ComboFix 13-09-02.02 - Alleman 03/09/2013  22:09:03.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.32.1043.18.2030.1078 [GMT 2:00]
Gestart vanuit: c:\users\Alleman\Downloads\ComboFix.exe
AV: Panda Global Protection 2013 *Disabled/Outdated* {86971480-9989-6750-B122-681A86518D59}
FW: Panda Personal Firewall 2013 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
SP: Panda Global Protection 2013 *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Alleman\Documents\~WRL0001.tmp
c:\users\Alleman\Documents\~WRL0196.tmp
c:\users\Alleman\Documents\~WRL2685.tmp
c:\users\Alleman\Documents\~WRL3585.tmp
c:\windows\IsUn0413.exe
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2013-08-03 to 2013-09-03  ))))))))))))))))))))))))))))))
.
.
2013-09-03 17:27 . 2013-08-06 07:28	7166848	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2552136-8434-4B3C-AB3C-9C3580CAFD2F}\mpengine.dll
2013-08-30 19:50 . 2013-09-03 20:26	--------	d-----w-	c:\users\Alleman\AppData\Local\Temp
2013-08-29 21:24 . 2013-08-29 21:26	--------	d-----w-	c:\program files\trend micro
2013-08-29 21:24 . 2013-08-29 21:26	--------	d-----w-	C:\rsit
2013-08-19 22:33 . 2013-08-19 22:33	--------	d-----w-	c:\program files\iPod
2013-08-19 22:33 . 2013-08-19 22:33	--------	d-----w-	c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-08-19 22:33 . 2013-08-19 22:33	--------	d-----w-	c:\program files\iTunes
2013-08-13 18:57 . 2013-07-09 04:50	652800	----a-w-	c:\windows\system32\rpcrt4.dll
2013-08-13 18:57 . 2013-07-09 04:52	175104	----a-w-	c:\windows\system32\wintrust.dll
2013-08-13 18:57 . 2013-07-09 04:46	140288	----a-w-	c:\windows\system32\cryptsvc.dll
2013-08-13 18:57 . 2013-07-09 04:46	1166848	----a-w-	c:\windows\system32\crypt32.dll
2013-08-13 18:57 . 2013-07-09 04:46	103936	----a-w-	c:\windows\system32\cryptnet.dll
2013-08-13 18:57 . 2013-07-09 05:03	3968960	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-08-13 18:57 . 2013-07-09 05:03	3913664	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-08-13 18:57 . 2013-07-09 04:53	1289096	----a-w-	c:\windows\system32\ntdll.dll
2013-08-13 18:57 . 2013-07-06 05:05	1293760	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-08-13 18:57 . 2013-07-25 08:57	1620992	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-08-13 18:56 . 2013-07-19 01:41	2048	----a-w-	c:\windows\system32\tzres.dll
2013-08-13 18:56 . 2013-06-15 03:38	31232	----a-w-	c:\windows\system32\drivers\tssecsrv.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-20 18:10 . 2012-07-07 12:48	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-20 18:10 . 2012-07-07 12:48	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-07-12 17:33 . 2013-07-12 17:33	94632	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-07-12 17:33 . 2012-07-30 20:36	867240	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-07-12 17:33 . 2012-07-30 20:36	789416	----a-w-	c:\windows\system32\deployJava1.dll
2013-07-09 16:45 . 2013-07-09 16:45	13880	----a-w-	c:\windows\system32\drivers\COMFiltr.sys
2013-07-03 22:36 . 2013-07-03 22:37	15352	----a-w-	c:\windows\system32\drivers\osaio.sys
2013-07-02 22:44 . 2012-02-09 20:43	13411896	----a-w-	c:\windows\system32\nvwgf2um.dll
2013-07-02 22:44 . 2013-07-02 22:44	6324360	----a-w-	c:\windows\system32\nvopencl.dll
2013-07-02 22:44 . 2013-07-02 22:44	21102368	----a-w-	c:\windows\system32\nvoglv32.dll
2013-07-02 22:44 . 2013-07-02 22:44	9069344	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2013-07-02 22:44 . 2013-07-02 22:44	893728	----a-w-	c:\windows\system32\nvdispgenco3232049.dll
2013-07-02 22:44 . 2013-07-02 22:44	467232	----a-w-	c:\windows\system32\NvIFR.dll
2013-07-02 22:44 . 2013-07-02 22:44	465184	----a-w-	c:\windows\system32\NvFBC.dll
2013-07-02 22:44 . 2013-07-02 22:44	1024288	----a-w-	c:\windows\system32\nvdispco3232049.dll
2013-07-02 22:44 . 2013-07-02 22:44	12427240	----a-w-	c:\windows\system32\nvd3dum.dll
2013-07-02 22:44 . 2013-07-02 22:44	7687592	----a-w-	c:\windows\system32\nvcuda.dll
2013-07-02 22:44 . 2013-07-02 22:44	2777888	----a-w-	c:\windows\system32\nvcuvid.dll
2013-07-02 22:44 . 2013-07-02 22:44	2002720	----a-w-	c:\windows\system32\nvcuvenc.dll
2013-07-02 22:44 . 2013-07-02 22:44	17560352	----a-w-	c:\windows\system32\nvcompiler.dll
2013-07-02 22:44 . 2013-07-02 22:44	2597856	----a-w-	c:\windows\system32\nvapi.dll
2013-07-02 22:29 . 2013-07-02 22:29	609384	----a-w-	c:\windows\system32\LCCoin425.dll
2013-06-21 09:52 . 2012-07-21 16:21	4192544	----a-w-	c:\windows\system32\nvcpl.dll
2013-06-21 09:52 . 2012-07-21 16:21	3045664	----a-w-	c:\windows\system32\nvsvc.dll
2013-06-21 09:52 . 2012-07-21 16:21	62752	----a-w-	c:\windows\system32\nvshext.dll
2013-06-21 09:52 . 2012-07-21 16:21	640288	----a-w-	c:\windows\system32\nvvsvc.exe
2013-06-21 09:52 . 2012-07-21 16:21	223008	----a-w-	c:\windows\system32\nvmctray.dll
2012-07-13 19:10 . 2012-07-13 19:10	158720	----a-w-	c:\program files\internet explorer\plugins\LV2011ActiveXControl.dll
2012-10-04 16:13 . 2012-10-04 16:13	158720	----a-w-	c:\program files\internet explorer\plugins\LV2012ActiveXControl.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-11-09 17877168]
"Spotify Web Helper"="c:\users\Alleman\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-07-12 1104384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2010-12-17 332288]
"atchk"="c:\program files\Intel\AMT\atchk.exe" [2007-05-29 404248]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"APVXDWIN"="c:\program files\Panda Security\Panda Global Protection 2013\APVXDWIN.EXE" [2012-12-12 1038192]
"SCANINICIO"="c:\program files\Panda Security\Panda Global Protection 2013\Inicio.exe" [2012-11-08 70432]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-05-12 300472]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-08-16 152392]
.
c:\users\Alleman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Printkey2000.lnk - c:\program files\PrintKey2000\Printkey2000.exe [2012-7-7 869376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2010-03-24 09:55	55552	----a-w-	c:\windows\System32\avldr.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0sasnative32
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NI Error Reporting.lnk]
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk
backup=c:\windows\pss\NI Error Reporting.lnk.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Alleman^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
path=c:\users\Alleman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
2013-04-25 01:50	1075296	----a-w-	c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2012-07-21 16:23	167936	----a-w-	c:\program files\Apoint\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-21 19:43	59720	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
2011-08-04 12:41	1637496	----a-w-	c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ConnectionCenter]
2010-05-12 16:03	300472	----a-w-	c:\program files\Citrix\ICA Client\concentr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScannerSelectorEX]
2011-09-27 09:44	439440	----a-w-	c:\program files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2013-05-23 13:17	1106288	----a-w-	c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2013-05-23 13:16	1561968	----a-w-	c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2013-05-23 13:16	311152	----a-w-	c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI Update Service]
2012-08-02 13:17	851592	----a-w-	c:\program files\National Instruments\Shared\Update Service\NIUpdateService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
2013-07-12 17:41	4640768	----a-w-	c:\users\Alleman\AppData\Roaming\Spotify\spotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2013-07-12 17:41	1104384	----a-w-	c:\users\Alleman\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2013-08-22 21:48	5703920	----a-w-	c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
R0 amdkmafd;AMD Audio Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmafd.sys [2013-06-02 15968]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2013-06-02 38528]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2013-02-22 32064]
R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2012-03-26 18432]
R3 PavSRK.sys;PavSRK.sys;c:\windows\system32\PavSRK.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RTL8192cu;%RTL8192cu.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192cu.sys [2011-06-01 728064]
R3 Samsung UPD Service2;Samsung UPD Service2;c:\windows\System32\SUPDSvc2.exe [2012-07-21 136784]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2013-02-22 136904]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2013-02-22 17864]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2013-02-22 153672]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2013-02-22 130248]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TIACXLN;Skyr@cer 22M WLAN Adapter;c:\windows\system32\DRIVERS\tiacxln.sys [2003-03-06 155392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-08 1343400]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys [2012-11-12 23720]
S0 mv61xx;mv61xx;c:\windows\system32\DRIVERS\mv61xx.sys [2009-09-15 155688]
S0 pavboot;Panda boot driver;c:\windows\system32\Drivers\pavboot.sys [2010-06-22 26696]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2009-10-05 65584]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShlDrv51.sys [2011-02-21 37448]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
S2 AmFSM;AmFSM;c:\windows\system32\DRIVERS\amm8660.sys [2012-03-26 59656]
S2 APPFLT;App Filter Plugin;c:\windows\system32\Drivers\APPFLT.SYS [2011-01-31 83528]
S2 ComFiltr;Panda Anti-Dialer;c:\windows\system32\DRIVERS\COMFiltr.sys [2013-07-09 13880]
S2 DSAFLT;DSA Filter Plugin;c:\windows\system32\Drivers\DSAFLT.SYS [2009-09-25 53256]
S2 FNETMON;NetMon Filter Plugin;c:\windows\system32\Drivers\fnetmon.SYS [2009-09-25 22024]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2013-03-20 233472]
S2 IDSFLT;Ids Filter Plugin;c:\windows\system32\Drivers\IDSFLT.SYS [2010-09-09 193864]
S2 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\Drivers\NETFLTDI.SYS [2009-09-25 11:54 159112]
S2 NIApplicationWebServer;NI Application Web Server;c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2012-05-22 53960]
S2 nimDNSResponder;NI mDNS Responder Service;c:\program files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2012-05-31 258776]
S2 PavProc;Panda Process Protection Driver;c:\windows\system32\DRIVERS\PavProc.sys [2012-05-08 164488]
S2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Global Protection 2013\PskSvc.exe [2010-08-16 28992]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2010-12-23 5120]
S2 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\Drivers\WNMFLT.SYS [2009-09-25 46856]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2013-03-20 37344]
S3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\DRIVERS\neti1644.sys [2010-09-01 201032]
S3 PavTPK.sys;PavTPK.sys;c:\windows\system32\PavTPK.sys [x]
S3 pmserenum;PenMount Serial Device Enumeration Service;c:\windows\system32\DRIVERS\pmserenum.sys [2012-11-12 26624]
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys [2013-06-02 1807072]
S3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\DRIVERS\whfltr2k.sys [2012-10-13 7424]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - FSUSBEXDISK
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-30 18:57	1177552	----a-w-	c:\program files\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2013-09-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-07 18:10]
.
2013-08-22 c:\windows\Tasks\Basis-opruiming.job
- c:\program files\Panda Security\Panda Global Protection 2013\PlaTasks.exe [2013-07-09 08:36]
.
2013-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-08 12:18]
.
2013-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-07-08 12:18]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.hln.be/
uInternet Settings,ProxyOverride = <local>
Trusted Zone: samsungsetup.com\www
TCP: DhcpNameServer = 195.130.130.4 195.130.131.4
FF - ProfilePath - c:\users\Alleman\AppData\Roaming\Mozilla\Firefox\Profiles\xhgh768f.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.hln.be/
FF - ExtSQL: 2013-07-06 19:22; belgiumeid@eid.belgium.be; c:\program files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
.
- - - - ORPHANS VERWIJDERD - - - -
.
MSConfigStartUp-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exe
MSConfigStartUp-LifeCam - c:\program files\Microsoft LifeCam\LifeExp.exe
MSConfigStartUp-SweetIM - c:\program files\SweetIM\Messenger\SweetIM.exe
MSConfigStartUp-Sweetpacks Communicator - c:\program files\SweetIM\Communicator\SweetPacksUpdateManager.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
   1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
   76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
   b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
   2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{F37C7F06-0B23-4AD1-9160-1CC285A5E9EC}"=hex:51,66,7a,6c,4c,1d,38,12,68,7c,6f,
   f7,11,45,bf,0f,ee,76,5f,82,80,fb,ad,f8
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:91,3d,fe,d4,bf,5e,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d4,15,8b,c6,12,c7,72,4d,97,8a,63,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d4,15,8b,c6,12,c7,72,4d,97,8a,63,\
.
[HKEY_USERS\S-1-5-21-1928870758-2907081458-2726709488-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:de,42,ac,75,40,a5,f7,32,75,55,61,89,e5,0b,dc,69,82,c5,e5,7b,7d,36,23,
   5b,f9,97,4b,01,39,c4,bf,df,44,3f,2d,56,9b,86,56,65,d1,ce,13,2b,e0,28,8f,d2,\
"??"=hex:4c,08,e8,3c,d5,fc,a1,9a,66,8f,5a,54,c9,ed,e7,fe
.
[HKEY_USERS\S-1-5-21-1928870758-2907081458-2726709488-1000\Software\SecuROM\License information*]
"datasecu"=hex:97,67,b9,8d,a8,b9,26,25,5a,73,2c,fb,cd,eb,8f,86,43,3f,0a,3c,01,
   20,b0,23,0f,73,77,25,5e,29,50,6d,ca,f0,c0,9b,52,35,4b,ca,c8,0f,3c,88,e1,05,\
"rkeysecu"=hex:0d,a8,f3,a7,fe,13,3a,85,92,0e,63,fa,9c,ef,fd,b1
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Panda Security\Panda Global Protection 2013\TPSrv.exe
c:\program files\PANDA SECURITY\PANDA GLOBAL PROTECTION 2013\WebProxy.exe
c:\windows\system32\brsvc01a.exe
c:\windows\system32\brss01a.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Panda USB Vaccine\USBVaccine.exe
c:\program files\Intel\AMT\atchksrv.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\system32\lkads.exe
c:\program files\Intel\AMT\LMS.exe
c:\program files\National Instruments\MAX\nimxs.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\program files\National Instruments\Shared\NI WebServer\SystemWebServer.exe
c:\program files\Panda Security\Panda Global Protection 2013\PsCtrls.exe
c:\program files\Panda Security\Panda Global Protection 2013\PavFnSvr.exe
c:\program files\Common Files\Panda Security\PavShld\pavprsrv.exe
c:\program files\Panda Security\Panda Global Protection 2013\pavsrvx86.exe
c:\program files\Panda Security\Panda Global Protection 2013\AVENGINE.EXE
c:\program files\panda security\panda global protection 2013\firewall\PSHOST.EXE
c:\program files\Panda Security\Panda Global Protection 2013\PsImSvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\lkcitdl.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\Shared\Tagger\tagsrv.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Voltooingstijd: 2013-09-03  22:32:04 - machine werd herstart
ComboFix-quarantined-files.txt  2013-09-03 20:32
.
Pre-Run: 82.586.230.784 bytes beschikbaar
Post-Run: 82.505.883.648 bytes beschikbaar
.
- - End Of File - - 789B6641702C07E023F1AEB40C8B59F3
A36C5E4F47E84449FF07ED3517B43A31