ComboFix 12-08-13.01 - Familie F.Mieras 13-08-2012 23:23:59.2.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4061.1996 [GMT 2:00] Gestart vanuit: c:\users\Familie F.Mieras\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Familie F.Mieras\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome.manifest c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.js c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.xul c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\install.rdf c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome.manifest c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.js c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.xul c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext\ffjcext.dtd c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\install.rdf c:\programdata\bghtibzsjztvaje c:\programdata\bghtibzsjztvaje\btn-green.png c:\programdata\bghtibzsjztvaje\corners-btn.png c:\programdata\bghtibzsjztvaje\corners1.png c:\programdata\bghtibzsjztvaje\corners2.png c:\programdata\bghtibzsjztvaje\corners3.png c:\programdata\bghtibzsjztvaje\corners4.png c:\programdata\bghtibzsjztvaje\ie6-7.css c:\programdata\bghtibzsjztvaje\McAfee.png c:\programdata\bghtibzsjztvaje\nl-flag.png c:\programdata\bghtibzsjztvaje\nl-image.png c:\programdata\bghtibzsjztvaje\pay7.png c:\programdata\bghtibzsjztvaje\pay8.png c:\programdata\bghtibzsjztvaje\pay9.png c:\programdata\bghtibzsjztvaje\steps-en.png c:\programdata\bghtibzsjztvaje\steps-nl.png c:\programdata\bghtibzsjztvaje\style.css c:\programdata\bghtibzsjztvaje\tabs.png c:\programdata\bghtibzsjztvaje\wait.html c:\programdata\vkesuhgbgmqvxkc c:\programdata\vkesuhgbgmqvxkc\btn-green.png c:\programdata\vkesuhgbgmqvxkc\corners-btn.png c:\programdata\vkesuhgbgmqvxkc\corners1.png c:\programdata\vkesuhgbgmqvxkc\corners2.png c:\programdata\vkesuhgbgmqvxkc\corners3.png c:\programdata\vkesuhgbgmqvxkc\corners4.png c:\programdata\vkesuhgbgmqvxkc\ie6-7.css c:\programdata\vkesuhgbgmqvxkc\McAfee.png c:\programdata\vkesuhgbgmqvxkc\nl-flag.png c:\programdata\vkesuhgbgmqvxkc\nl-image.png c:\programdata\vkesuhgbgmqvxkc\pay7.png c:\programdata\vkesuhgbgmqvxkc\pay8.png c:\programdata\vkesuhgbgmqvxkc\pay9.png c:\programdata\vkesuhgbgmqvxkc\steps-en.png c:\programdata\vkesuhgbgmqvxkc\steps-nl.png c:\programdata\vkesuhgbgmqvxkc\style.css c:\programdata\vkesuhgbgmqvxkc\tabs.png c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e} c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\chrome.manifest c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\chrome\nch_en.jar c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\ConduitAutoCompleteSearch.js c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\ConduitAutoCompleteSearch.xpt c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\defaults\alertSettingsComponent.xml c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\defaults\appContextMenu.xml c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\defaults\fbAlert.js c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\defaults\getAppsContextMenu.xml c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\defaults\postAppsContextMenu.xml c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\defaults\toolbarContextMenu.xml c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\defaults\unsharedAppsContextMenu.xml c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\install.rdf c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\META-INF\manifest.mf c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\META-INF\zigbert.rsa c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\META-INF\zigbert.sf c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\Chat.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\DataStructures.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\EBEncryption.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\ExternalLibraryLoader.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\HTTP.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\IO.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\Log.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\MainSingleton.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\MD5.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\Notifications.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\ObserversAndEvents.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\Prefs.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\SearchProtector.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\SearchSuggestIO.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\String.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\TEAEncryption.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\Timer.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\Twitter.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\URL.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\WebProgress.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\Windows.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\modules\XML.jsm c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\Plugins\np-mswmp.dll c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\searchplugin\conduit.xml c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\version.txt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-13 to 2012-08-13 )))))))))))))))))))))))))))))) . . 2012-08-13 21:28 . 2012-08-13 21:28 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-13 20:48 . 2012-08-13 20:49 -------- d-----w- c:\users\Familie F.Mieras\AppData\Local\CrashDumps 2012-08-13 20:38 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ED853F4E-0210-4436-90E3-83FCA4EEFEFF}\mpengine.dll 2012-08-13 20:32 . 2012-08-13 20:41 -------- d-----w- c:\users\Familie F.Mieras\AppData\Roaming\Systweak 2012-08-13 20:32 . 2012-02-14 10:49 114176 ----a-w- c:\windows\SysWow64\PCWizard.cpl 2012-08-13 20:32 . 2012-08-13 20:32 -------- d-----w- c:\program files (x86)\CPUID 2012-08-13 19:41 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-13 16:22 . 2012-08-13 19:40 -------- d-----w- c:\users\LogMeInRemoteUser 2012-07-30 20:47 . 2012-07-30 20:47 -------- d-----w- c:\users\Familie F.Mieras\AppData\Local\LogMeIn 2012-07-30 20:47 . 2012-07-05 16:10 59808 ----a-w- c:\windows\system32\Spool\prtprocs\x64\LMIproc.dll 2012-07-30 20:47 . 2012-07-05 16:10 34720 ----a-w- c:\windows\system32\LMIport.dll 2012-07-30 20:47 . 2012-07-05 16:11 87488 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2012-07-30 20:47 . 2012-06-08 10:06 72216 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys 2012-07-30 20:47 . 2012-07-05 16:10 80800 ----a-w- c:\windows\system32\LMIinit.dll 2012-07-30 20:47 . 2012-08-13 06:06 -------- d-----w- c:\programdata\LogMeIn 2012-07-30 20:47 . 2012-07-30 20:48 -------- d-----w- c:\program files (x86)\LogMeIn 2012-07-30 20:24 . 2012-07-30 20:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-07-30 20:24 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-03 22:26 . 2012-04-20 06:34 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-03 22:26 . 2011-10-27 06:22 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-13 22:33 . 2011-01-04 19:27 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-06-12 03:08 . 2012-07-13 22:35 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-06-09 05:43 . 2012-07-13 20:04 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-06-08 10:05 . 2012-06-08 10:05 35616 ----a-w- c:\windows\system32\lmimirr.dll 2012-06-08 10:05 . 2012-06-08 10:05 14624 ----a-w- c:\windows\system32\lmimirr2.dll 2012-06-08 10:05 . 2012-06-08 10:05 11552 ----a-w- c:\windows\system32\drivers\lmimirr.sys 2012-06-06 06:06 . 2012-07-13 20:04 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 06:06 . 2012-07-13 20:04 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 06:02 . 2012-07-13 20:04 1133568 ----a-w- c:\windows\system32\cdosys.dll 2012-06-06 05:05 . 2012-07-13 20:04 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-06-06 05:05 . 2012-07-13 20:04 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-06 05:03 . 2012-07-13 20:04 805376 ----a-w- c:\windows\SysWow64\cdosys.dll 2012-06-02 22:19 . 2012-06-22 06:42 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-22 06:42 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-22 06:42 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-22 06:42 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-22 06:42 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-22 06:42 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-22 06:42 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-22 06:41 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-22 06:41 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 12:49 . 2012-07-13 22:32 17807360 ----a-w- c:\windows\system32\mshtml.dll 2012-06-02 12:17 . 2012-07-13 22:32 10924032 ----a-w- c:\windows\system32\ieframe.dll 2012-06-02 12:12 . 2012-07-13 22:32 2311680 ----a-w- c:\windows\system32\jscript9.dll 2012-06-02 12:05 . 2012-07-13 22:32 1346048 ----a-w- c:\windows\system32\urlmon.dll 2012-06-02 12:05 . 2012-07-13 22:32 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-06-02 12:04 . 2012-07-13 22:32 1494528 ----a-w- c:\windows\system32\inetcpl.cpl 2012-06-02 12:04 . 2012-07-13 22:32 237056 ----a-w- c:\windows\system32\url.dll 2012-06-02 12:03 . 2012-07-13 22:32 85504 ----a-w- c:\windows\system32\jsproxy.dll 2012-06-02 12:01 . 2012-07-13 22:32 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-06-02 12:00 . 2012-07-13 22:32 818688 ----a-w- c:\windows\system32\jscript.dll 2012-06-02 11:59 . 2012-07-13 22:32 2144768 ----a-w- c:\windows\system32\iertutil.dll 2012-06-02 11:57 . 2012-07-13 22:32 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-06-02 11:57 . 2012-07-13 22:32 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-06-02 11:54 . 2012-07-13 22:32 248320 ----a-w- c:\windows\system32\ieui.dll 2012-06-02 08:33 . 2012-07-13 22:32 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-06-02 08:25 . 2012-07-13 22:32 1129472 ----a-w- c:\windows\SysWow64\wininet.dll 2012-06-02 08:25 . 2012-07-13 22:32 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-06-02 08:20 . 2012-07-13 22:32 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-06-02 08:16 . 2012-07-13 22:32 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-06-02 05:50 . 2012-07-13 20:04 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 05:48 . 2012-07-13 20:04 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 05:48 . 2012-07-13 20:04 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 05:45 . 2012-07-13 20:04 340992 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 05:44 . 2012-07-13 20:04 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-06-02 04:40 . 2012-07-13 20:04 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-06-02 04:40 . 2012-07-13 20:04 225280 ----a-w- c:\windows\SysWow64\schannel.dll 2012-06-02 04:39 . 2012-07-13 20:04 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-06-02 04:34 . 2012-07-13 20:04 96768 ----a-w- c:\windows\SysWow64\sspicli.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-08-13_19.59.17 ))))))))))))))))))))))))))))))))))))))))) . + 2010-12-30 19:49 . 2012-08-13 20:00 59456 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-08-13 20:00 42536 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-01-04 19:21 . 2012-08-13 20:00 18346 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3308618918-2118675356-1865267735-1001_UserData.bin + 2011-01-04 12:31 . 2012-08-13 19:58 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-01-04 12:31 . 2012-08-13 19:46 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-01-04 12:31 . 2012-08-13 19:58 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2011-01-04 12:31 . 2012-08-13 19:46 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-08-13 19:46 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-08-13 19:58 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-04-11 14:59 . 2012-04-11 14:59 77128 c:\windows\Downloaded Program Files\LMIProxyHelper.exe + 2012-04-11 14:59 . 2012-04-11 14:59 8592 c:\windows\system32\ractrlkeyhook.dll - 2012-08-13 19:58 . 2012-08-13 19:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-08-13 21:28 . 2012-08-13 21:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-08-13 21:28 . 2012-08-13 21:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-08-13 19:58 . 2012-08-13 19:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 05:01 . 2012-08-13 19:58 424480 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-08-13 21:28 424480 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-08-13 20:49 . 2012-08-13 20:49 334736 c:\windows\Downloaded Program Files\swscale-2.dll + 2012-05-15 08:33 . 2012-05-15 08:33 310160 c:\windows\Downloaded Program Files\LMIGuardianEvt.dll + 2012-05-15 08:33 . 2012-05-15 08:33 375184 c:\windows\Downloaded Program Files\LMIGuardian.exe + 2012-08-13 20:49 . 2012-08-13 20:49 144272 c:\windows\Downloaded Program Files\LMIBroker.exe + 2012-08-13 20:49 . 2012-08-13 20:49 178576 c:\windows\Downloaded Program Files\avutil-51.dll + 2012-05-15 08:33 . 2012-05-15 08:33 6042000 c:\windows\Downloaded Program Files\RACtrl.dll + 2012-05-15 08:33 . 2012-05-15 08:33 1311632 c:\windows\Downloaded Program Files\LMIGuardianDll.dll + 2011-01-04 22:22 . 2012-08-13 21:28 21018208 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3308618918-2118675356-1865267735-1001-12288.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-01-06 39408] "TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696] "Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-25 1117528] "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-09-04 240112] "Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-09-03 518640] "EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-04 559616] . c:\users\Familie F.Mieras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384] OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 245120] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Connected Home Utility.lnk - c:\program files (x86)\Sweex\Common\RaUI.exe [2012-4-5 502784] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-06 136176] R2 KMService;KMService;c:\windows\system32\srvany.exe [x] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-09-04 219632] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056] R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-08-11 24368] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-06 136176] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552] R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2008-05-02 18432] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-04-10 25072] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-09-04 1116656] R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2008-10-24 43008] R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 24064] R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2008-10-24 43008] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-04 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648] S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400] S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336] S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-07-05 375208] S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2012-06-08 15928] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x] S2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Sweex\Common\RaRegistry64.exe [2009-12-10 212256] S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480] S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592] S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-26 138752] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 netr28ux;Sweex Wireless USB Adapter Driver;c:\windows\system32\DRIVERS\netr28ux.sys [2010-07-27 1241952] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] . . Inhoud van de 'Gedeelde Taken' map . 2012-08-13 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 22:26] . 2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-06 21:11] . 2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-06 21:11] . 2012-08-02 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11] . 2012-08-13 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-21 8306208] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] "LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2012-06-08 57928] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.2.1 FF - ProfilePath - c:\users\Familie F.Mieras\AppData\Roaming\Mozilla\Firefox\Profiles\o60hmzmq.default\ FF - prefs.js: browser.startup.homepage - www.google.nl FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file) . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0] "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Sweex\Common\RaRegistry.exe c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE . ************************************************************************** . Voltooingstijd: 2012-08-13 23:44:11 - machine werd herstart ComboFix-quarantined-files.txt 2012-08-13 21:44 ComboFix2.txt 2012-08-13 20:14 . Pre-Run: 414.868.295.680 bytes beschikbaar Post-Run: 414.790.705.152 bytes beschikbaar . - - End Of File - - 84330F768A4D777C6311835A31921190