Het log van ComboFix:
ComboFix 17-10-17.01 - Thomas 11-11-2017 15:54:52.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.5589.3299 [GMT 1:00]
Gestart vanuit: d:\thomas\Bureaublad\ComboFix.exe
AV: 360 Total Security *Disabled/Updated* {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
SP: 360 Total Security *Disabled/Updated* {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\0922503211MN
c:\users\Thomas\AppData\Local\Temp\_MEI45162\_ctypes.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\_elementtree.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\_hashlib.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\_multiprocessing.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\_psutil_windows.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\_socket.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\_ssl.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\_yappi.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\common.time34.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\hashobjs_ext.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\pyexpat.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\pysqlite2._sqlite.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\python27.dll
c:\users\Thomas\AppData\Local\Temp\_MEI45162\pythoncom27.dll
c:\users\Thomas\AppData\Local\Temp\_MEI45162\PyWinTypes27.dll
c:\users\Thomas\AppData\Local\Temp\_MEI45162\select.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\thumbnails_ext.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\unicodedata.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\usb_ext.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\win32api.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\win32com.shell.shell.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\win32crypt.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\win32event.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\win32file.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\win32gui.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\win32inet.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\win32pdh.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\win32pipe.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\win32process.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\win32profile.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\win32security.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\win32ts.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\windows._lib_cacheinvalidation.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\wx._animate.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\wx._controls_.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\wx._core_.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\wx._gdi_.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\wx._html2.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\wx._misc_.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\wx._windows_.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\wx._wizard.pyd
c:\users\Thomas\AppData\Local\Temp\_MEI45162\wxbase30u_net_vc90.dll
c:\users\Thomas\AppData\Local\Temp\_MEI45162\wxbase30u_vc90.dll
c:\users\Thomas\AppData\Local\Temp\_MEI45162\wxmsw30u_adv_vc90.dll
c:\users\Thomas\AppData\Local\Temp\_MEI45162\wxmsw30u_core_vc90.dll
c:\users\Thomas\AppData\Local\Temp\_MEI45162\wxmsw30u_html_vc90.dll
c:\users\Thomas\AppData\Local\Temp\_MEI45162\wxmsw30u_webview_vc90.dll
c:\windows\security\logs\scecomp.log
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2017-10-11 to 2017-11-11 ))))))))))))))))))))))))))))))
.
.
2017-11-11 15:16 . 2017-11-11 15:16 252232 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2017-11-11 15:11 . 2017-11-11 15:11 -------- d-----w- c:\users\Thijs\AppData\Local\temp
2017-11-11 15:11 . 2017-11-11 15:11 -------- d-----w- c:\users\Public\AppData\Local\temp
2017-11-11 15:11 . 2017-11-11 15:11 -------- d-----w- c:\users\Nienke\AppData\Local\temp
2017-11-11 15:11 . 2017-11-11 15:11 -------- d-----w- c:\users\Karin\AppData\Local\temp
2017-11-11 15:11 . 2017-11-11 15:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-11-09 17:55 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
2017-11-07 22:08 . 2017-11-07 22:08 -------- d-----w- c:\users\Thomas\AppData\Local\Disc_Soft_Ltd
2017-11-07 21:39 . 2017-11-07 21:39 47672 ----a-w- c:\windows\system32\drivers\dtliteusbbus.sys
2017-11-07 21:38 . 2017-11-07 21:38 30264 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2017-11-07 21:38 . 2017-11-07 22:01 -------- d-----w- c:\users\Thomas\AppData\Roaming\DAEMON Tools Lite
2017-11-07 21:37 . 2017-11-07 21:39 -------- d-----w- c:\program files\DAEMON Tools Lite
2017-11-07 21:36 . 2017-11-07 21:37 -------- d-----w- c:\programdata\DAEMON Tools Lite
2017-11-06 00:56 . 2017-11-06 00:56 -------- d-----w- c:\users\Thomas\AppData\Local\ESET
2017-11-01 11:58 . 2017-11-01 11:58 51016 ----a-w- c:\windows\system32\DbxSvc.exe
2017-11-01 11:58 . 2017-11-01 11:58 45672 ----a-w- c:\windows\system32\drivers\dbx-dev.sys
2017-11-01 11:58 . 2017-11-01 11:58 45640 ----a-w- c:\windows\system32\drivers\dbx-stable.sys
2017-11-01 11:58 . 2017-11-01 11:58 45640 ----a-w- c:\windows\system32\drivers\dbx-canary.sys
2017-10-29 04:08 . 2017-10-29 04:08 18459880 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2017-10-26 13:53 . 2017-10-26 13:53 -------- d-----w- c:\users\Thomas\AppData\Local\Smart PC Soft
2017-10-26 13:52 . 2017-10-26 13:52 -------- d-----w- c:\program files (x86)\Smart PC Soft
2017-10-26 13:44 . 2017-10-26 13:44 -------- d-----w- c:\users\Thomas\AppData\Local\PlutoTV
2017-10-26 10:11 . 2017-10-26 10:11 -------- d-----w- c:\users\Thomas\AppData\Local\Opera Software
2017-10-26 10:11 . 2017-10-26 10:11 -------- d-----w- c:\users\Thomas\AppData\Roaming\Opera Software
2017-10-24 14:23 . 2017-10-24 14:23 -------- d-----w- c:\users\Karin\AppData\Roaming\Zeon
2017-10-24 14:22 . 2017-10-24 14:22 -------- d-----w- c:\users\Karin\AppData\Roaming\Nuance
2017-10-23 04:48 . 2017-10-25 04:32 84256 ----a-w- c:\windows\system32\drivers\mwac.sys
2017-10-22 23:37 . 2017-10-22 23:37 18896 ----a-w- c:\program files (x86)\Mozilla Firefox\qipcap64.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-11-09 20:24 . 2015-12-07 21:55 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-10-26 09:58 . 2014-01-11 08:32 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-10-26 09:58 . 2011-07-22 10:11 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-10-11 07:19 . 2017-10-11 07:19 126925120 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2017-10-11 07:18 . 2013-12-28 02:38 126925120 -c--a-w- c:\windows\system32\MRT.exe
2017-10-04 11:15 . 2017-10-10 16:15 77440 ----a-w- c:\windows\system32\drivers\mbae64.sys
2017-09-13 15:33 . 2017-10-11 05:38 631176 ----a-w- c:\windows\system32\winresume.efi
2017-09-13 15:32 . 2017-10-11 05:38 706792 ----a-w- c:\windows\system32\winload.efi
2017-09-13 15:32 . 2017-10-11 05:38 5547752 ----a-w- c:\windows\system32\ntoskrnl.exe
2017-09-13 15:32 . 2017-10-11 05:38 95464 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2017-09-13 15:32 . 2017-10-11 05:38 154856 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2017-09-13 15:31 . 2017-10-11 05:38 1732864 ----a-w- c:\windows\system32\ntdll.dll
2017-09-13 15:28 . 2017-10-11 05:38 448512 ----a-w- c:\windows\system32\wlansec.dll
2017-09-13 15:28 . 2017-10-11 05:38 414208 ----a-w- c:\windows\system32\wlanmsm.dll
2017-09-13 15:28 . 2017-10-11 05:38 118784 ----a-w- c:\windows\system32\wlanhlp.dll
2017-09-13 15:28 . 2017-10-11 05:38 886272 ----a-w- c:\windows\system32\wlansvc.dll
2017-09-13 15:28 . 2017-10-11 05:38 113664 ----a-w- c:\windows\system32\wlanapi.dll
2017-09-13 15:28 . 2017-10-11 05:38 362496 ----a-w- c:\windows\system32\wow64win.dll
2017-09-13 15:28 . 2017-10-11 05:38 215552 ----a-w- c:\windows\system32\winsrv.dll
2017-09-13 15:28 . 2017-10-11 05:38 243712 ----a-w- c:\windows\system32\wow64.dll
2017-09-13 15:28 . 2017-10-11 05:38 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2017-09-13 15:28 . 2017-10-11 05:38 86528 ----a-w- c:\windows\system32\TSpkg.dll
2017-09-13 15:28 . 2017-10-11 05:38 210432 ----a-w- c:\windows\system32\wdigest.dll
2017-09-13 15:28 . 2017-10-11 05:38 503808 ----a-w- c:\windows\system32\srcore.dll
2017-09-13 15:28 . 2017-10-11 05:38 135680 ----a-w- c:\windows\system32\sspicli.dll
2017-09-13 15:28 . 2017-10-11 05:38 28672 ----a-w- c:\windows\system32\sspisrv.dll
2017-09-13 15:28 . 2017-10-11 05:38 50176 ----a-w- c:\windows\system32\srclient.dll
2017-09-13 15:28 . 2017-10-11 05:38 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2017-09-13 15:28 . 2017-10-11 05:38 1212928 ----a-w- c:\windows\system32\rpcrt4.dll
2017-09-13 15:28 . 2017-10-11 05:38 345600 ----a-w- c:\windows\system32\schannel.dll
2017-09-13 15:28 . 2017-10-11 05:38 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-09-13 15:28 . 2017-10-11 05:38 28160 ----a-w- c:\windows\system32\secur32.dll
2017-09-13 15:28 . 2017-10-11 05:38 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2017-09-13 15:28 . 2017-10-11 05:38 312320 ----a-w- c:\windows\system32\ncrypt.dll
2017-09-13 15:28 . 2017-10-11 05:38 1068544 ----a-w- c:\windows\system32\msctf.dll
2017-09-13 15:28 . 2017-10-11 05:38 316928 ----a-w- c:\windows\system32\msv1_0.dll
2017-09-13 15:28 . 2017-10-11 05:38 60416 ----a-w- c:\windows\system32\msobjs.dll
2017-09-13 15:28 . 2017-10-11 05:38 146432 ----a-w- c:\windows\system32\msaudite.dll
2017-09-13 15:27 . 2017-10-11 05:38 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2017-09-13 15:27 . 2017-10-11 05:38 731648 ----a-w- c:\windows\system32\kerberos.dll
2017-09-13 15:27 . 2017-10-11 05:38 1163264 ----a-w- c:\windows\system32\kernel32.dll
2017-09-13 15:27 . 2017-10-11 05:38 419840 ----a-w- c:\windows\system32\KernelBase.dll
2017-09-13 15:27 . 2017-10-11 05:38 44032 ----a-w- c:\windows\system32\csrsrv.dll
2017-09-13 15:27 . 2017-10-11 05:38 43520 ----a-w- c:\windows\system32\cryptbase.dll
2017-09-13 15:27 . 2017-10-11 05:38 22016 ----a-w- c:\windows\system32\credssp.dll
2017-09-13 15:27 . 2017-10-11 05:38 463872 ----a-w- c:\windows\system32\certcli.dll
2017-09-13 15:27 . 2017-10-11 05:38 880640 ----a-w- c:\windows\system32\advapi32.dll
2017-09-13 15:27 . 2017-10-11 05:38 123904 ----a-w- c:\windows\system32\bcrypt.dll
2017-09-13 15:27 . 2017-10-11 05:38 59904 ----a-w- c:\windows\system32\appidapi.dll
2017-09-13 15:27 . 2017-10-11 05:38 34816 ----a-w- c:\windows\system32\appidsvc.dll
2017-09-13 15:27 . 2017-10-11 05:38 6656 ----a-w- c:\windows\system32\apisetschema.dll
2017-09-13 15:27 . 2017-10-11 05:38 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 05:38 690688 ----a-w- c:\windows\system32\adtschema.dll
2017-09-13 15:13 . 2017-10-11 05:38 4001512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2017-09-13 15:13 . 2017-10-11 05:38 3945704 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2017-09-13 15:10 . 2017-10-11 05:38 1314112 ----a-w- c:\windows\SysWow64\ntdll.dll
2017-09-13 15:09 . 2017-10-11 05:38 666112 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2017-09-13 15:09 . 2017-10-11 05:38 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2017-09-13 15:09 . 2017-10-11 05:38 275456 ----a-w- c:\windows\SysWow64\KernelBase.dll
2017-09-13 15:09 . 2017-10-11 05:38 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2017-09-13 15:09 . 2017-10-11 05:38 392704 ----a-w- c:\windows\SysWow64\wlansec.dll
2017-09-13 15:09 . 2017-10-11 05:38 428032 ----a-w- c:\windows\SysWow64\wlanmsm.dll
2017-09-13 15:09 . 2017-10-11 05:38 83968 ----a-w- c:\windows\SysWow64\wlanhlp.dll
2017-09-13 15:09 . 2017-10-11 05:38 80896 ----a-w- c:\windows\SysWow64\wlanapi.dll
2017-09-13 15:09 . 2017-10-11 05:38 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2017-09-13 15:09 . 2017-10-11 05:38 82944 ----a-w- c:\windows\SysWow64\bcrypt.dll
2017-09-13 15:09 . 2017-10-11 05:38 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2017-09-13 15:09 . 2017-10-11 05:38 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2017-09-13 15:09 . 2017-10-11 05:38 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2017-09-13 15:09 . 2017-10-11 05:38 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2017-09-13 15:09 . 2017-10-11 05:38 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2017-09-13 15:09 . 2017-10-11 05:38 261120 ----a-w- c:\windows\SysWow64\msv1_0.dll
2017-09-13 15:09 . 2017-10-11 05:38 223232 ----a-w- c:\windows\SysWow64\ncrypt.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2017-10-09 25621648]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2017-10-18 10021040]
"AppEx Accelerator UI"="c:\program files\AMD Quick Stream\AMDQuickStream.exe" [2015-04-05 488640]
"MyDriveConnect.exe"="c:\program files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe" [2017-08-04 1986280]
"Spotify Web Helper"="c:\users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2017-04-19 1446000]
"{9168D391-E9F7-46D5-90C9-99C567C3C6A0}"="c:\windows\system32\msiexec.exe" [2016-11-09 73216]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2017-08-14 4836032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2015-09-24 41360]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2015-09-24 840592]
"QHSafeTray"="c:\program files (x86)\360\Total Security\safemon\QHSafeTray.exe" [2016-08-10 1153448]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-08-04 767176]
"Dropbox"="c:\program files (x86)\Dropbox\Client\Dropbox.exe" [2017-11-01 3567928]
"PaperPort PTD"="c:\program files (x86)\Nuance\PaperPort\pptd40nt.exe" [2013-08-15 31048]
"ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2016-02-03 139776]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2014-05-22 4513792]
"BrHelp"="c:\program files (x86)\Brother\Brother Help\BrotherHelp.exe" [2013-03-07 1944576]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2017-07-04 1053656]
"IndexSearch"="c:\program files (x86)\Nuance\PaperPort\IndexSearch.exe" [2013-08-15 47432]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2015-07-23 2303152]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2017-9-28 850944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dbupdate;Dropbox-update-service (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 360AvFlt;360AvFlt mini-filter driver;c:\windows\system32\DRIVERS\360AvFlt.sys;c:\windows\SYSNATIVE\DRIVERS\360AvFlt.sys [x]
R3 360Camera;360Safe Camera Filter Service;c:\windows\system32\Drivers\360Camera64.sys;c:\windows\SYSNATIVE\Drivers\360Camera64.sys [x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R3 dbupdatem;Dropbox-update-service (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 dbx;dbx;c:\windows\system32\DRIVERS\dbx.sys;c:\windows\SYSNATIVE\DRIVERS\dbx.sys [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebProtection;MBAMWebProtection;c:\windows\system32\DRIVERS\mwac.sys;c:\windows\SYSNATIVE\DRIVERS\mwac.sys [x]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys;c:\windows\SYSNATIVE\DRIVERS\Prot6Flt.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 tap-tb-0901;TunnelBear Adapter V9;c:\windows\system32\DRIVERS\tap-tb-0901.sys;c:\windows\SYSNATIVE\DRIVERS\tap-tb-0901.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 usbrndis6;USB RNDIS6-adapter;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 360Box64;360Box mini-filter driver;c:\windows\system32\DRIVERS\360Box64.sys;c:\windows\SYSNATIVE\DRIVERS\360Box64.sys [x]
S1 360FsFlt;360FsFlt mini-filter driver;c:\windows\system32\DRIVERS\360FsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\360FsFlt.sys [x]
S1 BAPIDRV;BAPIDRV;c:\windows\system32\DRIVERS\BAPIDRV64.sys;c:\windows\SYSNATIVE\DRIVERS\BAPIDRV64.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 APXACC;AppEx Networks Accelerator LWF;c:\windows\system32\DRIVERS\appexDrv.sys;c:\windows\SYSNATIVE\DRIVERS\appexDrv.sys [x]
S2 DbxSvc;DbxSvc;c:\windows\system32\DbxSvc.exe;c:\windows\SYSNATIVE\DbxSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [x]
S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S2 QHActiveDefense;360 Total Security;c:\program files (x86)\360\Total Security\safemon\QHActiveDefense.exe;c:\program files (x86)\360\Total Security\safemon\QHActiveDefense.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S3 360AntiHacker;360Safe Anti Hacker Service;c:\windows\system32\Drivers\360AntiHacker64.sys;c:\windows\SYSNATIVE\Drivers\360AntiHacker64.sys [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\Drivers\mbamswissarmy.sys;c:\windows\SYSNATIVE\Drivers\mbamswissarmy.sys [x]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Inhoud van de 'Gedeelde Taken' map
.
2017-11-11 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-26 10:03]
.
2017-11-11 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-26 10:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-11-01 11:44 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2017-10-09 08:33 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2017-10-09 08:33 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2017-10-09 08:33 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2015-07-21 23:02 803488 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2015-07-21 23:02 803488 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2015-07-21 23:02 803488 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-09 11860072]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2015-07-22 500936]
"NUSB3MON"="c:\program files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe" [2012-04-11 97280]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL =
www.google.com
mDefault_Page_URL =
www.google.com
mStart Page =
www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page =
www.google.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 89.101.251.229 89.101.251.228
FF - ProfilePath - c:\users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\17tu91df.default-1457531331141\
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-363389516-363886808-2250518415-1001_Classes\Wow6432Node\CLSID\{130F8154-E804-4BD5-A07B-35BE69039715}\{A730F6F3-255C-417C-8986-2C578500547E}*Hidden]
"{6D31FCD2-64F7-4E43-8E18-5A2BBA7D13C9}"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAkXlKIvX4+0iDncirePgbhQAAAAACAAAAAAAQZgAAAAEAACAAAAB5sl9QzA42WW9dVz6849w9WJwwRLTV34imXFh96J0TAAAAAAAOgAAAAAIAACAAAADxwgtnmUdaFJkLJ7y75ZEZMc1uLk5EJCzKLnb+1KGiZhAAAABs6WlgZVSyeRfMkWJ/vpEeQAAAAA9HJFdEXUELyEqomu9T6s7cNaNIjtNjIA1jdxhTTONmKiDCsENCnAJKIgjMKk2igoqXsx68gApCrggne7fchvk="
"{2338F5D5-2437-4FC3-9005-A01804321264}"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAYyNClfxipkWfdBilcY21hQAAAAACAAAAAAAQZgAAAAEAACAAAABO8tD0pe1IbWQXOW/QSfjySVqU3pSH3Aesy9Ucef2RNwAAAAAOgAAAAAIAACAAAACoWdMtIkQ/M6iFDpdQGSfJLjAONHL1u1k7ptywODY2fyAAAAAVCYkh1cN0Bph8N42oArHDR1MvP0YeM6b+vOx+8jGt/EAAAACMJpsi5sIOZAuN7chMPNh5ZtOJr1UrjfRYKjsZGdETuRFXIRkgS+jlh+dvBI80arvtBOvak4pYb/E95baRBYd6"
"{FCCCD80D-2A5E-401E-B64F-D1C2E375B955}"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAYyNClfxipkWfdBilcY21hQAAAAACAAAAAAAQZgAAAAEAACAAAABCdKJbIEF0ye/xMpAv0lQeezOE9xj7f3+GBhkHzqturQAAAAAOgAAAAAIAACAAAABOSCv7haQBIIkZEs4CJIDESHhQKoVuXwONH+EUvtFzaBAAAACj5CYl5XkAuGULvhSmvLQ9QAAAAEJB6Nbn+qAltS/sDLy8oEeOP5QcYMzcOm0SElxETxBIfXdc4DT6vZ6SUYzG7enIEYbdGsN4QWc8Zz0Yf34D95U="
.
[HKEY_USERS\S-1-5-21-363389516-363886808-2250518415-1001_Classes\Wow6432Node\CLSID\{130F8154-E804-4BD5-A07B-35BE69039715}\{A730F6F3-255C-417C-8986-2C578500547E}*Hidden\DeltaClock]
"LastSynchronizationClock"=hex(b):80,05,46,7f,55,39,d2,08
"DeltaClock"=hex(b):2b,18,fa,fe,ff,ff,ff,ff
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_183_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_27_0_0_183_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_183_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_27_0_0_183_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_183.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.27"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_183.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_183.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_27_0_0_183.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\360\Total Security\safemon\QHWatchdog.exe
c:\program files\Malwarebytes\Anti-Malware\mbamtray.exe
c:\program files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
.
**************************************************************************
.
Voltooingstijd: 2017-11-11 16:30:55 - machine werd herstart
ComboFix-quarantined-files.txt 2017-11-11 15:30
ComboFix2.txt 2015-12-07 20:42
ComboFix3.txt 2015-12-07 17:01
.
Pre-Run: 57.805.324.288 bytes beschikbaar
Post-Run: 58.266.521.600 bytes beschikbaar
.
- - End Of File - - 5E58A7E92237F21EA6BE4C835261AFEB
A36C5E4F47E84449FF07ED3517B43A31