ComboFix 13-09-19.01 - Dell 21-09-2013 19:34:26.1.2 - x64 NETWORK Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.1014.239 [GMT 2:00] Gestart vanuit: c:\users\Dell\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((( Bestanden Gemaakt van 2013-08-21 to 2013-09-21 )))))))))))))))))))))))))))))) . . 2013-09-21 17:38 . 2013-09-21 17:38 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-09-20 17:25 . 2013-09-20 17:18 24064 ----a-w- c:\windows\zoek-delete.exe 2013-09-20 17:25 . 2013-09-21 17:38 -------- d-----w- c:\users\Dell\AppData\Local\Temp 2013-09-19 14:42 . 2013-09-19 14:46 -------- d-----w- c:\program files\trend micro 2013-09-19 14:42 . 2013-09-19 14:43 -------- d-----w- C:\rsit 2013-09-17 18:07 . 2013-09-17 18:07 -------- d-----w- c:\program files (x86)\Common Files\Zeepe Framework 7 2013-09-17 18:07 . 2013-09-17 18:12 -------- d-----w- c:\programdata\Novatel Wireless 2013-09-17 18:07 . 2013-09-17 18:07 -------- d-----w- c:\program files (x86)\Dell 2013-09-17 17:20 . 2013-08-10 05:20 15404544 ----a-w- c:\windows\system32\ieframe.dll 2013-09-17 17:20 . 2013-08-10 05:21 19246592 ----a-w- c:\windows\system32\mshtml.dll 2013-09-16 23:10 . 2013-09-16 23:10 -------- d-----w- C:\dell 2013-09-16 22:09 . 2013-09-16 22:10 -------- d-----w- C:\AdwCleaner 2013-09-16 21:02 . 2013-08-30 07:48 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-09-16 21:02 . 2013-08-30 07:48 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2013-09-16 21:02 . 2013-08-30 07:48 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2013-09-16 21:02 . 2013-08-30 07:48 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-09-16 21:02 . 2013-08-30 07:48 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-09-16 21:02 . 2013-08-30 07:48 204880 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-09-16 21:02 . 2013-08-30 07:48 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-09-16 21:02 . 2013-08-30 07:48 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-09-16 21:02 . 2013-08-30 07:47 287840 ----a-w- c:\windows\system32\aswBoot.exe 2013-09-16 21:02 . 2013-08-30 07:47 41664 ----a-w- c:\windows\avastSS.scr 2013-09-16 21:02 . 2013-09-16 21:02 -------- d-----w- c:\program files\AVAST Software 2013-09-16 21:01 . 2013-09-16 21:02 -------- d-----w- c:\programdata\AVAST Software 2013-09-16 16:16 . 2013-09-16 20:39 -------- d-----w- c:\users\Dell\AppData\Local\ElevatedDiagnostics 2013-09-16 15:51 . 2013-09-16 15:54 -------- d-----w- c:\windows\system32\MRT 2013-09-09 20:05 . 2013-09-16 22:25 -------- d-----w- c:\users\Dell\AppData\Roaming\uTorrent 2013-09-09 18:36 . 2013-09-16 21:13 -------- d-----w- c:\users\Dell\AppData\Local\Diagnostics 2013-09-09 14:31 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{86CF8888-7B8A-4A25-AEEC-2966B43AF423}\mpengine.dll 2013-09-02 21:49 . 2013-09-02 21:49 -------- d-----w- C:\AeriaGames 2013-09-02 16:23 . 2013-09-02 16:23 -------- d-----w- c:\windows\system32\appmgmt 2013-08-25 14:11 . 2013-08-29 16:16 -------- d-----w- c:\users\Dell\AppData\Roaming\Skype 2013-08-25 14:10 . 2013-09-02 16:23 -------- d-----w- c:\programdata\Skype . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-09-17 17:07 . 2010-11-21 03:24 14848 ----a-w- c:\windows\system32\slwga.dll 2013-09-17 17:07 . 2010-11-21 03:24 419840 ----a-w- c:\windows\system32\systemcpl.dll 2013-09-17 17:07 . 2010-11-21 03:23 13824 ----a-w- c:\windows\SysWow64\slwga.dll 2013-09-17 17:07 . 2010-11-21 03:24 833024 ----a-w- c:\windows\SysWow64\user32.dll 2013-09-17 17:07 . 2010-11-21 03:24 1008640 ----a-w- c:\windows\system32\user32.dll 2013-09-10 18:37 . 2013-08-01 15:35 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-09-10 18:37 . 2013-08-01 15:35 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-08-01 18:25 . 2013-08-01 18:25 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-08-01 18:25 . 2013-08-01 18:25 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-08-01 18:25 . 2013-08-01 18:25 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-08-01 18:25 . 2013-08-01 18:25 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-08-01 18:25 . 2013-08-01 18:25 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-08-01 18:25 . 2013-08-01 18:25 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-08-01 18:25 . 2013-08-01 18:25 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-08-01 18:25 . 2013-08-01 18:25 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-08-01 18:25 . 2013-08-01 18:25 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-08-01 18:25 . 2013-08-01 18:25 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-08-01 18:25 . 2013-08-01 18:25 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-08-01 18:25 . 2013-08-01 18:25 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-08-01 18:25 . 2013-08-01 18:25 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-08-01 18:25 . 2013-08-01 18:25 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-08-01 18:25 . 2013-08-01 18:25 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-08-01 18:25 . 2013-08-01 18:25 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-08-01 18:25 . 2013-08-01 18:25 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-08-01 18:25 . 2013-08-01 18:25 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-08-01 18:25 . 2013-08-01 18:25 81408 ----a-w- c:\windows\system32\icardie.dll 2013-08-01 18:25 . 2013-08-01 18:25 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-08-01 18:25 . 2013-08-01 18:25 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-08-01 18:25 . 2013-08-01 18:25 441856 ----a-w- c:\windows\system32\html.iec 2013-08-01 18:25 . 2013-08-01 18:25 281600 ----a-w- c:\windows\system32\dxtrans.dll 2013-08-01 18:25 . 2013-08-01 18:25 235008 ----a-w- c:\windows\system32\url.dll 2013-08-01 18:25 . 2013-08-01 18:25 216064 ----a-w- c:\windows\system32\msls31.dll 2013-08-01 18:25 . 2013-08-01 18:25 197120 ----a-w- c:\windows\system32\msrating.dll 2013-08-01 18:25 . 2013-08-01 18:25 1400416 ----a-w- c:\windows\system32\ieapfltr.dat 2013-08-01 18:25 . 2013-08-01 18:25 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-08-01 18:25 . 2013-08-01 18:25 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-08-01 18:25 . 2013-08-01 18:25 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-08-01 18:25 . 2013-08-01 18:25 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-08-01 18:25 . 2013-08-01 18:25 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-08-01 18:25 . 2013-08-01 18:25 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-08-01 18:25 . 2013-08-01 18:25 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-08-01 18:25 . 2013-08-01 18:25 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-08-01 18:25 . 2013-08-01 18:25 27648 ----a-w- c:\windows\system32\licmgr10.dll 2013-08-01 18:25 . 2013-08-01 18:25 270848 ----a-w- c:\windows\system32\iedkcs32.dll 2013-08-01 18:25 . 2013-08-01 18:25 247296 ----a-w- c:\windows\system32\webcheck.dll 2013-08-01 18:25 . 2013-08-01 18:25 173568 ----a-w- c:\windows\system32\ieUnatt.exe 2013-08-01 18:25 . 2013-08-01 18:25 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-08-01 18:25 . 2013-08-01 18:25 1509376 ----a-w- c:\windows\system32\inetcpl.cpl 2013-08-01 18:25 . 2013-08-01 18:25 149504 ----a-w- c:\windows\system32\occache.dll 2013-08-01 18:25 . 2013-08-01 18:25 144896 ----a-w- c:\windows\system32\wextract.exe 2013-08-01 18:25 . 2013-08-01 18:25 13824 ----a-w- c:\windows\system32\mshta.exe 2013-08-01 18:25 . 2013-08-01 18:25 136192 ----a-w- c:\windows\system32\iepeers.dll 2013-08-01 18:25 . 2013-08-01 18:25 135680 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-08-01 18:25 . 2013-08-01 18:25 12800 ----a-w- c:\windows\system32\msfeedssync.exe 2013-08-01 18:25 . 2013-08-01 18:25 102912 ----a-w- c:\windows\system32\inseng.dll 2013-08-01 18:25 . 2013-08-01 18:25 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-08-01 18:17 . 2013-08-01 18:17 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll 2013-08-01 18:17 . 2013-08-01 18:17 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2013-08-01 18:17 . 2013-08-01 18:17 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-08-01 18:17 . 2013-08-01 18:17 1682432 ----a-w- c:\windows\system32\XpsPrint.dll 2013-08-01 18:17 . 2013-08-01 18:17 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2013-08-01 18:17 . 2013-08-01 18:17 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2013-08-01 18:17 . 2013-08-01 18:17 465920 ----a-w- c:\windows\system32\WMPhoto.dll 2013-08-01 18:17 . 2013-08-01 18:17 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll 2013-08-01 18:17 . 2013-08-01 18:17 3928064 ----a-w- c:\windows\system32\d2d1.dll 2013-08-01 18:17 . 2013-08-01 18:17 363008 ----a-w- c:\windows\system32\dxgi.dll 2013-08-01 18:17 . 2013-08-01 18:17 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll 2013-08-01 18:17 . 2013-08-01 18:17 2565120 ----a-w- c:\windows\system32\d3d10warp.dll 2013-08-01 18:17 . 2013-08-01 18:17 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll 2013-08-01 18:17 . 2013-08-01 18:17 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll 2013-08-01 18:17 . 2013-08-01 18:17 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll 2013-08-01 18:17 . 2013-08-01 18:17 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll 2013-08-01 18:17 . 2013-08-01 18:17 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll 2013-08-01 18:17 . 2013-08-01 18:17 1175552 ----a-w- c:\windows\system32\FntCache.dll 2013-08-01 18:17 . 2013-08-01 18:17 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll 2013-08-01 18:17 . 2013-08-01 18:17 333312 ----a-w- c:\windows\system32\d3d10_1core.dll 2013-08-01 18:17 . 2013-08-01 18:17 296960 ----a-w- c:\windows\system32\d3d10core.dll 2013-08-01 18:17 . 2013-08-01 18:17 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2013-08-01 18:17 . 2013-08-01 18:17 194560 ----a-w- c:\windows\system32\d3d10_1.dll 2013-08-01 18:17 . 2013-08-01 18:17 1238528 ----a-w- c:\windows\system32\d3d10.dll 2013-08-01 18:17 . 2013-08-01 18:17 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll 2013-08-01 18:17 . 2013-08-01 18:17 648192 ----a-w- c:\windows\system32\d3d10level9.dll 2013-08-01 18:17 . 2013-08-01 18:17 293376 ----a-w- c:\windows\SysWow64\dxgi.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll [-] 2013-09-17 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll . [-] 2013-09-17 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll [7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . R0 aswRvrt;aswRvrt; [x] R0 aswVmm;aswVmm; [x] R1 aswSnx;aswSnx; [x] R1 aswSP;aswSP; [x] R2 aswFsBlk;aswFsBlk; [x] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys;c:\windows\SYSNATIVE\DRIVERS\BthAvrcp.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x] R3 NWDellModem;Dell Wireless Mobile Broadband Modem Driver;c:\windows\system32\DRIVERS\nwdelmdm.sys;c:\windows\SYSNATIVE\DRIVERS\nwdelmdm.sys [x] R3 NWDellPort;Dell Wireless Mobile Broadband Status Port Driver;c:\windows\system32\DRIVERS\nwdelser.sys;c:\windows\SYSNATIVE\DRIVERS\nwdelser.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] S3 netw5v64;Stuurprogramma voor Intel(R) Wireless WiFi Link 5000 Series-adapter voor 64-bits Windows Vista;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-09-17 22:45 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-09-17 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-01 18:37] . 2013-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17 22:43] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = TCP: DhcpNameServer = 192.168.1.254 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) AddRemove-{CD51A0D4-5939-BEC4-A0B2-E55500F596FB} - c:\progra~3\INSTAL~1\{3CB23~1\Setup.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_168_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_168_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_168_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_168_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-09-21 19:39:59 ComboFix-quarantined-files.txt 2013-09-21 17:39 . Pre-Run: 41.948.016.640 bytes beschikbaar Post-Run: 41.820.065.792 bytes beschikbaar . - - End Of File - - EB3C74676EB3BE92EBAA2E305D308248 A36C5E4F47E84449FF07ED3517B43A31