LOG:
ComboFix 14-05-10.01 - Donovan 12-05-2014 0:16.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8175.5644 [GMT 2:00]
Gestart vanuit: c:\users\Donovan\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Outdated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Outdated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1399783145.bdinstall.bin
c:\programdata\6BFF2C26B4.sys
c:\users\Donovan\AppData\Local\Topblast
c:\users\Donovan\AppData\Local\Topblast\Red_Dragon_6.exe_Url_vjdtfk0ndfmxu0nwhicqnbwsn1dpmsjw\6.0.0.0\user.config
c:\users\Donovan\AppData\Roaming\poclbm
c:\users\Donovan\AppData\Roaming\poclbm\poclbm.ini
c:\users\Donovan\AppData\Roaming\Waolq
c:\users\Donovan\AppData\Roaming\Waolq\mequo.atq
c:\users\Donovan\AppData\Roaming\Wuko
c:\users\Donovan\AppData\Roaming\Wuko\cune.uwa
c:\users\Donovan\Documents\~WRD0000.tmp
c:\users\Donovan\msdata
c:\windows\SysWow64\tmp9353.tmp
c:\windows\SysWow64\tmp9373.tmp
c:\windows\SysWow64\tmpBE10.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2014-04-11 to 2014-05-11 ))))))))))))))))))))))))))))))
.
.
2014-05-11 22:33 . 2014-05-11 22:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-11 17:07 . 2014-05-11 17:07 -------- d-----w- c:\program files (x86)\ESET
2014-05-11 15:27 . 2014-03-06 08:15 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-05-11 04:55 . 2014-05-11 04:55 -------- d-----w- c:\program files\AVAST Software
2014-05-11 04:54 . 2014-05-11 04:54 -------- d-----w- c:\programdata\AVAST Software
2014-05-11 04:43 . 2014-05-11 04:43 -------- d-----w- c:\program files\Bitdefender
2014-05-11 04:39 . 2014-05-11 04:39 0 ----a-w- c:\windows\system32\BDSandBoxUISkin32.dll
2014-05-11 04:39 . 2014-05-11 04:39 0 ----a-w- c:\windows\system32\BDSandBoxUISkin.dll
2014-05-11 04:39 . 2014-05-11 04:39 0 ----a-w- c:\windows\system32\BDSandBoxUH.dll
2014-05-11 04:29 . 2014-05-11 04:43 -------- d-----w- c:\program files\Common Files\Bitdefender
2014-05-11 04:28 . 2014-05-11 04:28 -------- d-----w- c:\program files (x86)\Common Files\Bitdefender
2014-05-11 04:16 . 2014-05-11 04:16 -------- d-----r- C:\Sandbox
2014-05-11 04:13 . 2014-05-11 04:13 -------- d-----w- c:\program files\Sandboxie
2014-05-11 04:02 . 2014-05-11 04:02 -------- d-----w- c:\users\Donovan\AppData\Local\MFAData
2014-05-11 04:02 . 2014-05-11 04:02 -------- d-----w- c:\users\Donovan\AppData\Local\Avg2014
2014-05-11 03:41 . 2014-05-11 03:41 -------- d-----w- c:\windows\system32\drivers\en-US
2014-05-11 03:36 . 2014-05-11 03:36 -------- d-----w- c:\program files\Microsoft.NET
2014-05-11 03:25 . 2014-05-11 03:25 -------- d-----w- c:\programdata\VS
2014-05-11 03:21 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2014-05-11 03:21 . 2013-10-02 02:22 56832 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2014-05-11 03:21 . 2013-10-02 02:11 13824 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-05-11 03:21 . 2013-10-02 02:08 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-05-11 03:21 . 2013-10-02 01:48 56832 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2014-05-11 03:21 . 2013-10-02 01:48 18944 ----a-w- c:\windows\system32\wksprtPS.dll
2014-05-11 03:21 . 2013-10-02 01:29 62976 ----a-w- c:\windows\system32\tsgqec.dll
2014-05-11 03:21 . 2013-10-02 00:15 1057280 ----a-w- c:\windows\system32\rdvidcrl.dll
2014-05-11 03:21 . 2013-10-02 00:08 83968 ----a-w- c:\windows\system32\TSWbPrxy.exe
2014-05-11 03:21 . 2013-10-02 00:01 420864 ----a-w- c:\windows\system32\wksprt.exe
2014-05-11 03:21 . 2013-10-01 23:31 1147392 ----a-w- c:\windows\system32\mstsc.exe
2014-05-11 03:21 . 2013-10-01 20:57 6578176 ----a-w- c:\windows\system32\mstscax.dll
2014-05-11 02:05 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-05-11 02:05 . 2013-09-25 02:26 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-05-11 02:05 . 2013-09-25 02:26 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-05-11 02:05 . 2013-09-25 02:23 28672 ----a-w- c:\windows\system32\sspisrv.dll
2014-05-11 02:05 . 2013-09-25 02:23 135680 ----a-w- c:\windows\system32\sspicli.dll
2014-05-11 02:05 . 2013-09-25 02:23 28160 ----a-w- c:\windows\system32\secur32.dll
2014-05-11 02:05 . 2013-09-25 02:22 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-11 02:05 . 2013-09-25 02:21 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-05-11 02:05 . 2013-09-25 02:21 1447936 ----a-w- c:\windows\system32\lsasrv.dll
2014-05-11 02:05 . 2013-09-25 01:03 30720 ----a-w- c:\windows\system32\lsass.exe
2014-05-11 02:05 . 2013-07-04 12:18 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2014-05-11 02:03 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2014-05-11 02:03 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-05-11 02:03 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2014-05-11 02:03 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2014-05-11 00:58 . 2014-05-11 01:40 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-11 00:50 . 2014-05-11 00:52 -------- dc----w- c:\users\Donovan\AppData\Local\MigWiz
2014-05-11 00:49 . 2014-05-11 01:38 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-10 20:54 . 2014-05-10 20:54 -------- d-----w- c:\windows\ERUNT
2014-05-10 13:18 . 2014-05-10 20:15 -------- d-----w- C:\AdwCleaner
2014-05-10 00:37 . 2014-05-10 00:37 878080 ----a-w- c:\windows\system32\advapi32.dll
2014-05-10 00:37 . 2014-05-10 00:37 859648 ----a-w- c:\windows\system32\tdh.dll
2014-05-10 00:37 . 2014-05-10 00:37 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2014-05-10 00:37 . 2014-05-10 00:37 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-05-10 00:37 . 2014-05-10 00:37 1732032 ----a-w- c:\windows\system32\ntdll.dll
2014-05-09 21:41 . 2014-05-09 21:41 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-09 21:33 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-05-09 21:33 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-05-09 21:33 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-05-09 21:33 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-05-09 20:55 . 2014-05-09 20:58 -------- d-----w- c:\windows\system32\MRT
2014-05-09 20:51 . 2014-05-09 20:51 -------- d-----w- c:\program files\Microsoft Silverlight
2014-05-09 20:51 . 2014-05-09 20:51 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-05-09 20:41 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2014-05-09 20:40 . 2013-06-06 05:50 41472 ----a-w- c:\windows\system32\lpk.dll
2014-05-09 20:31 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2014-05-09 20:08 . 2014-05-09 20:08 -------- d-----w- c:\programdata\AVG
2014-05-09 20:07 . 2014-05-09 20:07 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-05-08 20:13 . 2014-05-08 20:13 -------- d-----w- c:\program files (x86)\GUM3570.tmp
2014-05-08 20:12 . 2014-05-08 20:12 -------- d-----w- c:\program files (x86)\GUMCC62.tmp
2014-05-08 20:12 . 2014-05-08 20:12 -------- d-----w- c:\program files (x86)\GUM7C5F.tmp
2014-05-07 18:43 . 2014-05-07 18:44 -------- d-----w- c:\users\Donovan\AppData\Local\DynamicPricer
2014-05-07 18:43 . 2014-05-07 18:43 -------- d-----w- c:\users\Donovan\AppData\Local\19504
2014-04-29 13:07 . 2014-04-29 13:07 -------- d-----w- c:\program files\Crytek
2014-04-19 20:20 . 2014-04-30 17:23 -------- d-----w- c:\users\Donovan\AppData\Local\wf-launcher
2014-04-19 20:20 . 2014-04-19 20:20 -------- d-----w- c:\program files (x86)\Crytek
2014-04-17 21:11 . 2014-05-11 01:32 -------- d-sh--w- c:\program files (x86)\Windows Manager
2014-04-17 14:35 . 2014-04-17 14:42 -------- d-----w- c:\program files (x86)\Finn and Jake's Epic Quest
2014-04-15 15:37 . 2014-04-15 15:40 -------- d-----w- c:\users\Donovan\AppData\Roaming\Notepad++
2014-04-15 15:37 . 2014-04-15 15:37 -------- d-----w- c:\program files (x86)\Notepad++
2014-04-15 11:02 . 2014-04-15 11:02 -------- d-----w- c:\program files (x86)\NCSOFT
2014-04-15 11:02 . 2014-04-15 11:02 -------- d-----w- c:\users\Donovan\AppData\Roaming\NCSOFT
2014-04-15 11:02 . 2014-04-15 11:02 -------- d-----w- c:\users\Donovan\AppData\Local\NCSOFT
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-11 03:28 . 2013-07-10 19:00 188128 ----a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2014-05-10 00:38 . 2014-05-10 00:38 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-05-10 00:38 . 2014-05-10 00:38 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-05-10 00:38 . 2014-05-10 00:38 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-05-10 00:38 . 2014-05-10 00:38 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-05-10 00:38 . 2014-05-10 00:38 1789440 ----a-w- c:\windows\SysWow64\wininet.dll
2014-05-10 00:38 . 2014-05-10 00:38 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-05-10 00:37 . 2014-05-10 00:37 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2014-05-10 00:37 . 2014-05-10 00:37 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2014-05-10 00:37 . 2014-05-10 00:37 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2014-05-10 00:37 . 2014-05-10 00:37 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2014-05-07 17:16 . 2013-10-23 12:15 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-04-30 17:03 . 2012-04-27 14:45 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-30 17:03 . 2011-12-02 15:13 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-04 00:07 . 2014-04-04 00:07 386680 ----a-w- c:\windows\system32\drivers\sptd.sys
2014-03-31 07:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-31 01:51 . 2011-12-02 14:01 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-25 23:12 . 2014-03-25 23:12 77824 ----a-r- c:\users\Donovan\AppData\Roaming\Microsoft\Installer\{6628277A-F051-4647-96D7-E829FD86C7B9}\ARPPRODUCTICON.exe
2014-03-25 23:12 . 2014-03-25 23:12 77824 ----a-r- c:\users\Donovan\AppData\Roaming\Microsoft\Installer\{6628277A-F051-4647-96D7-E829FD86C7B9}\_BA6F52370FB84CB79FA120E96853A4F3.exe
2014-03-25 23:12 . 2014-03-25 23:12 77824 ----a-r- c:\users\Donovan\AppData\Roaming\Microsoft\Installer\{6628277A-F051-4647-96D7-E829FD86C7B9}\_4928C3DDAA574E9788505A94F934E31D.exe
2014-03-21 20:50 . 2012-08-14 14:36 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2014-03-17 09:16 . 2014-04-04 15:07 10521840 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{04A9621C-DEAB-4E84-866C-3280FB01C10F}\mpengine.dll
2014-03-16 16:12 . 2012-04-21 18:23 283032 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-03-16 16:12 . 2011-12-08 15:28 283032 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-03-16 14:53 . 2011-12-08 15:28 283032 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-03-04 09:17 . 2014-05-11 02:06 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-05-11 02:06 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-05-11 02:06 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-05-11 02:06 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-05-11 02:06 2048 ----a-w- c:\windows\SysWow64\user.exe
2002-06-04 07:59 . 2002-06-04 07:59 204800 ----a-w- c:\program files (x86)\Restoration.exe
2002-03-31 03:35 . 2002-03-31 03:35 6144 ----a-w- c:\program files (x86)\DLL16.DLL
2002-03-21 08:20 . 2002-03-21 08:20 204849 ----a-w- c:\program files (x86)\DLL32.DLL
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-03-12 18:13 1728216 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-03-12 18:13 1728216 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-03-12 18:13 1728216 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Donovan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Donovan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Donovan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-04-23 1825984]
"GoogleChromeAutoLaunch_BC8BDEB63AAFCA969EBAB877659FCB65"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-03-09 859464]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-11-29 766208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-05-11 3873704]
.
c:\users\Donovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Donovan\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-8 32668056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R1 VirtDiskBus;3TB+ Unlock;c:\windows\system32\DRIVERS\VirtDiskBus64.sys;c:\windows\SYSNATIVE\DRIVERS\VirtDiskBus64.sys [x]
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys;c:\windows\SYSNATIVE\DRIVERS\evolve.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RAMDiskVE;RAMDiskVE;c:\windows\system32\Drivers\RAMDiskVE.sys;c:\windows\SYSNATIVE\Drivers\RAMDiskVE.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rt61x64;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr6164.sys;c:\windows\SYSNATIVE\DRIVERS\netr6164.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 V0700Vid;Creative Live! Cam Chat HD Driver;c:\windows\system32\DRIVERS\V0700Vid.sys;c:\windows\SYSNATIVE\DRIVERS\V0700Vid.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va005;X6va005;c:\users\Donovan\AppData\Local\Temp\005B434.tmp;c:\users\Donovan\AppData\Local\Temp\005B434.tmp [x]
R4 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]
R4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R4 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe;c:\windows\SYSNATIVE\lxeacoms.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\SERVER\SRService.exe;c:\program files (x86)\Splashtop\Splashtop Remote\SERVER\SRService.exe [x]
R4 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [x]
R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 NTI BackupNowEZSvr;NTI BackupNowEZSvr;c:\program files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe;c:\program files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 PCWinSoft;ScreenCamera Video Camera;c:\windows\system32\DRIVERS\scrcamhrdrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\scrcamhrdrv_x64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-30 00:41 1078088 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2014-05-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-27 17:03]
.
2014-05-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1747785543-1256656071-13493864-1000Core.job
- c:\users\Donovan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-30 17:07]
.
2014-05-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1747785543-1256656071-13493864-1000UA.job
- c:\users\Donovan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-30 17:07]
.
2014-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-02 15:13]
.
2014-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-02 15:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-11 05:05 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Donovan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Donovan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Donovan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Donovan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-11-14 8292120]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = google
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;
uSearchAssistant = google
IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Klant openen op monitor &1 - c:\windows\web\AOpenClient.htm
IE: Klant openen op monitor &2 - c:\windows\web\AOpenClient.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.2
TCP: Interfaces\{E2EF067D-707D-46CD-B867-7E92A9EE86BE}: NameServer = 8.8.8.8,6.6.6.6
TCP: Interfaces\{F34DEC68-ACE6-4824-AD9A-FA76C7791318}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{F34DEC68-ACE6-4824-AD9A-FA76C7791318}\2557574613: NameServer = 8.8.8.8,6.6.6.6
TCP: Interfaces\{F34DEC68-ACE6-4824-AD9A-FA76C7791318}\9434944455: NameServer = 8.8.8.8,6.6.6.6
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Donovan\AppData\Roaming\Mozilla\Firefox\Profiles\xfa57450.default\
.
- - - - ORPHANS VERWIJDERD - - - -
.
Wow6432Node-HKLM-Run- - (no file)
Wow6432Node-HKU-Default-Run-Copy - c:\users\Donovan\AppData\Roaming\Copy\CopyAgent.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{83BEA36E-7680-4598-A4DF-994426F6E78D} - (no file)
ShellIconOverlayIdentifiers-{845B7388-6F85-4F32-9FD5-F02DC7882B89} - (no file)
ShellIconOverlayIdentifiers-{F6378A7A-F753-449B-AE1B-997A96132E61} - (no file)
ShellIconOverlayIdentifiers-{3A511828-777D-46F8-82F4-5B530C1B3D9E} - (no file)
ShellIconOverlayIdentifiers-{C8C88204-5B14-40EC-BA72-8AEBC762047E} - (no file)
ShellIconOverlayIdentifiers-{ACFF45C3-3EEB-4351-86C2-6696BA264239} - (no file)
ShellIconOverlayIdentifiers-{29AF997F-488B-46F0-AE78-7146F1B89CC3} - (no file)
ShellIconOverlayIdentifiers-{03F9AD29-1C78-4B66-8890-B177B5430C53} - (no file)
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-Game Booster_is1 - c:\program files (x86)\IObit\Game Booster 3\unins000.exe
AddRemove-Hitman Absolution_is1 - c:\program files (x86)\SQUARE ENIX\Hitman Absolution\unins000.exe
AddRemove-Kaspersky Password Manager_is1 - c:\program files (x86)\Kaspersky Lab\Kaspersky Password Manager\unins000.exe
AddRemove-Unity - c:\program files (x86)\Unity\Editor\Uninstall.exe
AddRemove-{141B8BA9-BFFD-4635-AF64-078E31010EC3}_is1 - c:\program files (x86)\Square Enix\FINAL FANTASY VII\unins000.exe
AddRemove-Samsung Galaxy S4 Toolkit - c:\samsunggalaxys4toolkit\Uninstal.exe
AddRemove-UnityWebPlayer - c:\users\Donovan\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Donovan\AppData\Local\Temp\005B434.tmp"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:91,40,94,1f,e6,44,ce,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,44,2f,d9,1b,cd,57,83,4a,b5,39,cd,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,44,2f,d9,1b,cd,57,83,4a,b5,39,cd,\
.
[HKEY_USERS\S-1-5-21-1747785543-1256656071-13493864-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1747785543-1256656071-13493864-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1747785543-1256656071-13493864-1000\Software\SecuROM\License information*]
"datasecu"=hex:8b,39,84,a2,e4,6a,2a,30,90,79,47,d4,89,31,69,20,74,11,3a,37,41,
38,c5,f1,97,64,01,da,69,ab,c9,94,9b,f4,82,7b,38,a3,a4,56,7a,65,ca,0c,3d,cf,\
"rkeysecu"=hex:d5,08,b7,83,83,8c,ca,b4,f7,56,32,69,51,1f,94,43
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\users\Donovan\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\SLSTaskbar.exe
.
**************************************************************************
.
Voltooingstijd: 2014-05-12 00:51:18 - machine werd herstart
ComboFix-quarantined-files.txt 2014-05-11 22:51
.
Pre-Run: 219.636.633.600 bytes beschikbaar
Post-Run: 221.625.348.096 bytes beschikbaar
.
- - End Of File - - 6F61F3B343E9E4BD13E29810CD06E744
A36C5E4F47E84449FF07ED3517B43A31