ComboFix 14-09-11.01 - Aniek 11/09/2014 19:11:08.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4002.2520 [GMT 2:00] Gestart vanuit: c:\users\Aniek\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2014-08-11 to 2014-09-11 )))))))))))))))))))))))))))))) . . 2014-09-11 17:19 . 2014-09-11 17:19 -------- d-----w- c:\users\Public\AppData\Local\temp 2014-09-11 17:19 . 2014-09-11 17:19 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-09-11 15:56 . 2014-09-11 15:56 -------- d-----w- c:\programdata\FileCure 2014-09-11 15:48 . 2014-09-11 15:48 -------- d-----w- c:\users\Aniek\AppData\Local\FileViewPro 2014-09-11 15:48 . 2014-09-11 15:48 -------- d-----w- c:\users\Aniek\AppData\Roaming\IsolatedStorage 2014-09-11 15:47 . 2014-09-11 15:50 -------- d-----w- c:\program files\FileViewPro 2014-09-11 15:46 . 2014-09-11 15:46 -------- d-----w- C:\Spacekace 2014-09-11 13:33 . 2014-09-11 17:19 -------- d-----w- c:\users\Aniek\AppData\Local\Temp 2014-09-11 13:22 . 2014-09-11 13:33 -------- d-----w- C:\zoek 2014-09-11 01:01 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll 2014-09-11 01:01 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll 2014-09-10 22:27 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll 2014-09-10 22:27 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll 2014-09-10 22:27 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll 2014-09-10 22:27 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll 2014-09-10 22:27 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll 2014-09-10 22:27 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll 2014-09-10 22:27 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2014-09-10 22:27 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll 2014-09-10 22:27 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2014-09-10 22:27 . 2014-09-05 02:10 578048 ----a-w- c:\windows\system32\aepdu.dll 2014-09-10 22:27 . 2014-09-05 02:05 424448 ----a-w- c:\windows\system32\aeinv.dll 2014-09-10 18:12 . 2014-09-10 18:12 10036224 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2014-09-02 19:01 . 2014-09-02 19:01 43152 ----a-w- c:\windows\avastSS.scr 2014-09-02 18:40 . 2014-09-09 22:35 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-09-02 18:40 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys 2014-09-02 18:40 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-09-02 18:40 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-09-02 18:40 . 2014-09-02 18:40 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2014-09-02 18:21 . 2014-09-02 18:23 -------- d-----w- c:\programdata\SecTaskMan 2014-08-29 13:49 . 2014-08-29 13:49 -------- d-----w- c:\users\Aniek\AppData\Local\Adobe 2014-08-28 19:52 . 2014-08-28 19:52 -------- d-----w- c:\program files\Sony 2014-08-28 19:52 . 2014-08-28 19:52 -------- d-----w- c:\program files (x86)\Sony 2014-08-28 12:16 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll 2014-08-28 12:16 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll 2014-08-28 12:16 . 2014-08-23 00:59 3163648 ----a-w- c:\windows\system32\win32k.sys 2014-08-26 01:35 . 2014-08-26 01:35 -------- d-----w- c:\users\Aniek\AppData\Local\WinZip 2014-08-26 01:34 . 2014-08-26 01:35 -------- d-----w- c:\programdata\WinZip 2014-08-26 01:34 . 2014-08-26 01:34 -------- d-----w- c:\program files\WinZip 2014-08-15 01:05 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll 2014-08-15 01:05 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll 2014-08-15 01:05 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe 2014-08-15 01:05 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe 2014-08-15 01:05 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll 2014-08-15 01:05 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll 2014-08-15 01:04 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe 2014-08-15 01:04 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe 2014-08-14 23:42 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDTAT.DLL 2014-08-14 23:42 . 2014-07-09 01:31 7168 ----a-w- c:\windows\SysWow64\KBDYAK.DLL 2014-08-14 23:42 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDYAK.DLL 2014-08-14 23:42 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDRU1.DLL 2014-08-14 23:42 . 2014-07-09 02:03 6656 ----a-w- c:\windows\system32\KBDRU.DLL 2014-08-14 23:42 . 2014-07-09 01:31 6656 ----a-w- c:\windows\SysWow64\KBDBASH.DLL 2014-08-14 23:42 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDBASH.DLL 2014-08-14 23:42 . 2014-07-16 03:23 2048 ----a-w- c:\windows\system32\tzres.dll 2014-08-14 23:42 . 2014-07-16 02:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2014-08-14 23:41 . 2014-06-03 10:02 3241984 ----a-w- c:\windows\system32\msi.dll 2014-08-14 23:41 . 2014-06-03 09:29 2363392 ----a-w- c:\windows\SysWow64\msi.dll 2014-08-14 23:41 . 2014-06-03 10:02 1941504 ----a-w- c:\windows\system32\authui.dll 2014-08-14 23:41 . 2014-06-03 09:29 1805824 ----a-w- c:\windows\SysWow64\authui.dll 2014-08-14 23:41 . 2014-06-03 10:02 112064 ----a-w- c:\windows\system32\consent.exe 2014-08-14 23:41 . 2014-06-03 10:02 504320 ----a-w- c:\windows\system32\msihnd.dll 2014-08-14 23:41 . 2014-06-03 09:29 337408 ----a-w- c:\windows\SysWow64\msihnd.dll 2014-08-14 23:40 . 2014-06-16 02:10 985536 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2014-08-14 23:40 . 2014-06-25 02:05 14175744 ----a-w- c:\windows\system32\shell32.dll 2014-08-14 23:38 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll 2014-08-14 23:38 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-09-11 01:02 . 2011-08-10 15:28 101694776 ----a-w- c:\windows\system32\MRT.exe 2014-09-10 18:12 . 2013-10-19 21:25 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-09-10 18:12 . 2011-08-10 19:00 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-09-02 19:01 . 2013-10-19 15:39 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys 2014-09-02 19:01 . 2013-12-28 14:57 92008 ----a-w- c:\windows\system32\drivers\aswstm.sys 2014-09-02 19:01 . 2013-10-19 15:39 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2014-09-02 19:01 . 2013-10-19 15:39 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys 2014-09-02 19:01 . 2013-10-19 15:39 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2014-09-02 19:01 . 2014-05-01 12:24 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys 2014-09-02 19:01 . 2013-10-19 15:39 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2014-09-02 19:01 . 2013-10-19 15:38 307344 ----a-w- c:\windows\system32\aswBoot.exe 2014-09-02 19:01 . 2013-10-19 15:39 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2014-08-29 12:26 . 2011-03-29 01:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll 2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll 2014-07-11 01:02 . 2014-07-18 10:49 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2014-06-18 02:18 . 2014-07-09 21:57 692736 ----a-w- c:\windows\system32\osk.exe 2014-06-18 01:51 . 2014-07-09 21:57 646144 ----a-w- c:\windows\SysWow64\osk.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192] "Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-10-21 4287536] "Akamai NetSession Interface"="c:\users\Aniek\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-09-02 4085896] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x] R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x] R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x] R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x] R3 hxsyol;hxsyol;c:\aeriagames\AuraKingdom\avital\hxsy64.sys;c:\aeriagames\AuraKingdom\avital\hxsy64.sys [x] R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x] R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x] R3 mod7764;Tv Tuner device;c:\windows\system32\DRIVERS\mod77-64.sys;c:\windows\SYSNATIVE\DRIVERS\mod77-64.sys [x] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x] R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys;c:\windows\SYSNATIVE\DRIVERS\tapoas.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x] R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 WisLMSvc;WisLMSvc;c:\program files (x86)\Launch Manager\WisLMSvc.exe;c:\program files (x86)\Launch Manager\WisLMSvc.exe [x] R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x] R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 aswRvrt;avast! Revert; [x] S0 aswVmm;avast! VM Monitor; [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x] S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x] S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x] S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x] S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x] S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x] S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x] S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x] S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x] S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x] S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x] S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x] S3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x] S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-09-05 11:34 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.103\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2014-09-11 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-19 18:12] . 2014-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-26 00:28] . 2014-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-26 00:28] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2014-09-02 19:01 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-04-09 172016] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-04-09 399856] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-01 12661352] "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-07-13 2264168] "Persistence"="c:\windows\system32\igfxpers.exe" [2014-04-09 442352] "Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760] "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2014-05-13 7827256] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = Trusted Zone: aeriagames.com TCP: DhcpNameServer = 195.130.130.131 195.130.131.131 FF - ProfilePath - c:\users\Aniek\AppData\Roaming\Mozilla\Firefox\Profiles\x10b2pjf.default\ FF - prefs.js: browser.startup.homepage - about:home . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va015] "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.15" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2014-09-11 19:22:59 ComboFix-quarantined-files.txt 2014-09-11 17:22 ComboFix2.txt 2014-06-10 15:13 . Pre-Run: 437.778.882.560 bytes beschikbaar Post-Run: 437.370.306.560 bytes beschikbaar . - - End Of File - - 723CD09DC3F5AC041D71988D49838510