ComboFix 10-05-17.03 - patty 19-05-2010  11:04:07.4.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.1.1252.31.1043.18.1790.999 [GMT 2:00]
Gestart vanuit: c:\users\patty\Downloads\ComboFix2.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\patty\AppData\Local\temp\ppcrlui_4908_2
c:\users\patty\AppData\Roaming\Microsoft\Windows\Recent\Comfy Cakes.pif

.
((((((((((((((((((((   Bestanden Gemaakt van 2010-04-19 to 2010-05-19  ))))))))))))))))))))))))))))))
.

2010-05-19 09:17 . 2010-05-19 09:17	--------	d-----w-	c:\users\Public\AppData\Local\temp
2010-05-19 09:17 . 2010-05-19 09:17	--------	d-----w-	c:\users\patty\AppData\Local\temp
2010-05-19 09:17 . 2010-05-19 09:17	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-05-19 09:17 . 2010-05-19 09:17	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2010-05-18 19:06 . 2010-05-18 19:06	--------	d-----w-	c:\program files\SystemRequirementsLab
2010-05-18 18:53 . 2010-05-18 18:53	165232	---ha-w-	c:\users\patty\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2010-05-18 18:49 . 2010-05-18 18:50	--------	d-----w-	c:\program files\Microsoft Virtual PC
2010-05-17 19:51 . 2010-05-17 19:51	--------	d-----w-	c:\programdata\1912 Titanic Mystery
2010-05-17 19:51 . 2010-05-17 19:51	--------	d-----w-	c:\users\patty\AppData\Roaming\TitanicMystery
2010-05-16 17:31 . 2010-05-16 17:31	--------	d-----w-	c:\users\patty\AppData\Roaming\ShinyTales
2010-05-06 17:32 . 2010-05-06 17:32	--------	d-----w-	c:\programdata\Playrix Entertainment
2010-05-02 10:58 . 2010-05-02 17:26	--------	d-----w-	c:\users\Default\AppData\Local\Google

.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-18 22:13 . 2008-05-14 11:17	12	----a-w-	c:\windows\bthservsdp.dat
2010-05-18 19:48 . 2009-09-01 16:05	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-05-18 18:52 . 2006-11-02 16:11	703472	----a-w-	c:\windows\system32\perfh013.dat
2010-05-18 18:52 . 2006-11-02 16:11	143298	----a-w-	c:\windows\system32\perfc013.dat
2010-05-18 12:50 . 2008-07-11 20:32	--------	d-----w-	c:\program files\Google
2010-05-17 19:51 . 2008-12-01 05:58	--------	d-----w-	c:\users\patty\AppData\Roaming\Zylom
2010-05-17 19:50 . 2009-09-03 13:57	--------	d-----w-	c:\program files\Zylom Games
2010-05-09 17:07 . 2009-03-20 17:48	--------	d-----w-	c:\program files\Messenger Plus! Live
2010-04-30 09:44 . 2009-08-04 21:37	--------	d-----w-	c:\users\patty\AppData\Roaming\World-LooM
2010-04-29 13:39 . 2009-09-01 16:05	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2009-09-01 16:05	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-04-24 05:25 . 2009-01-28 21:20	--------	d-----w-	c:\programdata\JollyBear
2010-04-20 15:46 . 2008-05-27 20:17	--------	d-----w-	c:\program files\Common Files\Adobe
2010-04-19 19:26 . 2009-05-12 13:50	--------	d-----w-	c:\programdata\GameHouse
2010-04-15 06:15 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2010-04-15 06:00 . 2007-07-27 22:29	--------	d-----w-	c:\programdata\Microsoft Help
2010-04-09 18:06 . 2010-04-09 18:06	--------	d-----w-	c:\users\patty\AppData\Roaming\Friday's games
2010-04-09 13:47 . 2010-04-09 13:40	--------	d-----w-	c:\programdata\incredible express
2010-04-01 22:08 . 2010-03-29 18:55	--------	d-----w-	c:\program files\Common Files\Java
2010-03-31 09:54 . 2010-03-31 09:48	--------	d-----w-	c:\programdata\Islands
2010-03-30 13:17 . 2010-03-30 13:16	--------	d-----w-	c:\users\patty\AppData\Roaming\MastersOfMystery2
2010-03-29 18:55 . 2009-01-02 00:52	411368	----a-w-	c:\windows\system32\deploytk.dll
2010-03-29 18:54 . 2008-06-06 09:52	--------	d-----w-	c:\program files\Java
2010-03-29 12:08 . 2010-03-12 13:58	--------	d-----w-	c:\programdata\Alawar Stargaze
2010-03-29 12:02 . 2010-03-25 17:19	--------	d-----w-	c:\program files\Sheepsoft
2010-03-23 22:12 . 2009-05-07 12:16	--------	d-----w-	c:\users\patty\AppData\Roaming\Playrix Entertainment
2010-03-23 00:23 . 2010-01-01 20:57	--------	d-----w-	c:\program files\QuickTime
2010-03-23 00:23 . 2009-03-22 12:34	--------	d-----w-	c:\program files\Windows Live SkyDrive
2010-03-23 00:23 . 2007-07-27 22:31	--------	d-----w-	c:\program files\Microsoft Works
2010-03-23 00:23 . 2010-02-07 14:20	--------	d-----w-	c:\program files\Microsoft SMS Sender
2010-03-23 00:23 . 2008-08-09 09:02	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-03-23 00:23 . 2008-04-23 13:05	--------	d-----w-	c:\program files\Launch Manager
2010-03-23 00:23 . 2008-04-23 13:56	--------	dcsh--w-	c:\program files\Common Files\WindowsLiveInstaller
2010-03-23 00:23 . 2009-05-27 17:30	--------	d-----w-	c:\program files\CCleaner
2010-03-23 00:23 . 2007-07-27 22:34	--------	d-----w-	c:\program files\Activation Assistant for the 2007 Microsoft Office suites
2010-03-23 00:23 . 2007-07-27 22:03	--------	d-----w-	c:\program files\Common Files\LightScribe
2010-03-23 00:21 . 2006-11-02 12:37	--------	d-----w-	c:\program files\Windows Sidebar
2010-03-23 00:21 . 2006-11-02 12:37	--------	d-----w-	c:\program files\Windows Photo Gallery
2010-03-23 00:21 . 2006-11-02 12:37	--------	d-----w-	c:\program files\Windows Journal
2010-03-23 00:21 . 2006-11-02 12:37	--------	d-----w-	c:\program files\Windows Defender
2010-03-23 00:21 . 2006-11-02 12:37	--------	d-----w-	c:\program files\Windows Calendar
2010-03-23 00:21 . 2007-07-27 21:16	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-03-21 12:26 . 2010-03-21 12:26	--------	d-----w-	c:\programdata\Fighters
2010-03-20 20:50 . 2010-03-20 20:50	2678	----a-w-	c:\windows\Java\Packages\Data\E73BFBTR.DAT
2010-03-20 20:49 . 2010-03-20 20:49	2678	----a-w-	c:\windows\Java\Packages\Data\OBVFFBLB.DAT
2010-03-20 20:49 . 2010-03-20 20:49	2678	----a-w-	c:\windows\Java\Packages\Data\LRJLBRP3.DAT
2010-03-20 20:49 . 2010-03-20 20:49	2678	----a-w-	c:\windows\Java\Packages\Data\JPZBFVX3.DAT
2010-03-20 20:49 . 2010-03-20 20:49	2678	----a-w-	c:\windows\Java\Packages\Data\IZL7BDBD.DAT
2010-03-20 19:18 . 2010-03-20 19:18	--------	d-----w-	c:\users\patty\AppData\Roaming\Dekovir
2010-03-05 14:01 . 2010-04-14 06:25	420352	----a-w-	c:\windows\system32\vbscript.dll
2010-02-24 09:11 . 2008-04-23 13:04	70672	----a-w-	c:\users\patty\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 08:16 . 2009-10-04 20:17	181632	------w-	c:\windows\system32\MpSigStub.exe
2010-02-23 11:10 . 2010-04-14 06:26	212992	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2010-02-23 11:10 . 2010-04-14 06:26	79360	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2010-02-23 11:10 . 2010-04-14 06:26	106496	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2010-02-23 06:39 . 2010-04-01 12:20	916480	----a-w-	c:\windows\system32\wininet.dll
2010-02-23 06:33 . 2010-04-01 12:20	71680	----a-w-	c:\windows\system32\iesetup.dll
2010-02-23 06:33 . 2010-04-01 12:20	109056	----a-w-	c:\windows\system32\iesysprep.dll
2010-02-23 04:55 . 2010-04-01 12:20	133632	----a-w-	c:\windows\system32\ieUnatt.exe
2010-02-20 23:06 . 2010-03-11 00:19	24064	----a-w-	c:\windows\system32\nshhttp.dll
2010-02-20 23:05 . 2010-03-11 00:19	30720	----a-w-	c:\windows\system32\httpapi.dll
2010-02-20 20:53 . 2010-03-11 00:19	411648	----a-w-	c:\windows\system32\drivers\http.sys
2010-02-18 14:07 . 2010-04-14 06:24	904576	----a-w-	c:\windows\system32\drivers\tcpip.sys
2010-02-18 14:07 . 2010-04-14 06:26	3600776	----a-w-	c:\windows\system32\ntkrnlpa.exe
2010-02-18 14:07 . 2010-04-14 06:26	3548040	----a-w-	c:\windows\system32\ntoskrnl.exe
2010-02-18 13:30 . 2010-04-14 06:24	200704	----a-w-	c:\windows\system32\iphlpsvc.dll
2010-02-18 11:28 . 2010-04-14 06:24	25088	----a-w-	c:\windows\system32\drivers\tunnel.sys
.

(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-03-19 2046816]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdc.exe" [2007-01-24 563080]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WPN111 Smart Wizard.lnk - c:\program files\NETGEAR\WPN111\wpn111.exe [2009-12-30 995328]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"UacDisableNotify"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^patty^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk]
path=c:\users\patty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk
backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
2007-05-22 13:49	151552	----a-w-	c:\acer\AcerTour\Reminder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42	36272	----a-w-	c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eAudio]
2007-06-11 12:54	1286144	----a-w-	c:\acer\Empowering Technology\eAudio\eAudio.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2007-04-25 14:33	457216	----a-w-	c:\acer\Empowering Technology\eDataSecurity\eDSLoader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33	125952	----a-w-	c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-03-19 06:35	136176	----atw-	c:\users\patty\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2007-08-15 09:21	772616	----a-w-	c:\progra~1\LAUNCH~1\LManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44	3883856	----a-w-	c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-12-03 19:12	13556256	----a-w-	c:\windows\System32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-12-03 19:12	92704	----a-w-	c:\windows\System32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
2007-05-24 11:38	206952	----a-w-	c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-07-06 03:06	4669440	----a-w-	c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28	1233920	----a-w-	c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-12-06 17:12	1029416	----a-w-	c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2006-11-05 19:48	57344	----a-w-	c:\acer\WR_PopUp\WarReg_PopUp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):47,33,58,67,7b,9b,ca,01

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-21 135664]
R3 DNIMp50;DNIMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\DNIMp50.sys [2006-11-16 21504]
R3 DNISp50;DNISp50 NDIS Protocol Driver;c:\windows\system32\Drivers\DNISp50.sys [2006-11-16 20480]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-09-26 335240]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-09-26 108552]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 13560]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-09-26 908056]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-09-26 297752]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-05-16 32256]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr
.
Inhoud van de 'Gedeelde Taken' map

2010-05-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-21 10:22]

2010-05-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-21 10:22]

2010-05-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3194722482-2327354815-3595637924-1000Core.job
- c:\users\patty\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-07 06:35]

2010-05-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3194722482-2327354815-3595637924-1000UA.job
- c:\users\patty\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-07 06:35]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.startpagina.nl/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://nl.intl.acer.yahoo.com
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
FF - ProfilePath - c:\users\patty\AppData\Roaming\Mozilla\Firefox\Profiles\k2dl5oad.default\
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS VERWIJDERD - - - -

MSConfigStartUp-15142304 - c:\programdata\15142304\15142304.exe
MSConfigStartUp-HyvesDesktop - c:\progra~1\HYVESD~1\bin\HYVESD~1.EXE
MSConfigStartUp-SetPanel - c:\acer\APanel\APanel.cmd
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSConfigStartUp-TomTomHOME - c:\program files\TomTom HOME 2\HOMERunner.exe
MSConfigStartUp-Uniblue RegistryBooster 2009 - c:\program files\uniblue\registrybooster\StartRegistryBooster.exe



**************************************************************************
scannen van verborgen processen ... 

scannen van verborgen autostart items ... 

scannen van verborgen bestanden ... 

Scan succesvol afgerond
verborgen bestanden: 

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Voltooingstijd: 2010-05-19  11:24:48
ComboFix-quarantined-files.txt  2010-05-19 09:24
ComboFix2.txt  2009-09-06 16:34
ComboFix3.txt  2009-05-27 06:41

Pre-Run: 31.277.682.688 bytes beschikbaar
Post-Run: 31.371.481.088 bytes beschikbaar

- - End Of File - - 62372214D9419FBF3EBE2D6265598E97