w-	c:\windows\system32\smss.exe
2015-12-31 14:37 . 2015-10-14 16:01	3606464	----a-w-	c:\windows\system32\ntkrnlpa.exe
2015-12-31 14:37 . 2015-10-14 16:01	3554752	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-12-31 14:36 . 2015-10-01 16:03	940032	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-12-31 14:36 . 2015-11-05 07:26	2048	----a-w-	c:\windows\system32\tzres.dll
2015-12-31 14:34 . 2015-05-31 08:11	225792	----a-w-	c:\windows\system32\cewmdm.dll
2015-12-31 14:31 . 2015-04-10 23:22	279552	----a-w-	c:\windows\system32\services.exe
2015-12-31 14:27 . 2015-10-10 16:02	526272	----a-w-	c:\windows\system32\drivers\ndis.sys
2015-12-31 14:27 . 2014-12-08 01:59	306176	----a-w-	c:\windows\system32\scesrv.dll
2015-12-31 14:27 . 2015-07-01 15:57	199680	----a-w-	c:\windows\system32\WebClnt.dll
2015-12-31 14:27 . 2015-07-09 14:25	151040	----a-w-	c:\windows\system32\notepad.exe
2015-12-31 14:27 . 2015-07-09 14:25	151040	----a-w-	c:\windows\notepad.exe
2015-12-31 14:27 . 2015-11-10 17:03	1208832	----a-w-	c:\windows\system32\comsvcs.dll
2015-12-31 14:27 . 2015-11-10 17:03	488448	----a-w-	c:\windows\system32\catsrvut.dll
2015-12-31 14:24 . 2015-11-05 07:34	113664	----a-w-	c:\windows\system32\drivers\rmcast.sys
2015-12-31 14:24 . 2015-05-04 22:50	7680	----a-w-	c:\windows\system32\spwmp.dll
2015-12-31 14:24 . 2015-05-04 22:50	4096	----a-w-	c:\windows\system32\msdxm.ocx
2015-12-31 14:24 . 2015-05-04 22:50	4096	----a-w-	c:\windows\system32\dxmasf.dll
2015-12-31 14:24 . 2015-05-04 21:21	107520	----a-w-	c:\program files\Windows Media Player\wmpconfig.exe
2015-12-31 14:24 . 2015-05-04 21:21	168960	----a-w-	c:\program files\Windows Media Player\wmplayer.exe
2015-12-31 14:24 . 2015-05-04 21:21	107520	----a-w-	c:\program files\Windows Media Player\wmpshare.exe
2015-12-31 14:24 . 2015-05-04 21:21	8147456	----a-w-	c:\windows\system32\wmploc.DLL
2015-12-31 14:23 . 2015-06-27 14:21	217088	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2015-12-31 14:23 . 2015-06-27 14:21	81408	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2015-12-31 14:23 . 2015-01-09 00:17	107008	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2015-12-31 14:23 . 2015-09-26 16:04	206336	----a-w-	c:\windows\system32\ncrypt.dll
2015-12-31 14:23 . 2015-06-27 16:02	218112	----a-w-	c:\windows\system32\msv1_0.dll
2015-12-31 14:23 . 2015-09-26 16:05	281600	----a-w-	c:\windows\system32\schannel.dll
2015-12-31 14:23 . 2015-06-27 16:03	783872	----a-w-	c:\windows\system32\rpcrt4.dll
2015-12-31 14:23 . 2015-06-27 16:01	801280	----a-w-	c:\windows\system32\advapi32.dll
2015-12-31 14:23 . 2015-09-26 13:21	274432	----a-w-	c:\windows\system32\bcrypt.dll
2015-12-31 14:23 . 2015-09-22 13:11	440768	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2015-12-31 10:25 . 2015-12-31 10:25	--------	d-----w-	c:\program files\Speccy
2015-12-30 22:43 . 2015-12-30 10:47	322760	----a-w-	c:\windows\system32\aswBoot.exe
2015-12-30 19:09 . 2015-12-30 19:10	--------	d-----w-	C:\EEK
2015-12-30 10:47 . 2015-12-30 10:47	165104	----a-w-	c:\windows\system32\drivers\aswStmXP.sys
2015-12-30 10:47 . 2015-12-30 10:47	43112	----a-w-	c:\windows\avastSS.scr
2015-12-29 09:07 . 2015-12-29 09:07	--------	d-----w-	c:\programdata\G DATA
2015-12-28 11:30 . 2015-12-09 12:48	1309184	----a-w-	C:\zoek.exe
2015-12-28 11:03 . 2015-12-28 11:03	--------	d-----w-	C:\zoek_backup
2015-12-27 22:24 . 2016-01-01 11:33	--------	d-----w-	c:\users\WF\00 VISTA PC
2015-12-27 22:03 . 2015-12-31 13:53	--------	d-----w-	C:\AdwCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-31 10:36 . 2014-01-05 16:01	796864	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2015-12-31 10:36 . 2014-01-05 16:01	142528	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2015-12-30 22:43 . 2014-12-02 11:24	436360	----a-w-	c:\windows\system32\drivers\aswsp.sys
2015-12-30 22:43 . 2014-12-02 11:24	81168	----a-w-	c:\windows\system32\drivers\aswmonflt.sys
2015-12-30 22:00 . 2014-08-20 19:14	170200	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-30 10:47 . 2014-12-02 11:24	58016	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2015-12-30 10:47 . 2014-12-02 11:24	209432	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2015-12-30 10:47 . 2014-12-02 11:24	49776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2015-12-30 10:47 . 2014-12-02 11:24	24016	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2015-12-30 10:47 . 2014-12-02 11:24	55200	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2015-12-30 10:46 . 2014-12-02 11:24	794952	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2015-12-28 10:33 . 2013-12-16 14:26	900	--sha-w-	c:\programdata\KGyGaAvL.sys
2015-12-02 12:25 . 2013-12-07 10:02	247976	------w-	c:\windows\system32\MpSigStub.exe
2015-10-13 00:29 . 2015-10-13 00:29	875720	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-10-05 08:50 . 2014-08-20 19:13	51928	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-10-05 08:50 . 2014-08-20 19:13	94936	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-10-05 08:50 . 2014-01-04 12:48	23256	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-03-12 18:30 . 2013-12-20 23:50	10491392	----a-w-	c:\program files\Inpaint.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-12-30 10:47	750216	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{859DB984-73BC-4FF9-A5F3-2C5505EF2253}"
[HKEY_CLASSES_ROOT\CLSID\{859DB984-73BC-4FF9-A5F3-2C5505EF2253}]
2012-04-09 14:27	158224	----a-w-	c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 14:27	158224	----a-w-	c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OODIIcon]
@="{14A94384-BBED-47ed-86C0-6BF63FD892D0}"
[HKEY_CLASSES_ROOT\CLSID\{14A94384-BBED-47ed-86C0-6BF63FD892D0}]
2013-09-12 08:59	100656	----a-w-	c:\program files\OO Software\DiskImage\oodishi.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2014-11-21 5282584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-12-30 7021880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0NaBootMir
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^WF^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\users\WF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllMyNotes]
2014-12-24 13:31	3270256	----a-w-	c:\program files\AllMyNotes Organizer\AllMyNotes.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2014-11-21 18:41	5282584	----a-w-	c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2014-03-04 09:19	3696912	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FmsProxy]
2013-02-13 16:46	1710264	----a-w-	c:\program files\High-Logic MainType\FmsProxy.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
2014-07-25 13:51	2403104	----a-w-	c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODITRAY.EXE]
2013-09-12 08:59	3849008	----a-w-	c:\program files\OO Software\DiskImage\ooditray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-05-28 14:06	6144000	----a-w-	c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28	1233920	----a-w-	c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-11-20 16:15	1826816	----a-w-	c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SOS Browser Monitor]
2014-06-24 14:13	72704	----a-w-	c:\program files\Steganos Online Shield\SteganosBrowserMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SOS_Agent]
2014-06-24 15:33	4481880	----a-w-	c:\program files\Steganos Online Shield\OnlineShieldClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
2014-10-27 17:10	6553144	----a-w-	c:\users\WF\AppData\Roaming\Spotify\spotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2014-10-27 17:10	1514040	----a-w-	c:\users\WF\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-01-21 10:17	61440	----a-w-	c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 08:16	254336	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2014-12-19 08:38	248176	----a-w-	c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToolwizTimeFreeze]
2014-03-16 14:38	1660216	----a-w-	c:\program files\Toolwiz Time Freeze 2014\ToolwizTimeFreeze.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2014-12-13 17:00	1385808	----a-w-	c:\users\WF\AppData\Roaming\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VIDC04EN]
2014-03-05 06:03	1480008	----a-w-	c:\program files\ACD Systems\ACDSee Video Converter 4.1\acdIDInTouch2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vspdfprsrv.exe]
2013-05-16 14:53	7008256	----a-w-	c:\program files\Avanquest\PDF Experte 9 Professional\vspdfprsrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23	1008184	----a-w-	c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25	202240	----a-w-	c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
2014-04-01 12:38	2007392	----a-w-	c:\program files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
2014-07-17 14:46	833024	----a-w-	c:\program files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-146039125-382958225-3636407129-1000]
"EnableNotificationsRef"=dword:00000001
.
R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usbxp.sys [2004-04-30 24832]
R3 AE3000;Linksys AE3000 Driver;c:\windows\system32\DRIVERS\AE3000vista.sys [2012-10-09 1205344]
R4 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [x]
S2 ABBYY.Licensing.FineReader.ScreenshotReader.9.0;ABBYY.Licensing.FineReader.ScreenshotReader.9.0;c:\program files\ABBYY Screenshot Reader\NetworkLicenseServer.exe [2009-05-15 759048]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-12-30 23:26	1000264	----a-w-	c:\program files\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2016-01-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-05 10:36]
.
2016-01-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-12-30 23:25]
.
2016-01-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-12-30 23:25]
.
.
------- Bijkomende Scan -------
.
uStart Page = https://www.google.be/
mStart Page = hxxp://www.aldi.com/
TCP: Interfaces\{F341A24A-5B40-4B32-AE4F-310908F9C2A3}: NameServer = 192.168.10.1
FF - ProfilePath - c:\users\WF\AppData\Roaming\Mozilla\Firefox\Profiles\czzwbdkr.default-1449785766505\
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} - (no file)
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} - (no file)
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} - (no file)
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} - (no file)
HKCU-Run-ABBYY Screenshot Reader Retail - (no file)
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
MSConfigStartUp-Advanced SystemCare 7 - c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe
MSConfigStartUp-BootNaMir - c:\program files\Wondershare\Time Freeze\BootSP.exe
MSConfigStartUp-CyberGhost - c:\program files\CyberGhost 5\CyberGhost.EXE
MSConfigStartUp-EaseUs Tray - c:\program files\EaseUS\Todo Backup\bin\TrayNotify.exe
MSConfigStartUp-EaseUs Watch - c:\program files\EaseUS\Todo Backup\bin\EuWatch.exe
MSConfigStartUp-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe
MSConfigStartUp-NOELauncher - c:\program files\Norman\nsc\bin\noelauncher.exe
MSConfigStartUp-Norman ZANDA - c:\program files\Norman\Npm\Bin\ZLH.EXE
MSConfigStartUp-Password Depot - c:\program files\AceBIT\Password Depot 7\PasswordDepot.exe
MSConfigStartUp-Privatefirewall - c:\program files\Privacyware\Privatefirewall 7.0\PFGUI.exe
MSConfigStartUp-Sonic PDF Print Dispatcher - c:\program files\Investintech.com Inc\Sonic PDF Creator\3.0\itSONPrnDisp.exe
MSConfigStartUp-SuperEasy 1-Click Backup - c:\program files\SuperEasy Software\1-Click Backup Free\bin\backupClient-sez1cb.exe
MSConfigStartUp-toolbar_eula_launcher - c:\program files\GoogleEULA\EULALauncher.exe
MSConfigStartUp-Zoner Photo Studio Service 16 - c:\program files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEc:\program files\Zoner\Photo Studio 16\Program32\ZPSService.exe
AddRemove-{039BC111-1600-6CEF-A8E5-198B376ED64D}_is1 - c:\program files\SuperEasy Software\Photo Booster\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2016-01-01 13:41
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ... 
.
scannen van verborgen autostart items ... 
.
scannen van verborgen bestanden ... 
.
.
c:\users\WF\AppData\Local\Temp\catchme.dll 53248 bytes executable
C:\avast! sandbox
.
Scan succesvol afgerond
verborgen bestanden: 2
.
**************************************************************************
.
Voltooingstijd: 2016-01-01  13:44:30
ComboFix-quarantined-files.txt  2016-01-01 12:44
.
Pre-Run: 285.008.756.736 bytes beschikbaar
Post-Run: 285.011.611.648 bytes beschikbaar
.
- - End Of File - - 5A9CE96DA80B9C033068BB87B13A0ED7
671B81004FDD1588FA9ED1331C9CECA9