ComboFix 16-02-23.01 - Rudi 27/02/2016  16:24:18.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.32.1043.18.4030.1017 [GMT 1:00]
Gestart vanuit: C:\Users\Rudi\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((   Bestanden Gemaakt van 2016-01-27 to 2016-02-27  ))))))))))))))))))))))))))))))


2016-02-27 15:38:06 . 2016-02-27 15:38:06	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2016-02-23 19:16:59 . 2016-02-23 19:16:59	--------	d-----w-	C:\Program Files (x86)\ESET
2016-02-22 19:34:21 . 2016-02-22 19:34:21	--------	d-----w-	C:\ProgramData\Validity
2016-02-22 19:29:34 . 2016-02-22 18:33:56	24064	----a-w-	C:\windows\zoek-delete.exe
2016-02-22 19:29:32 . 2016-02-27 15:45:58	--------	d-----w-	C:\Users\Rudi\AppData\Local\Temp
2016-02-22 18:41:11 . 2016-02-22 18:41:11	75888	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{71648AF6-E914-4A50-B92D-434D667897BB}\offreg.6712.dll
2016-02-21 19:15:18 . 2016-02-21 19:15:18	75888	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{71648AF6-E914-4A50-B92D-434D667897BB}\offreg.6084.dll
2016-02-21 19:07:24 . 2015-11-25 11:02:18	11154520	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{71648AF6-E914-4A50-B92D-434D667897BB}\mpengine.dll
2016-02-21 10:20:18 . 2016-02-21 10:20:26	--------	d-----w-	C:\Users\Rudi\AppData\Local\ApplicationHistory
2016-02-21 10:16:52 . 2016-02-21 10:16:52	--------	d-----w-	C:\windows\SysWow64\URTTEMP
2016-02-21 10:12:45 . 2016-02-21 10:12:45	--------	d-----w-	C:\windows\SysWow64\cvirte
2016-02-21 10:12:45 . 2005-11-17 13:23:02	133120	----a-w-	C:\windows\SysWow64\TacxUSB.dll
2016-02-21 10:12:45 . 2003-07-29 08:00:00	45056	----a-w-	C:\windows\SysWow64\cvirt.dll
2016-02-21 10:12:45 . 2003-07-29 08:00:00	413770	----a-w-	C:\windows\SysWow64\cviauto.dll
2016-02-21 10:12:45 . 2003-07-29 08:00:00	131072	----a-w-	C:\windows\SysWow64\dataskt.dll
2016-02-21 10:11:42 . 2004-04-18 22:39:58	266240	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll
2016-02-21 10:11:42 . 2004-04-18 22:39:28	172032	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll
2016-02-21 10:11:41 . 2004-04-18 22:42:00	733184	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll
2016-02-21 10:11:41 . 2004-04-18 22:40:42	69715	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll
2016-02-21 10:11:41 . 2004-04-18 22:39:14	5632	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe
2016-02-20 08:55:21 . 2016-02-20 08:55:21	--------	d-----w-	C:\Users\Rudi\AppData\Local\Shalsoft
2016-02-20 08:55:21 . 2016-02-20 08:55:21	--------	d-----w-	C:\Temp
2016-02-10 18:19:33 . 2016-02-10 18:13:21	37144	----a-w-	C:\windows\system32\drivers\aswKbd.sys
2016-02-10 18:17:26 . 2016-02-10 18:17:08	398152	----a-w-	C:\windows\system32\aswBoot.exe
2016-02-10 18:14:03 . 2016-02-10 18:14:03	52184	----a-w-	C:\windows\avastSS.scr
2016-01-30 20:05:18 . 2016-01-30 20:05:18	180356	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll
2016-01-30 20:05:16 . 2016-01-30 20:05:16	303236	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll
2016-01-30 16:58:10 . 2010-08-31 11:27:00	110592	----a-w-	C:\windows\SysWow64\wdapi1021.dll
2016-01-30 16:56:55 . 2016-01-30 16:56:55	--------	d-----w-	C:\Program Files\Garmin
2016-01-30 16:56:01 . 2016-01-30 16:56:55	--------	d-----w-	C:\windows\SysWow64\Silabs
2016-01-30 16:54:22 . 2016-01-30 16:54:22	--------	d-----w-	C:\ProgramData\Tacx
2016-01-30 16:54:20 . 2010-08-31 11:23:30	254976	----a-w-	C:\windows\system32\drivers\windrvr6.sys
2016-01-30 16:51:12 . 2016-01-30 16:51:12	--------	d-----w-	C:\Program Files (x86)\Tacx
2016-01-30 16:50:01 . 2009-12-05 18:42:28	85504	----a-w-	C:\windows\SysWow64\ff_vfw.dll
2016-01-30 16:50:00 . 2016-02-21 10:18:19	--------	d-----w-	C:\Program Files (x86)\ffdshow
2016-01-30 16:29:34 . 2016-01-30 16:58:44	--------	d-----w-	C:\ProgramData\Ant
.


(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))

2016-02-23 19:15:03 . 2011-07-20 13:13:44	463744	----a-w-	C:\windows\system32\drivers\aswsp.sys
2016-02-13 10:21:54 . 2012-04-04 17:05:26	796864	----a-w-	C:\windows\SysWow64\FlashPlayerApp.exe
2016-02-13 10:21:54 . 2011-07-20 19:40:13	142528	----a-w-	C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-02-10 18:20:23 . 2013-03-21 18:02:34	287016	----a-w-	C:\windows\system32\drivers\aswvmm.sys
2016-02-10 18:17:10 . 2014-01-22 16:22:06	165344	----a-w-	C:\windows\system32\drivers\aswStm.sys
2016-02-10 18:17:08 . 2014-05-29 17:54:47	37656	----a-w-	C:\windows\system32\drivers\aswHwid.sys
2016-02-10 18:17:08 . 2013-03-21 18:02:34	74544	----a-w-	C:\windows\system32\drivers\aswRvrt.sys
2016-02-10 18:17:08 . 2011-07-20 13:13:44	107792	----a-w-	C:\windows\system32\drivers\aswMonFlt.sys
2016-02-10 18:17:05 . 2012-02-26 15:49:17	103064	----a-w-	C:\windows\system32\drivers\aswRdr2.sys
2016-02-10 18:13:22 . 2011-07-20 17:02:52	1065720	----a-w-	C:\windows\system32\drivers\aswSnx.sys
2015-12-02 12:18:58 . 2011-07-20 12:57:41	301728	------w-	C:\windows\system32\MpSigStub.exe
2013-11-09 07:53:37 . 2013-11-09 07:53:36	4216840	----a-w-	C:\Program Files (x86)\Common Files\vcredist.exe


(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))


*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	199488	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dropbox Update"="C:\Users\Rudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-20 18:57:39 134512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"File Sanitizer"="C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2011-02-07 19:41:42 12274688]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 17:00:32 283160]
"HP HD Webcam [Fixed]_Monitor"="C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe" [2010-11-26 11:31:18 267128]
"HPConnectionManager"="c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 22:49:04 94264]
"HPQuickWebProxy"="c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-02-11 00:44:28 76344]
"IFXSPMGT"="c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" [2011-01-20 05:55:18 1125728]
"Desktop Disc Tool"="C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2011-04-18 21:57:14 522736]
"QLBController"="C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-07-06 16:17:46 323128]
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-05-15 14:26:48 60712]
"lxdxmon.exe"="C:\Program Files (x86) (x86)\Lexmark 3600-4600 Series\lxdxmon.exe" [2010-02-04 00:27:55 672424]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" [2016-02-16 18:35:11 7139768]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-06-08 17:08:50 334896]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [2016-01-28 09:20:58 1403304]

C:\Users\Rudi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - C:\Users\Rudi\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2016-2-21 25122080]
IconRestorer.lnk - C:\Program Files (x86)\FSL\IconRestorer\IconRestorer.exe auto [2011-7-20 1666560]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-02-03 23:09:12	75360	----a-w-	C:\Windows\System32\DeviceNP.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	DPPassFilter scecli

R2 bb3pdrv;bb3pdrv;C:\windows\system32\bb3pdrv.sys;C:\windows\SYSNATIVE\bb3pdrv.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service;C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe;C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;C:\windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe;C:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxdxserv.exe [x]
R3 BrSerIb;Brother MFC Serial Interface Driver(WDM);C:\windows\system32\DRIVERS\BrSerIb.sys;C:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
R3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);C:\windows\system32\DRIVERS\BrUsbSIb.sys;C:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
R3 btwampfl;Bluetooth AMP USB Filter;C:\windows\system32\drivers\btwampfl.sys;C:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\system32\DRIVERS\btwl2cap.sys;C:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 DAMDrv;DAMDrv;C:\windows\system32\DRIVERS\DAMDrv64.sys;C:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\system32\DRIVERS\ssudbus.sys;C:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\Windows\SysWOW64\flcdlock.exe;c:\Windows\SysWOW64\flcdlock.exe [x]
R3 HP ProtectTools Service;HP ProtectTools Service;c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe;c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
R3 hpCMSrv;HP Connection Manager 4.0 Service;c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0;C:\windows\system32\DRIVERS\libusb0.sys;C:\windows\SYSNATIVE\DRIVERS\libusb0.sys [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;C:\windows\system32\DRIVERS\SNTUSB64.SYS;C:\windows\SYSNATIVE\DRIVERS\SNTUSB64.SYS [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\system32\DRIVERS\ssudmdm.sys;C:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys;C:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys;C:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;C:\windows\system32\drivers\CM10664.sys;C:\windows\SYSNATIVE\drivers\CM10664.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;C:\windows\system32\Wat\WatAdminSvc.exe;C:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 MfeEpePc;MfeEpePc; [x]
S0 PxHlpa64;PxHlpa64;C:\windows\System32\Drivers\PxHlpa64.sys;C:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswKbd;aswKbd;C:\windows\system32\drivers\aswKbd.sys;C:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;C:\windows\system32\drivers\aswSnx.sys;C:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;C:\windows\system32\drivers\aswSP.sys;C:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 PersonalSecureDrive;PersonalSecureDrive;C:\windows\System32\drivers\psd.sys;C:\windows\SYSNATIVE\drivers\psd.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 aswHwid;avast! HardwareID;C:\windows\system32\drivers\aswHwid.sys;C:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;C:\windows\system32\drivers\aswMonFlt.sys;C:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;C:\windows\system32\drivers\aswStm.sys;C:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 HPDayStarterService;HP DayStarter Service;c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe;c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;C:\windows\system32\Hpservice.exe;C:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 lxdx_device;lxdx_device;C:\windows\system32\lxdxcoms.exe;C:\windows\SYSNATIVE\lxdxcoms.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [x]
S2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 Sentinel64;Sentinel64;C:\windows\System32\Drivers\Sentinel64.sys;C:\windows\SYSNATIVE\Drivers\Sentinel64.sys [x]
S2 SentinelKeysServer;Sentinel Keys Server;C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe;C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [x]
S2 uArcCapture;ArcCapture;C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;C:\windows\system32\vcsFPService.exe;C:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\windows\system32\DRIVERS\ArcSoftVCapture.sys;C:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys;C:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;C:\windows\system32\DRIVERS\jmcr.sys;C:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 johci;JMicron 1394 Filter Driver;C:\windows\system32\DRIVERS\johci.sys;C:\windows\SYSNATIVE\DRIVERS\johci.sys [x]
S3 SPUVCbv;SPUVCb Driver Service;C:\windows\system32\Drivers\SPUVCbv_x64.sys;C:\windows\SYSNATIVE\Drivers\SPUVCbv_x64.sys [x]


--- Andere Services/Drivers In Geheugen ---

*NewlyCreated* - WS2IFSL

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-05-19 18:36:40	451872	----a-w-	C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-02-20 08:22:35	1088664	----a-w-	C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe

Inhoud van de 'Gedeelde Taken' map

2016-02-27 C:\windows\Tasks\Adobe Flash Player Updater.job
- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-06 18:04:37 . 2016-02-13 10:21:54]

2016-02-24 C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1745162922-1544886962-622675663-1002Core.job
- C:\Users\Rudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20 18:57:40 . 2015-06-20 18:57:39]

2016-02-27 C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1745162922-1544886962-622675663-1002UA.job
- C:\Users\Rudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20 18:57:40 . 2015-06-20 18:57:39]

2016-02-27 C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 19:44:35 . 2015-08-31 17:53:25]

2016-02-27 C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 19:44:35 . 2015-08-31 17:53:25]

2016-02-01 C:\windows\Tasks\HPCeeScheduleForRudi.job
- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15:40 . 2010-09-14 06:15:40]

2016-02-26 C:\windows\Tasks\SyncBack afbeeldingen.job
- C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-07-20 17:48:58 . 2010-11-08 13:42:46]

2014-02-27 C:\windows\Tasks\SyncBack cad tekeningen prive.job
- C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-07-20 17:48:58 . 2010-11-08 13:42:46]

2016-02-21 C:\windows\Tasks\SyncBack documenten.job
- C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-07-20 17:48:58 . 2010-11-08 13:42:46]

2012-12-25 C:\windows\Tasks\SyncBack muziek.job
- C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2011-07-20 17:48:58 . 2010-11-08 13:42:46]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2016-01-15 19:45:36	775096	----a-w-	C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2016-01-15 19:45:36	775096	----a-w-	C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2016-01-15 19:45:36	775096	----a-w-	C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	236352	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	236352	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	236352	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	236352	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	236352	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	236352	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	236352	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-16 18:37:08	236352	----a-w-	C:\Users\Rudi\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-02-10 18:17:06	905248	----a-w-	C:\Program Files\AVAST Software\Avast\ashShA64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-27 02:10:56 13880]
"Broadcom Wireless Manager UI"="C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe" [2011-05-05 13:01:39 5398528]
"IgfxTray"="C:\windows\system32\igfxtray.exe" [2011-02-07 09:03:14 167960]
"HotKeysCmds"="C:\windows\system32\hkcmd.exe" [2011-02-07 09:02:52 391704]
"Persistence"="C:\windows\system32\igfxpers.exe" [2011-02-07 09:03:04 418328]
"Cm106Sound"="C:\windows\Syswow64\cm106.dll" [2013-01-18 03:04:25 8757248]

------- Bijkomende Scan -------

uStart Page = hxxp://www.google.com
uLocal Page = C:\windows\system32\blank.htm
mLocal Page = C:\Windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - C:\windows\system32\GPhotos.scr/200
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: belgium.be\policeonweb
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - C:\Users\Rudi\AppData\Roaming\Mozilla\Firefox\Profiles\i3e0fsb9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
FF - ExtSQL: !HIDDEN! 2014-02-26 21:30; quick_start@gmail.com; C:\Users\Rudi\AppData\Roaming\Mozilla\Firefox\Profiles\i3e0fsb9.default\extensions\quick_start@gmail.com

- - - - ORPHANS VERWIJDERD - - - -

Toolbar-10 - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
HKLM-Run-SynTPEnh - C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-B1FreeArchiver - C:\Program Files (x86)\B1 Free Archiver\installer.exe
AddRemove-USB_ANT_SIUSBXP_3_1&1004&0FCF - C:\windows\system32\Silabs\DriverUninstaller.exe USBXpress\USB_ANT_SIUSBXP_3_1&1004&0FCF
AddRemove-{0733d53f-b41d-47cc-b336-d95751c4b2cb} - C:\ProgramData\Package Cache\{0733d53f-b41d-47cc-b336-d95751c4b2cb}\GarminExpressInstaller.exe
AddRemove-{42f02a91-da9c-48e1-8dc5-37f4449db969} - C:\ProgramData\Package Cache\{42f02a91-da9c-48e1-8dc5-37f4449db969}\GarminExpressInstaller.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - C:\ProgramData\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="C:\Program Files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-1745162922-1544886962-622675663-1002\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=hex:51,66,7a,6c,4c,1d,3b,1b,25,13,78,
   2e,b7,d8,53,0f,ac,db,25,82,93,85,d1,9f
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,24,38,
   50,8c,3b,13,08,85,fc,bd,9b,04,73,38,6d
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,3b,1b,6f,63,17,
   c9,78,47,0f,0f,b4,a4,02,03,d9,54,35,58
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,3b,1b,8c,6a,a2,
   88,4d,de,98,04,a4,6a,33,28,4b,d5,73,2b
"{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}"=hex:51,66,7a,6c,4c,1d,3b,1b,99,83,8e,
   d7,50,14,b5,05,89,2a,e4,12,bf,8b,1c,01
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,3b,1b,6f,c1,ff,
   a0,57,90,b9,5e,a9,e4,40,e0,c8,4c,f4,17
"{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}"=hex:51,66,7a,6c,4c,1d,3b,1b,80,35,4f,
   37,02,69,07,01,bc,5c,6f,63,2d,28,b4,0f
"{3134413B-49B4-425C-98A5-893C1F195601}"=hex:51,66,7a,6c,4c,1d,3b,1b,2b,5e,21,
   2c,86,1b,35,0d,8d,ac,c9,7c,1e,5f,17,19
"{4D6A9BBF-402C-4301-B1EF-28D04F71D761}"=hex:51,66,7a,6c,4c,1d,3b,1b,af,84,7f,
   50,1e,12,68,0c,a4,e6,68,90,4e,37,96,79
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,3b,1b,ab,88,01,
   6b,c2,84,45,09,a3,e2,94,9a,f0,9f,6c,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1f,dd,
   c6,77,f6,32,0c,a9,7d,dc,65,c0,83,c9,b1
"{FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2}"=hex:51,66,7a,6c,4c,1d,3b,1b,87,fb,b5,
   e1,e3,61,d7,02,9a,d2,3f,da,58,3a,ca,da
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,17,ca,
   05,9f,ba,ea,0d,b0,9f,ba,17,8d,68,fc,db
"{204DF522-9A96-4A72-ABB0-60F7A216D6D2}"=hex:51,66,7a,6c,4c,1d,3b,1b,32,ea,58,
   3d,a4,c8,1b,05,be,b9,20,b7,a3,50,97,ca
"{11111111-1111-1111-1111-110311551174}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,0e,04,
   0c,23,43,78,5e,04,18,51,43,10,13,50,6c

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_185_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="C:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_185_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_185_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_185_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\'**'�]
@="'??"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\*]
@="?"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\�K`*�K`*]
@="?`?`"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\�R�&**�*]
@="??&?\02"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\�R�&**�*]
@="??&?\08"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\S�&**�*]
@="??&?\02"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\�Y���`*]
@="???`"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

------------------------ Andere Aktieve Processen ------------------------

C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Rudi\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
C:\Program Files (x86)\FSL\IconRestorer\IconRestorer.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

**************************************************************************

Voltooingstijd: 2016-02-27  16:54:58 - machine werd herstart
ComboFix-quarantined-files.txt  2016-02-27 15:54:51

Pre-Run: 125.683.576.832 bytes beschikbaar
Post-Run: 125.137.494.016 bytes beschikbaar

- - End Of File - - 47367FEB0E6817E1C541D97A347A456C