ComboFix 13-10-09.01 - Feyenoord 10-10-2013  17:02:02.1.4 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.31.1043.18.3325.1122 [GMT 2:00]
Gestart vanuit: c:\users\Feyenoord\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\eCover
c:\program files\eCover\Changelog.txt
c:\program files\eCover\Click.wav
c:\program files\eCover\eCover.exe
c:\program files\eCover\eCover.url
c:\program files\eCover\en\eCover.resources.dll
c:\program files\eCover\it\eCover.resources.dll
c:\program files\eCover\unins000.dat
c:\program files\eCover\unins000.exe
c:\program files\TelevisionFanaticEI
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2013-09-10 to 2013-10-10  ))))))))))))))))))))))))))))))
.
.
2013-10-10 15:18 . 2013-10-10 15:18	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-10-10 15:18 . 2013-10-10 15:18	--------	d-----w-	c:\users\Public\AppData\Local\temp
2013-10-10 15:18 . 2013-10-10 15:18	--------	d-----w-	c:\users\Manolo\AppData\Local\temp
2013-10-10 15:18 . 2013-10-10 15:18	--------	d-----w-	c:\users\LogMeInRemoteUser\AppData\Local\temp
2013-10-10 15:18 . 2013-10-10 15:18	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-10-07 07:22 . 2013-10-07 06:48	24064	----a-w-	c:\windows\zoek-delete.exe
2013-10-07 07:22 . 2013-10-10 15:19	--------	d-----w-	c:\users\Feyenoord\AppData\Local\Temp
2013-10-06 18:48 . 2013-10-06 18:48	--------	d-----w-	c:\program files\Trusteer
2013-09-11 17:51 . 2013-07-16 04:35	615936	----a-w-	c:\windows\system32\themeui.dll
2013-09-11 17:51 . 2013-08-08 01:45	2049536	----a-w-	c:\windows\system32\win32k.sys
2013-09-10 21:18 . 2013-09-10 21:18	97008	----a-w-	c:\windows\system32\drivers\RapportKELL.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-10 07:38 . 2012-03-30 07:32	692616	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-10-10 07:38 . 2011-06-26 10:50	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-07 07:28 . 2009-02-05 19:18	0	--sh--w-	c:\windows\S20B5AF93.tmp
2013-08-12 08:08 . 2013-08-12 08:08	94632	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-08-12 08:08 . 2012-07-12 11:13	867240	----a-w-	c:\windows\system32\npdeployJava1.dll
2013-08-12 08:08 . 2011-06-19 21:49	789416	----a-w-	c:\windows\system32\deployJava1.dll
2013-08-02 04:09 . 2013-08-28 08:11	1548288	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-07-17 19:41 . 2013-08-14 17:04	2048	----a-w-	c:\windows\system32\tzres.dll
2012-08-13 09:46 . 2012-08-13 09:46	473600	----a-w-	c:\program files\setup.exe
2012-08-13 09:46 . 2012-08-13 09:46	3162112	----a-w-	c:\program files\openofficeorg341.msi
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58	121968	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-05-08 18680424]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2013-03-22 248208]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 6756048]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-22 92704]
"RtHDVCpl"="RtHDVCpl.exe" [2008-09-09 6281760]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-22 13589024]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"FG_Monitor"="c:\program files\Folder Guard\FGKey.exe" [2009-01-30 132424]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux8"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FDCENT.SYS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HideFilesAndFolders_S]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Service Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Service Manager.lnk
backup=c:\windows\pss\Service Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 01:44	500208	------w-	c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 06:58	611712	----a-w-	c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 02:57	406992	----a-w-	c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-11-01 22:25	59240	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath323Domino]
2006-06-27 18:54	49152	----a-w-	c:\windows\Domino.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath323VMSnap]
2006-09-19 06:26	212992	----a-w-	c:\windows\VMSnap23.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
2007-01-26 14:58	65536	------w-	c:\program files\Brother\ControlCenter3\BrCtrCen.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update]
2011-12-21 15:26	229376	----a-w-	c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FG_Monitor]
2009-01-30 23:00	132424	----a-w-	c:\program files\Folder Guard\FGKey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2007-10-08 23:19	178712	----a-w-	c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2007-01-29 20:10	46632	----a-w-	c:\program files\ScanSoft\PaperPort\IndexSearch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2006-09-11 03:40	218032	----a-w-	c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-01-16 16:22	421736	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2013-04-04 12:50	887432	----a-w-	c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
2013-04-04 12:50	887432	----a-w-	c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
2006-11-03 09:01	319488	----a-w-	c:\windows\PixArt\Pac207\Monitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mylbx]
2011-03-26 17:49	1900864	----a-w-	c:\program files\My Lockbox\mylbx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2007-01-29 20:12	30248	----a-w-	c:\program files\ScanSoft\PaperPort\pptd40nt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Philips Device Listener]
2010-05-28 11:54	375296	----a-w-	c:\program files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]
2007-02-01 12:46	255528	----a-w-	c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 08:03	210472	----a-w-	c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37	517096	----a-w-	c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-02-24 09:57	180269	----a-w-	c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2013-03-22 04:07	248208	----a-w-	c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService]
2008-10-14 01:52	180224	----a-w-	c:\program files\HomeCinema\TV Enhance\TVEService.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe"
"ehTray.exe"=c:\windows\ehome\ehTray.exe
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe"  -osboot
"Bonus.SSR.FR10"="c:\program files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"SwitchBoard"=c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\Emsisoft Anti-Malware\a2ddax86.sys [x]
R4 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2009-12-18 814344]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Inhoud van de 'Gedeelde Taken' map
.
2013-10-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 07:38]
.
2013-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-15 22:30]
.
2013-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-15 22:30]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{51A33A03-DC72-49B6-AD87-E36794BCE57B}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\Feyenoord\AppData\Roaming\Mozilla\Firefox\Profiles\r7o7q07p.default\
FF - ExtSQL: !HIDDEN! 2009-06-26 16:39; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS VERWIJDERD - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-10-10 17:19
Windows 6.0.6002 Service Pack 2 NTFS
.
detected NTDLL code modification:
ZwClose
.
scannen van verborgen processen ... 
.
scannen van verborgen autostart items ... 
.
scannen van verborgen bestanden ... 
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-391695699-2751641936-1081476981-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{24759709-3F5A-41F1-7561-BAE8E9E1B719}*]
"bbbbondobklkppifegmkcoblonndbogmmlfp"=hex:61,62,67,6b,62,65,70,65,6a,69,69,6a,
   6f,68,69,65,64,6e,70,6d,6c,61,65,64,62,6f,66,63,63,65,6b,6c,62,61,00,67
"abbbondobklkppifeglkdoggdjobfjbcoo"=hex:65,62,62,62,70,61,64,64,64,6d,63,6f,
   62,67,6f,70,63,6f,63,68,6a,65,6f,6a,6c,63,6f,61,70,61,6a,6c,6e,65,6e,67,64,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\ProgramData\\ESET\\ESET Smart Security\\"
"DataDir"="ESET\\ESET Smart Security\\"
"EditionName"=" "
"InstallDir"="c:\\Program Files\\ESET\\ESET Smart Security\\"
"LanguageId"=dword:00000413
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000001
"ProductCode"="{AEDE69FF-2EFF-4EE8-9D6D-1A51F67A1563}"
"ProductName"="ESET Smart Security"
"ProductType"="ess"
"ProductVersion"="4.0.474.0"
"UniqueId"="000451794B7E5FCE"
"ScannerBuild"=dword:000018d5
"ScannerVersionId"=dword:00001293
"ScannerVersion"="Open window for status."
"FixId"=dword:00000009
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="40F648E2632B86F60D77C89E1B69465EAFAFCE5B67280D1FC981D8A9F25DACB70700E2F7E0DCE5A8139478C32D4528395C2DA868557DA2C4A67F336D57BAA293F6DE96F37F1D45523CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC7933C038D530D6EB3452A2D97226D213B555FE102628A46AED1D7A0502F1FDCDB719531A6C92DFC4CA7CB12DCAE11F33616FAD581B0386238D9A247A59AAF4F82BDE199277C006EFD9DBA665DFC94C6D124304F814231E1F3A7A1259C993EC6D5E9406B2272032BCE99116B9884268F976773BE7555C967FAAB107FBE70BE9432BCA875904BC61D6146CB22D5B25863A0BB8F0EA27F33C7B5E68A98D4EE39023B0C66A37179532FEB86F1696743F61A390E5A61E572401DB157C04101A67AD4F4F03645470A068087A50BA9F7351D43F8B14C1F1B69BFA01537C8558ED4E2F1A2FAB8B08A144EDDBC07904C8FC91E0A942098B2A987AE5DAE32FFE8EED48A769B824DB01425D4CF5368A3463B6272C1542C032DCD6581D71530B27AEC4F74F3A1B00B3C16DBAB5674B55F3964EAFFE475CEB45F8CDBF24DE723D1A0BA0F5801B498AD79FBFA17BD3B1DF50DCF1BCC597A3ECBB3BDDACA0CFD628D3C832CBB92F77BF6F44DDC9977361653906565312F46FDBEEB8EA13DA09D8DCB8DE2EF91EAE215205AC6D5FA51316D40334326C98E0DD031C59DE5743DE96268D1A51F1746304A709AB1982E4924DCFE5DDC175B1EE4D6363D726D5E9BC70817E1DD51BA72D22584FE6904638E5CBADFECE454EDAC9E2AF4C46315A06208C1C985B8050C600C1320D580534A91597774E25FECCB42E87503F06F427701B535DCD9D94E184626DB7DE4D2D47643E7CED39D3383904EDE5DF88CF69F227D5F1DC7681DB913970721DC4E6C4EE381009820621BAD133ECEE2E5BAF8B68CC0859E7CB77A5175D58E3CC221C8A1019CF115A622857464D2756BF4C855D24A602407DEB44C29C11DE18E4BC37BF839FD42B525FD861BC03271549D404E0B99EA41D53D97F08C19759A735C2D32C14858A33786FF2314EAB0FE63A52B3202EC2E7AFD07B98D09AD634F24440E51A812CF3488D6D90A1073D154BAE0671287B4653F7141C4D78AB5B6E994CAB32588197A24C0A941B92E75781867C17E9890F7C883A6CE834E272D21C04B95B523ABA70C1689804D0E6E7393121A90CA458CCE137815FF535745C0FE2DAAD0A349449800B859542C488EDC69668725377AD0912A61AA3B78E974D89800D7F569943BDB94FD41537DE60578B366AC6BF8DA60E50B194A7094FB99CDB424DB64619A51CAEF2C8DD2E5860F5B22AFC4984E7611B02C4C60C2ADCCB93C48A10133F1B1CDB186F18E9D840F98D0E1FB7D13CD90661B16449"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(972)
c:\windows\System32\guard32.dll
.
- - - - - - - > 'lsass.exe'(856)
c:\windows\System32\guard32.dll
.
Voltooingstijd: 2013-10-10  17:24:00
ComboFix-quarantined-files.txt  2013-10-10 15:23
.
Pre-Run: 275.711.664.128 bytes beschikbaar
Post-Run: 275.958.259.712 bytes beschikbaar
.
- - End Of File - - CEFB7B832B66C0E3E2BFC761CEEB9541
5C616939100B85E558DA92B899A0FC36