ComboFix 13-05-22.01 - Balbi 22/05/2013 17:20:22.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3957.2132 [GMT 2:00] Gestart vanuit: c:\users\Balbi\Desktop\ComboFix.exe AV: AVG Anti-Virus 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: AVG Anti-Virus 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\PCDr\6261\AddOnDownloaded\1b0b3c38-2b97-4f8d-954b-06296209b73d.dll c:\programdata\PCDr\6261\AddOnDownloaded\1ea63693-456f-437c-857f-522df77e7357.dll c:\programdata\PCDr\6261\AddOnDownloaded\2d5007b2-cc36-4b97-a231-d0c427a69035.dll c:\programdata\PCDr\6261\AddOnDownloaded\32ac3173-77bd-4ec6-9638-94e174508c22.dll c:\programdata\PCDr\6261\AddOnDownloaded\330761e0-2594-472d-8455-796592cf88dc.dll c:\programdata\PCDr\6261\AddOnDownloaded\3d9332d1-0b48-40cc-9189-068cf64600b6.dll c:\programdata\PCDr\6261\AddOnDownloaded\3e0b29b2-9809-4050-abfc-ef8aff73ceab.dll c:\programdata\PCDr\6261\AddOnDownloaded\4d4f44db-c9f0-4cc8-a32f-e98ea4fff68d.dll c:\programdata\PCDr\6261\AddOnDownloaded\5f2ce3e8-3c56-40bb-86d6-a1a41867000b.dll c:\programdata\PCDr\6261\AddOnDownloaded\7b6e388f-35d0-44f8-aa2c-20538273473f.dll c:\programdata\PCDr\6261\AddOnDownloaded\7dd123b0-30e9-4f67-b7e2-20e7374cbb87.dll c:\programdata\PCDr\6261\AddOnDownloaded\88bde4bf-b24d-4cb6-92ef-eb02d3276f09.dll c:\programdata\PCDr\6261\AddOnDownloaded\96c23f75-9f21-4ef8-a3c8-1a554b815309.dll c:\programdata\PCDr\6261\AddOnDownloaded\97cd9b9c-9747-469a-acfa-cfbf8aed528a.dll c:\programdata\PCDr\6261\AddOnDownloaded\9cdc7b97-c1d2-495c-8b7f-12fd3c7e14b8.dll c:\programdata\PCDr\6261\AddOnDownloaded\be661974-a339-4e9a-bea4-bda0af68ba7f.dll c:\programdata\PCDr\6261\AddOnDownloaded\bea3f575-677a-4c92-89ca-7be8480c11a9.dll c:\programdata\PCDr\6261\AddOnDownloaded\c0ff87a7-2f82-4d5e-8d0f-38cbd0c2f4d1.dll c:\programdata\PCDr\6261\AddOnDownloaded\ca35a61e-780d-401f-891e-22b67162d061.dll c:\programdata\PCDr\6261\AddOnDownloaded\ca39d363-7f7b-442f-9d1a-7cf8e06b7b08.dll c:\programdata\PCDr\6261\AddOnDownloaded\caf72ad2-a222-415c-a303-8ca35e466713.dll c:\programdata\PCDr\6261\AddOnDownloaded\d04640e7-f772-4909-8f8e-f8294ff0752f.dll c:\programdata\PCDr\6261\AddOnDownloaded\d2597799-52b1-4a68-9280-897ad5c0c18e.dll c:\programdata\PCDr\6261\AddOnDownloaded\f04a4d58-1eb6-4e35-b4b4-db6bab11e49b.dll c:\programdata\PCDr\6261\AddOnDownloaded\fb803e34-29ed-4941-a7b3-4074ca51286c.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2013-04-22 to 2013-05-22 )))))))))))))))))))))))))))))) . . 2013-05-22 15:26 . 2013-05-22 15:26 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-05-22 15:14 . 2013-05-22 15:14 -------- d-----w- c:\users\Balbi\AppData\Local\Avg2013 2013-05-22 12:34 . 2013-05-22 12:34 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi 2013-05-22 11:13 . 2013-05-22 11:13 -------- d-----w- c:\programdata\PC-Doctor for Windows 2013-05-22 11:13 . 2013-05-22 11:13 -------- d-----w- c:\program files\My Dell 2013-05-22 11:10 . 2013-05-22 11:10 -------- d-----w- c:\users\Balbi\AppData\Local\Apps 2013-05-22 11:10 . 2013-05-22 11:11 -------- d-----w- c:\users\Balbi\AppData\Local\Deployment 2013-05-21 15:01 . 2013-04-05 04:43 2706432 ----a-w- c:\windows\system32\mshtml.tlb 2013-05-21 15:01 . 2013-04-05 04:29 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb 2013-05-21 15:01 . 2013-04-05 06:51 278528 ----a-w- c:\program files\Internet Explorer\sqmapi.dll 2013-05-21 15:01 . 2013-04-05 06:50 526336 ----a-w- c:\windows\system32\ieui.dll 2013-05-21 15:01 . 2013-04-05 05:27 217600 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll 2013-05-21 15:01 . 2013-04-05 06:52 51712 ----a-w- c:\windows\system32\ie4uinit.exe 2013-05-21 15:01 . 2013-04-05 06:50 356352 ----a-w- c:\program files\Internet Explorer\IEShims.dll 2013-05-21 15:01 . 2013-04-05 06:50 701952 ----a-w- c:\program files\Internet Explorer\ieproxy.dll 2013-05-21 15:01 . 2013-04-05 05:26 257536 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll 2013-05-16 15:06 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2013-05-16 15:06 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2013-05-16 15:06 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll 2013-05-16 15:06 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll 2013-05-16 15:06 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll 2013-05-16 15:06 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll 2013-05-16 15:06 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe 2013-05-16 15:06 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll 2013-05-16 15:06 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll 2013-05-16 15:05 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys 2013-05-16 15:05 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll 2013-05-16 15:05 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll 2013-04-29 08:29 . 2013-05-22 15:29 -------- d-----w- c:\users\Balbi\AppData\Local\Temp 2013-04-29 08:20 . 2013-05-22 15:29 -------- d-----w- c:\windows\system32\drivers\etc 2013-04-26 15:13 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-21 15:06 . 2011-05-15 11:58 75016696 ----a-w- c:\windows\system32\MRT.exe 2013-05-02 15:29 . 2011-03-10 17:08 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-04-13 05:49 . 2013-05-16 15:06 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49 . 2013-05-16 15:06 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49 . 2013-05-16 15:06 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49 . 2013-05-16 15:06 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45 . 2013-05-16 15:06 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-04-13 04:45 . 2013-05-16 15:06 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-04-04 12:50 . 2012-11-05 20:16 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-04-03 17:06 . 2013-04-03 17:06 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-04-03 17:06 . 2013-04-03 17:06 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-04-03 17:06 . 2013-04-03 17:06 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-04-03 17:06 . 2013-04-03 17:06 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-04-03 17:06 . 2013-04-03 17:06 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-04-03 17:06 . 2013-04-03 17:06 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-04-03 17:06 . 2013-04-03 17:06 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-04-03 17:06 . 2013-04-03 17:06 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-04-03 17:06 . 2013-04-03 17:06 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-04-03 17:06 . 2013-04-03 17:06 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-04-03 17:06 . 2013-04-03 17:06 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-04-03 17:06 . 2013-04-03 17:06 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-04-03 17:06 . 2013-04-03 17:06 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-04-03 17:06 . 2013-04-03 17:06 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-04-03 17:06 . 2013-04-03 17:06 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-04-03 17:06 . 2013-04-03 17:06 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-04-03 17:06 . 2013-04-03 17:06 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-04-03 17:06 . 2013-04-03 17:06 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-04-03 17:06 . 2013-04-03 17:06 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-04-03 17:06 . 2013-04-03 17:06 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-04-03 17:06 . 2013-04-03 17:06 81408 ----a-w- c:\windows\system32\icardie.dll 2013-04-03 17:06 . 2013-04-03 17:06 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-04-03 17:06 . 2013-04-03 17:06 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-04-03 17:06 . 2013-04-03 17:06 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-04-03 17:06 . 2013-04-03 17:06 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-04-03 17:06 . 2013-04-03 17:06 441856 ----a-w- c:\windows\system32\html.iec 2013-04-03 17:06 . 2013-04-03 17:06 281600 ----a-w- c:\windows\system32\dxtrans.dll 2013-04-03 17:06 . 2013-04-03 17:06 27648 ----a-w- c:\windows\system32\licmgr10.dll 2013-04-03 17:06 . 2013-04-03 17:06 270848 ----a-w- c:\windows\system32\iedkcs32.dll 2013-04-03 17:06 . 2013-04-03 17:06 247296 ----a-w- c:\windows\system32\webcheck.dll 2013-04-03 17:06 . 2013-04-03 17:06 235008 ----a-w- c:\windows\system32\url.dll 2013-04-03 17:06 . 2013-04-03 17:06 216064 ----a-w- c:\windows\system32\msls31.dll 2013-04-03 17:06 . 2013-04-03 17:06 197120 ----a-w- c:\windows\system32\msrating.dll 2013-04-03 17:06 . 2013-04-03 17:06 173568 ----a-w- c:\windows\system32\ieUnatt.exe 2013-04-03 17:06 . 2013-04-03 17:06 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-04-03 17:06 . 2013-04-03 17:06 1509376 ----a-w- c:\windows\system32\inetcpl.cpl 2013-04-03 17:06 . 2013-04-03 17:06 149504 ----a-w- c:\windows\system32\occache.dll 2013-04-03 17:06 . 2013-04-03 17:06 144896 ----a-w- c:\windows\system32\wextract.exe 2013-04-03 17:06 . 2013-04-03 17:06 1400416 ----a-w- c:\windows\system32\ieapfltr.dat 2013-04-03 17:06 . 2013-04-03 17:06 102912 ----a-w- c:\windows\system32\inseng.dll 2013-04-03 17:06 . 2013-04-03 17:06 13824 ----a-w- c:\windows\system32\mshta.exe 2013-04-03 17:06 . 2013-04-03 17:06 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-04-03 17:06 . 2013-04-03 17:06 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-04-03 17:06 . 2013-04-03 17:06 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-04-03 17:06 . 2013-04-03 17:06 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-04-03 17:06 . 2013-04-03 17:06 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-04-03 17:06 . 2013-04-03 17:06 136192 ----a-w- c:\windows\system32\iepeers.dll 2013-04-03 17:06 . 2013-04-03 17:06 135680 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-04-03 17:06 . 2013-04-03 17:06 12800 ----a-w- c:\windows\system32\msfeedssync.exe 2013-04-03 17:04 . 2013-04-03 17:04 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2013-04-03 17:04 . 2013-04-03 17:04 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-04-03 17:04 . 2013-04-03 17:04 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll 2013-04-03 17:04 . 2013-04-03 17:04 648192 ----a-w- c:\windows\system32\d3d10level9.dll 2013-04-03 17:04 . 2013-04-03 17:04 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2013-04-03 17:04 . 2013-04-03 17:04 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2013-04-03 17:04 . 2013-04-03 17:04 465920 ----a-w- c:\windows\system32\WMPhoto.dll 2013-04-03 17:04 . 2013-04-03 17:04 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll 2013-04-03 17:04 . 2013-04-03 17:04 3928064 ----a-w- c:\windows\system32\d2d1.dll 2013-04-03 17:04 . 2013-04-03 17:04 363008 ----a-w- c:\windows\system32\dxgi.dll 2013-04-03 17:04 . 2013-04-03 17:04 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll 2013-04-03 17:04 . 2013-04-03 17:04 333312 ----a-w- c:\windows\system32\d3d10_1core.dll 2013-04-03 17:04 . 2013-04-03 17:04 296960 ----a-w- c:\windows\system32\d3d10core.dll 2013-04-03 17:04 . 2013-04-03 17:04 293376 ----a-w- c:\windows\SysWow64\dxgi.dll 2013-04-03 17:04 . 2013-04-03 17:04 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll 2013-04-03 17:04 . 2013-04-03 17:04 2565120 ----a-w- c:\windows\system32\d3d10warp.dll 2013-04-03 17:04 . 2013-04-03 17:04 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll 2013-04-03 17:04 . 2013-04-03 17:04 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2013-04-03 17:04 . 2013-04-03 17:04 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll 2013-04-03 17:04 . 2013-04-03 17:04 221184 ----a-w- c:\windows\system32\UIAnimation.dll 2013-04-03 17:04 . 2013-04-03 17:04 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll 2013-04-03 17:04 . 2013-04-03 17:04 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll 2013-04-03 17:04 . 2013-04-03 17:04 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll 2013-04-03 17:04 . 2013-04-03 17:04 194560 ----a-w- c:\windows\system32\d3d10_1.dll 2013-04-03 17:04 . 2013-04-03 17:04 1887232 ----a-w- c:\windows\system32\d3d11.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-05-03 1635752] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112] "Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-20 487562] "Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528] "CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112] "IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-03-02 140640] "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-12-11 3147384] "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-08 559616] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 1082656] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904] R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 DIRECTIO;DIRECTIO;c:\program files\PerformanceTest\DirectIo64.sys [2012-08-13 25704] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-05 19456] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-05-07 245792] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-11-05 57856] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-10 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-01-23 202752] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-05-15 2467664] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000] S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-01 2533400] S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [2010-02-02 20984] S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-03-31 53800] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-31 35104] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2010-08-12 175168] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928] . . Inhoud van de 'Gedeelde Taken' map . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-14 10144288] "Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-02-02 5712896] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-24 2726728] "DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-01-25 1802472] "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Free YouTube to MP3 Converter - c:\users\Balbi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://ips.poi.de/ips-opdata/layout/fnac/objects/jordan.cab . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-Adobe Shockwave Player - c:\windows\system32\adobe\SHOCKW~1\UNWISE.EXE AddRemove-Optimizer Pro_is1 - c:\program files (x86)\Optimizer Pro\unins000.exe AddRemove-{E4FB1CF1-F7F6-169B-A95A-5562D86C6DF4} - c:\progra~3\INSTAL~1\{347F3~1\Setup.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3192747087-2617879335-1455458431-1000\Software\G*e*n*i*e*"!\FM Genie Scout 11] "GameDir"="c:\\Users\\Balbi\\Documents\\Sports Interactive\\Football Manager 2011\\games" "ShortlistDir"="" "FMPath"="" "ScreenshotsDir"="c:\\Users\\Balbi\\Documents\\Sports Interactive\\Football Manager 2011" "SaveDir"="c:\\Users\\Balbi\\Documents\\Sports Interactive\\Football Manager 2011\\" "HistoryDir"="c:\\FM Genie Scout 11\\History Points" "LangDB"="c:\\FM Genie Scout 11\\lang_db.dat" "LastSaveGame"="c:\\Users\\Balbi\\Documents\\Sports Interactive\\Football Manager 2011\\games\\dortmund.fm" "Language"="English" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="PSV Eindhoven" "LastUpdateCheck"=dword:00009f68 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000081 "UniqueID"="96-A160-E9FF" "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "PlayerSearchFeatureNum"=dword:00000027 "StaffSearchFeatureNum"=dword:00000005 "ClubSearchFeatureNum"=dword:00000003 "FilterByClubFeatureNum"=dword:00000000 "CompareFeatureNum"=dword:00000000 "ShortlistFeatureNum"=dword:00000000 "ExportFeatureNum"=dword:00000000 "HistoryFeatureNum"=dword:00000000 "LanguageDBFeatureNum"=dword:00000028 "HintsFeatureNum"=dword:00000000 "GenieReportFeatureNum"=dword:00000000 "TopFormationFeatureNum"=dword:00000001 "ScreenshotFeatureNum"=dword:00000000 "Currency"=dword:00000056 "VersionOf"=dword:0000007b . [HKEY_USERS\S-1-5-21-3192747087-2617879335-1455458431-1000\Software\G*e*n*i*e*"!\FM Genie Scout 11g] "PicturesNumber"=dword:00000000 . [HKEY_USERS\S-1-5-21-3192747087-2617879335-1455458431-1000\Software\G*e*n*i*e*"!\FM Genie Scout 12] "GameDir"="c:\\Users\\Balbi\\Documents\\Sports Interactive\\Football Manager 2012\\games" "ShortlistDir"="c:\\Users\\Balbi\\Documents\\Sports Interactive\\Football Manager 2012\\shortlists" "FMPath"="" "ScreenshotsDir"="c:\\Users\\Balbi\\Documents\\Sports Interactive\\Football Manager 2012" "SaveDir"="c:\\Users\\Balbi\\Documents\\Sports Interactive\\Football Manager 2012\\" "HistoryDir"="c:\\FM Genie Scout 12\\History Points" "LangDB"="c:\\FM Genie Scout 12\\lang_db.dat" "LastSaveGame"="c:\\Users\\Balbi\\Documents\\Sports Interactive\\Football Manager 2012\\games\\sheffield.fm" "Language"="English" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="Steklo Black" "LastUpdateCheck"=dword:0000a10f "VersionOf"=dword:00000000 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "ShowGuidNotification"=dword:00000000 "ShowDonateNotification"=dword:00000000 "Version"=dword:000000cf "UniqueID"="96-A160-E9FF" "Currency"=dword:00000056 "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "PlayerSearchFeatureNum"=dword:0000002d "StaffSearchFeatureNum"=dword:00000008 "ClubSearchFeatureNum"=dword:00000001 "FilterByClubFeatureNum"=dword:0000000b "CompareFeatureNum"=dword:00000000 "ShortlistFeatureNum"=dword:00000000 "ExportFeatureNum"=dword:00000000 "HistoryFeatureNum"=dword:00000000 "LanguageDBFeatureNum"=dword:00000030 "HintsFeatureNum"=dword:00000001 "GenieReportFeatureNum"=dword:00000000 "TopFormationFeatureNum"=dword:00000000 "ScreenshotFeatureNum"=dword:00000000 "AdClicksNum"=dword:00000003 "AdImpressionsNum"=dword:00000049 "GameLoadedCounter"=dword:00000041 "VersionOf201"=dword:0000007b . [HKEY_USERS\S-1-5-21-3192747087-2617879335-1455458431-1000\Software\G*e*n*i*e*"!\FM Genie Scout 13g] "GameDir"="c:\\Users\\Balbi\\Documents\\Sports Interactive\\Football Manager 2013\\games" "ShortlistDir"="c:\\Users\\Balbi\\Documents\\Sports Interactive\\Football Manager 2013\\shortlists" "GraphicPackDir"="" "FMPath"="c:\\Program Files (x86)\\Steam\\steamapps\\common\\Football Manager 2013" "ScreenshotsDir"="c:\\Users\\Balbi\\Documents\\Sports Interactive\\Football Manager 2013" "SaveDir"="c:\\Users\\Balbi\\Documents\\Sports Interactive\\Football Manager 2013\\" "HistoryDir"="c:\\FM Genie Scout 13g\\History Points" "LangDB"="c:\\FM Genie Scout 13g\\lang_db.dat" "LastSaveGame"="" "Language"="English" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="Steklo Black" "LastUpdateCheck"=dword:0000a171 "VersionOf202"=dword:0000007b "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "ShowGuidNotification"=dword:00000000 "Version"=dword:00000154 "UniqueID"="96-A160-E9FF" "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "PlayerSearchFeatureNum"=dword:00000021 "StaffSearchFeatureNum"=dword:00000007 "ClubSearchFeatureNum"=dword:00000002 "FilterByClubFeatureNum"=dword:00000010 "CompareFeatureNum"=dword:00000000 "ShortlistFeatureNum"=dword:00000000 "ExportFeatureNum"=dword:00000000 "HistoryFeatureNum"=dword:00000000 "LanguageDBFeatureNum"=dword:00000000 "HintsFeatureNum"=dword:00000000 "GenieReportFeatureNum"=dword:00000001 "TopFormationFeatureNum"=dword:00000000 "ScreenshotFeatureNum"=dword:00000000 "Offsets"="" "Currency"=dword:00000056 "ShowGuidNotification2"=dword:00000000 "ShowQuickGuideNotification"=dword:00000000 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe . ************************************************************************** . Voltooingstijd: 2013-05-22 17:35:13 - machine werd herstart ComboFix-quarantined-files.txt 2013-05-22 15:35 . Pre-Run: 397.633.794.048 bytes beschikbaar Post-Run: 397.531.865.088 bytes beschikbaar . - - End Of File - - 358F5FE8B8429FD72737EA726172FD46