ComboFix 13-05-01.03 - LocalUser 02/05/2013  20:17:00.1.2 - x64 NETWORK
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.32.1043.18.2812.2063 [GMT 2:00]
Gestart vanuit: c:\users\LocalUser\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Nieuw herstelpunt werd aangemaakt
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Microsoft
c:\microsoft\IMJP10\imjp10u.dic
c:\program files (x86)\Common Files\packardbell.ico
c:\programdata\FullRemove.exe
C:\System
c:\system\win_qs8.jqx
c:\users\LocalUser\AppData\Local\assembly\tmp
c:\users\LocalUser\AppData\Roaming\vso_ts_preview.xml
c:\users\LocalUser\Documents\~WRL0001.tmp
c:\windows\iun6002.exe
c:\windows\SysWow64\Cache
c:\windows\SysWow64\Cache\272512937d9e61a4.fb
c:\windows\SysWow64\Cache\287204568329e189.fb
c:\windows\SysWow64\Cache\28bc8f716fd76a47.fb
c:\windows\SysWow64\Cache\2c53092c95605355.fb
c:\windows\SysWow64\Cache\31a0997e9a5b5eb3.fb
c:\windows\SysWow64\Cache\32c84fe32bb74d60.fb
c:\windows\SysWow64\Cache\3917078cb68ec657.fb
c:\windows\SysWow64\Cache\590ba23ce359fd0c.fb
c:\windows\SysWow64\Cache\610289e025a3ee9a.fb
c:\windows\SysWow64\Cache\651c5d3cdbfb8bd1.fb
c:\windows\SysWow64\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\SysWow64\Cache\6d03dad1035885d3.fb
c:\windows\SysWow64\Cache\7ad5e9633c5d62b0.fb
c:\windows\SysWow64\Cache\a8556537add6dfc5.fb
c:\windows\SysWow64\Cache\ad10a52aff5e038d.fb
c:\windows\SysWow64\Cache\c1fa887b03019701.fb
c:\windows\SysWow64\Cache\c4d28dca2e7648be.fb
c:\windows\SysWow64\Cache\d201ef9910cd39de.fb
c:\windows\SysWow64\Cache\d2e94710a5708128.fb
c:\windows\SysWow64\Cache\d79b9dfe81484ec4.fb
c:\windows\SysWow64\Cache\f998975c9cc711ee.fb
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2013-04-02 to 2013-05-02  ))))))))))))))))))))))))))))))
.
.
2013-04-28 18:28 . 2013-04-28 18:29	--------	d-----w-	c:\programdata\VSO
2013-04-24 21:31 . 2013-04-12 14:45	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-23 18:03 . 2013-04-23 18:03	--------	d-----w-	c:\program files (x86)\Microsoft Games
2013-04-21 19:27 . 2013-04-21 19:27	--------	d-----w-	C:\Mozilla
2013-04-19 13:01 . 2013-04-19 13:01	--------	d-----w-	c:\windows\SysWow64\syncdb
2013-04-16 22:59 . 2013-02-07 20:44	175864	---ha-w-	c:\windows\SysWow64\BytescoutVideoMixerFilter.dll
2013-04-16 22:59 . 2013-02-07 20:44	429816	---ha-w-	c:\windows\SysWow64\BytescoutScreenCapturing.dll
2013-04-16 22:59 . 2013-02-07 20:44	261880	---ha-w-	c:\windows\SysWow64\BytescoutScreenCapturingFilter.dll
2013-04-16 22:59 . 2013-02-07 20:44	231672	---ha-w-	c:\windows\system32\BytescoutVideoMixerFilter.dll
2013-04-16 22:59 . 2013-02-07 20:44	584952	---ha-w-	c:\windows\system32\BytescoutScreenCapturing.dll
2013-04-16 22:59 . 2013-02-07 20:44	372984	---ha-w-	c:\windows\system32\BytescoutScreenCapturingFilter.dll
2013-04-16 22:59 . 2013-04-16 22:59	--------	d-----w-	c:\program files\Apowersoft
2013-04-16 21:42 . 2013-04-16 21:42	--------	d-----w-	c:\program files\CCleaner
2013-04-16 14:51 . 2013-04-16 14:51	--------	d-----w-	c:\program files (x86)\Common Files\Apple
2013-04-15 15:36 . 2013-04-15 15:36	--------	d-----w-	c:\windows\SysWow64\searchplugins
2013-04-15 15:36 . 2013-04-15 15:36	--------	d-----w-	c:\windows\SysWow64\Extensions
2013-04-15 15:35 . 2013-04-15 15:35	--------	d-----w-	c:\users\LocalUser\AppData\Roaming\PDF Creator Packages
2013-04-15 15:34 . 2013-04-24 22:39	--------	d-----w-	c:\users\LocalUser\AppData\Local\CUSTPDF Writer
2013-04-15 15:33 . 2011-10-04 20:43	87552	----a-w-	c:\windows\system32\custmon64i.dll
2013-04-15 15:33 . 2013-04-15 15:33	--------	d-----w-	c:\program files (x86)\GPLGS
2013-04-15 15:33 . 2013-04-15 15:33	--------	d-----w-	c:\program files\PDFCreator
2013-04-15 15:33 . 2013-04-15 15:33	--------	d-----w-	c:\users\LocalUser\AppData\Roaming\DSite
2013-04-15 15:33 . 2013-04-15 15:33	--------	d-----w-	c:\program files (x86)\PDFCreator
2013-04-13 21:45 . 2013-04-13 21:45	--------	d-----w-	c:\users\LocalUser\AppData\Roaming\RealNetworks
2013-04-12 19:39 . 2013-04-12 19:41	--------	d-----w-	c:\users\LocalUser\AppData\Local\iLivid
2013-04-12 09:10 . 2012-10-08 17:52	31968	----a-w-	c:\windows\system32\drivers\Apowersoft_AudioDevice.sys
2013-04-12 09:10 . 2013-04-12 09:10	--------	d-----w-	c:\users\LocalUser\AppData\Roaming\Apowersoft
2013-04-12 09:10 . 2013-04-12 09:10	--------	d-----w-	c:\users\LocalUser\AppData\Local\Programs
2013-04-12 09:05 . 2013-04-12 09:05	--------	d-----w-	c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-04-10 01:04 . 2013-02-22 06:12	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2013-04-10 01:04 . 2013-02-22 03:31	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-04-09 22:20 . 2013-02-15 06:06	3717632	----a-w-	c:\windows\system32\mstscax.dll
2013-04-09 10:28 . 2013-04-18 20:41	--------	d-----w-	c:\users\LocalUser\AppData\Roaming\GrabIt
2013-04-09 10:19 . 2013-04-09 10:19	--------	d-----w-	c:\program files (x86)\GrabIt
2013-04-08 22:16 . 2013-05-01 08:50	--------	d-----w-	c:\users\LocalUser\AppData\Local\Spotnet
2013-04-08 22:12 . 2013-04-08 22:12	--------	d-----w-	c:\program files (x86)\Spotnet
2013-04-08 22:12 . 2013-04-26 20:46	--------	d-----w-	c:\programdata\Spotnet
2013-04-08 22:12 . 2013-04-08 22:12	--------	d-----w-	c:\users\LocalUser\AppData\Roaming\Spotnet
2013-04-03 20:29 . 2013-04-03 20:29	--------	d-----w-	c:\users\LocalUser\AppData\Roaming\AVG2013
2013-04-03 19:51 . 2013-04-03 19:51	--------	d-----w-	c:\users\LocalUser\AppData\Roaming\TuneUp Software
2013-04-03 19:45 . 2013-04-03 19:53	--------	d-----w-	c:\programdata\AVG2013
2013-04-03 18:07 . 2013-04-05 11:06	--------	d-----w-	c:\users\LocalUser\AppData\Local\Avg2013
2013-04-03 18:07 . 2013-04-03 18:07	--------	d-----w-	c:\users\LocalUser\AppData\Local\MFAData
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-18 20:54 . 2012-04-03 21:31	691592	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-18 20:54 . 2011-07-08 23:19	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-10 01:06 . 2010-06-04 21:28	72702784	----a-w-	c:\windows\system32\MRT.exe
2013-04-04 12:50 . 2012-12-03 02:00	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-04-02 14:09 . 2013-04-02 14:09	4550656	----a-w-	c:\windows\SysWow64\GPhotos.scr
2013-03-24 23:59 . 2013-03-24 23:59	19968	----a-w-	c:\windows\system32\drivers\usb8023.sys
2013-02-26 21:40 . 2013-02-26 21:40	246072	----a-w-	c:\windows\system32\drivers\avgidsdrivera.sys
2013-02-19 08:39 . 2012-09-06 00:47	39768	----a-w-	c:\windows\system32\drivers\avgtpx64.sys
2013-02-14 01:52 . 2013-02-14 01:52	239416	----a-w-	c:\windows\system32\drivers\avgtdia.sys
2013-02-12 05:45 . 2013-03-14 00:21	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-14 00:21	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-14 00:21	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-14 00:21	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-14 00:21	474112	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-14 00:21	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-02-08 02:37 . 2013-02-08 02:37	116536	----a-w-	c:\windows\system32\drivers\avgmfx64.sys
2013-02-08 02:37 . 2013-02-08 02:37	311096	----a-w-	c:\windows\system32\drivers\avgloga.sys
2013-02-08 02:37 . 2013-02-08 02:37	71480	----a-w-	c:\windows\system32\drivers\avgidsha.sys
2013-02-08 02:37 . 2013-02-08 02:37	206136	----a-w-	c:\windows\system32\drivers\avgldx64.sys
2013-02-08 02:37 . 2013-02-08 02:37	45880	----a-w-	c:\windows\system32\drivers\avgrkx64.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0SmartDefragBootTime.exe
.
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2013-02-26 246072]
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2013-02-08 206136]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-09-04 203264]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2013-02-27 4937264]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-02-19 282624]
R2 CDMA Device Service;CDMA Device Service;c:\program files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe [2011-08-02 159232]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2009-09-30 844320]
R2 Greg_Service;GRegService;c:\program files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2010-11-16 339456]
R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe [2007-11-28 1039872]
R2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe [2009-04-28 29184]
R2 Mobile Partner. RunOuc;Mobile Partner. OUC;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe [2012-06-16 218624]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2009-09-24 62720]
R2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe [2009-08-29 44312]
R2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2009-07-04 240160]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-07-18 36328]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2012-10-08 31968]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-06-16 117248]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-06-16 13952]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2012-06-16 256000]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-05-27 82816]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-07-18 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-07-18 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-07-18 146920]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-04 1255736]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 430424]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2013-02-08 71480]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2013-02-08 311096]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2013-02-08 116536]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2013-02-08 45880]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 18232]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2013-02-14 239416]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-02-19 39768]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-06-16 85504]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-06 317480]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-07-18 157672]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
Inhoud van de 'Gedeelde Taken' map
.
2013-04-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 20:54]
.
2010-10-04 c:\windows\Tasks\At1.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]
.
2010-10-09 c:\windows\Tasks\At2.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]
.
2013-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-14 02:22]
.
2013-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-14 02:22]
.
2013-04-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2653478186-2331377043-3951839879-1001Core.job
- c:\users\LocalUser\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-19 22:33]
.
2013-05-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2653478186-2331377043-3951839879-1001UA.job
- c:\users\LocalUser\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-19 22:33]
.
.
--------- X64 Entries -----------
.
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0813&m=easynote_lj71&r=27360510a955l0434z1j5f44i2u469
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0813&m=easynote_lj71&r=27360510a955l0434z1j5f44i2u469
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0B158C59-4DC4-4844-A9D6-D7F8F9C284DA}: NameServer = 217.72.230.1 217.72.230.129
TCP: Interfaces\{1A1E9B8A-8556-4610-AF4D-71E1F73FCA42}: NameServer = 217.72.230.129 217.72.230.1
TCP: Interfaces\{62723C8D-7E23-4F4C-B30A-935297789306}: NameServer = 217.72.230.129 217.72.230.1
TCP: Interfaces\{7C9F91F7-7C3F-4FD4-8C96-D76B82583A53}: NameServer = 217.72.230.1 217.72.230.129
TCP: Interfaces\{CDA717CF-B336-41E6-8E62-6CA219CC4CB8}: NameServer = 217.72.230.129 217.72.230.1
TCP: Interfaces\{E70183A2-D77D-445C-8CD2-819DB5E1C364}: NameServer = 217.72.230.1 217.72.230.129
FF - ProfilePath - 
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
WebBrowser-{ECE24DCF-8548-4655-B392-47A388721482} - (no file)
WebBrowser-{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - (no file)
AddRemove-Athan - c:\windows\iun6002.exe
AddRemove-Convert Image To PDF_is1 - c:\program files (x86)\Softinterface
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2013-05-02  20:39:47 - machine werd herstart
ComboFix-quarantined-files.txt  2013-05-02 18:39
.
Pre-Run: 75.384.532.992 bytes beschikbaar
Post-Run: 75.573.833.728 bytes beschikbaar
.
- - End Of File - - C871FA1BCC6E51675A2365315A6732A7