ComboFix 12-01-21.02 - rajni 22-01-2012 3:35.2.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.1791.756 [GMT 1:00] Gestart vanuit: c:\users\rajni\Desktop\ComboFix.exe AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\rajni\AppData\Roaming\vso_ts_preview.xml c:\windows\system32\java.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-22 to 2012-01-22 )))))))))))))))))))))))))))))) . . 2012-01-22 02:40 . 2012-01-22 02:40 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-01-22 02:40 . 2012-01-22 02:40 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-01-11 02:03 . 2012-01-11 02:03 -------- d-sh--w- c:\windows\SysWow64\%APPDATA% 2012-01-10 23:53 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll 2012-01-10 23:53 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll 2012-01-10 23:53 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2012-01-10 23:53 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll 2012-01-10 23:53 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll 2012-01-10 23:53 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll 2012-01-10 23:53 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll 2012-01-10 23:53 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll 2012-01-06 23:41 . 2012-01-06 23:41 -------- d-----w- c:\program files (x86)\Foxit Software 2012-01-01 18:36 . 2012-01-01 18:38 -------- d-----w- c:\users\rajni\AppData\Roaming\Vso 2012-01-01 18:36 . 2009-09-02 11:44 65602 ----a-w- c:\windows\SysWow64\cook3260.dll 2012-01-01 18:36 . 2009-09-02 11:44 626688 ----a-w- c:\windows\SysWow64\vp7vfw.dll 2012-01-01 18:36 . 2009-09-02 11:44 217127 ----a-w- c:\windows\SysWow64\drv43260.dll 2012-01-01 18:36 . 2009-09-02 11:44 208935 ----a-w- c:\windows\SysWow64\drv33260.dll 2012-01-01 18:36 . 2009-09-02 11:44 176165 ----a-w- c:\windows\SysWow64\drv23260.dll 2012-01-01 18:36 . 2009-09-02 11:44 1184984 ----a-w- c:\windows\SysWow64\wvc1dmod.dll 2012-01-01 18:36 . 2009-09-02 11:44 102439 ----a-w- c:\windows\SysWow64\sipr3260.dll 2012-01-01 18:35 . 2012-01-01 18:36 -------- d-----w- c:\program files (x86)\VSO 2011-12-30 19:48 . 2011-12-30 19:49 -------- d-----w- c:\users\rajni\AppData\Local\Deployment 2011-12-30 19:48 . 2011-12-30 19:48 -------- d-----w- c:\users\rajni\AppData\Local\Apps 2011-12-28 20:10 . 2012-01-12 12:04 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-12-27 20:37 . 2011-12-27 23:50 -------- d-----w- c:\users\rajni\AppData\Roaming\AVS4YOU 2011-12-27 20:37 . 2011-09-16 15:05 11137024 ----a-w- c:\windows\SysWow64\libmfxsw32.dll 2011-12-27 20:36 . 2011-12-27 20:37 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia 2011-12-27 20:36 . 2011-12-27 20:37 -------- d-----w- c:\programdata\AVS4YOU 2011-12-27 20:36 . 2011-12-27 20:37 -------- d-----w- c:\program files (x86)\AVS4YOU 2011-12-27 20:36 . 2011-08-22 15:33 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll 2011-12-27 20:36 . 2011-08-22 15:32 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll 2011-12-25 21:25 . 2011-12-25 21:25 -------- d-----w- c:\users\rajni\AppData\Roaming\Malwarebytes 2011-12-25 21:25 . 2011-12-25 21:25 -------- d-----w- c:\programdata\Malwarebytes 2011-12-25 21:24 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-23 21:58 . 2011-12-23 21:58 -------- d-----w- c:\program files\Macrium . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-22 14:54 . 2011-12-22 14:54 13464 ----a-w- c:\windows\system32\drivers\PSVolAcc.sys 2011-12-22 14:54 . 2011-12-22 14:54 43672 ----a-w- c:\windows\system32\drivers\psmounter.sys 2011-12-13 22:07 . 2011-12-13 22:08 750488 ----a-w- c:\windows\system32\npdeployJava1.dll 2011-12-13 22:07 . 2011-11-20 01:21 660368 ----a-w- c:\windows\system32\deployJava1.dll 2011-11-30 19:36 . 2011-11-19 19:42 174200 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS 2011-11-24 04:52 . 2011-12-16 00:25 3145216 ----a-w- c:\windows\system32\win32k.sys 2011-11-20 01:15 . 2011-11-20 01:15 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-11-20 00:49 . 2011-11-20 00:49 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-11-20 00:27 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-11-19 23:21 . 2011-11-19 23:21 53248 ----a-r- c:\users\rajni\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2011-11-19 22:17 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2011-11-19 22:17 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2011-11-19 20:39 . 2011-11-19 20:39 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-11-19 20:39 . 2011-11-19 20:39 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2011-11-19 20:39 . 2011-11-19 20:39 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2011-11-19 20:39 . 2011-11-19 20:39 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2011-11-19 20:39 . 2011-11-19 20:39 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2011-11-19 20:39 . 2011-11-19 20:39 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2011-11-19 20:39 . 2011-11-19 20:39 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2011-11-19 20:39 . 2011-11-19 20:39 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2011-11-19 20:39 . 2011-11-19 20:39 367104 ----a-w- c:\windows\SysWow64\html.iec 2011-11-19 20:39 . 2011-11-19 20:39 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2011-11-19 20:39 . 2011-11-19 20:39 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2011-11-19 20:39 . 2011-11-19 20:39 222208 ----a-w- c:\windows\system32\msls31.dll 2011-11-19 20:39 . 2011-11-19 20:39 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2011-11-19 20:39 . 2011-11-19 20:39 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2011-11-19 20:39 . 2011-11-19 20:39 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2011-11-19 20:39 . 2011-11-19 20:39 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2011-11-19 20:39 . 2011-11-19 20:39 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2011-11-19 20:39 . 2011-11-19 20:39 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2011-11-19 20:39 . 2011-11-19 20:39 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2011-11-19 20:39 . 2011-11-19 20:39 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-11-19 20:39 . 2011-11-19 20:39 85504 ----a-w- c:\windows\system32\iesetup.dll 2011-11-19 20:39 . 2011-11-19 20:39 76800 ----a-w- c:\windows\system32\tdc.ocx 2011-11-19 20:39 . 2011-11-19 20:39 603648 ----a-w- c:\windows\system32\vbscript.dll 2011-11-19 20:39 . 2011-11-19 20:39 49664 ----a-w- c:\windows\system32\imgutil.dll 2011-11-19 20:39 . 2011-11-19 20:39 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-11-19 20:39 . 2011-11-19 20:39 448512 ----a-w- c:\windows\system32\html.iec 2011-11-19 20:39 . 2011-11-19 20:39 30720 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-19 20:39 . 2011-11-19 20:39 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2011-11-19 20:39 . 2011-11-19 20:39 165888 ----a-w- c:\windows\system32\iexpress.exe 2011-11-19 20:39 . 2011-11-19 20:39 160256 ----a-w- c:\windows\system32\wextract.exe 2011-11-19 20:39 . 2011-11-19 20:39 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-11-19 20:39 . 2011-11-19 20:39 12288 ----a-w- c:\windows\system32\mshta.exe 2011-11-19 20:39 . 2011-11-19 20:39 114176 ----a-w- c:\windows\system32\admparse.dll 2011-11-19 20:39 . 2011-11-19 20:39 111616 ----a-w- c:\windows\system32\iesysprep.dll 2011-11-09 10:03 . 2011-11-20 00:37 54728 ----a-w- c:\windows\system32\drivers\Soluto.sys 2011-11-05 05:32 . 2011-12-16 00:25 2048 ----a-w- c:\windows\system32\tzres.dll 2011-11-05 04:26 . 2011-12-16 00:25 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2011-11-04 01:53 . 2011-12-16 02:04 2309120 ----a-w- c:\windows\system32\jscript9.dll 2011-11-04 01:44 . 2011-12-16 02:04 1390080 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 01:44 . 2011-12-16 02:04 1493504 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-04 01:34 . 2011-12-16 02:05 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-11-03 22:47 . 2011-12-16 02:04 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll 2011-11-03 22:40 . 2011-12-16 02:04 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2011-11-03 22:39 . 2011-12-16 02:04 1127424 ----a-w- c:\windows\SysWow64\wininet.dll 2011-11-03 22:31 . 2011-12-16 02:04 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2011-10-26 05:21 . 2011-12-16 00:25 43520 ----a-w- c:\windows\system32\csrsrv.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-02 98304] "LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336] "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2009-03-15 180224] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ WD Quick View.lnk - c:\program files\Western Digital\WD SmartWare\WDDMStatus.exe [2011-8-1 4221840] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 netr7364;Stuurprogramma voor RT73 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr7364.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 ReflectService.exe;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2011-12-22 301720] S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1302000.00A\SYMDS64.SYS [x] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1302000.00A\SYMEFA64.SYS [x] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111223.001\BHDrvx64.sys [2011-12-01 1157240] S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1302000.00A\ccSetx64.sys [x] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120120.002\IDSvia64.sys [2011-11-29 488568] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1302000.00A\Ironx64.SYS [x] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1302000.00A\SYMNETS.SYS [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe [2011-08-10 138760] S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-11-09 498208] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832] S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WDDMService.exe [2011-08-01 317328] S2 WDFMEService;WDFMEService;c:\program files\Western Digital\WD SmartWare\WDFME.exe [2011-08-01 1978256] S2 WDRulesService;WDRulesService;c:\program files\Western Digital\WD SmartWare\WDRulesEngine.exe [2011-08-01 1338256] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-19 138360] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x] S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . . --------- x86-64 ----------- . . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler] "{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://google.nl/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: Free YouTube Download - c:\users\rajni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm TCP: DhcpNameServer = 10.0.0.1 . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS] "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.2.0.10\diMaster.dll\" /prefetch:1" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3079376381-2054548843-520714141-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-3079376381-2054548843-520714141-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\TeamViewer\Version7\TeamViewer.exe c:\program files (x86)\TeamViewer\Version7\tv_w32.exe . ************************************************************************** . Voltooingstijd: 2012-01-22 03:44:25 - machine werd herstart ComboFix-quarantined-files.txt 2012-01-22 02:44 . Pre-Run: 285.893.320.704 bytes beschikbaar Post-Run: 285.779.484.672 bytes beschikbaar . - - End Of File - - 2C261E96E644E1EA9DDE1B528DA6F16A