API tools faq
paste
Advertisement
Guest User

Combofix log

a guest
May 21st, 2012
89
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 31.10 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 12-05-20.10 - Sluysen 21/05/2012 15:05:48.1.4 - x64
  2. Microsoft Windows 7 Professional 6.1.7600.0.1252.32.1043.18.3953.2288 [GMT 2:00]
  3. Gestart vanuit: c:\users\Sluysen\Desktop\ComboFix.exe
  4. AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
  5. SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
  6. SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  7. .
  8. .
  9. (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
  10. .
  11. .
  12. c:\programdata\xml2DA5.tmp
  13. c:\programdata\xml2F1D.tmp
  14. c:\programdata\xml2FD9.tmp
  15. c:\programdata\xml43A8.tmp
  16. c:\programdata\xml7BF.tmp
  17. c:\programdata\xml97EC.tmp
  18. c:\programdata\xml9899.tmp
  19. c:\programdata\xmlF843.tmp
  20. c:\users\Sluysen\AppData\Local\assembly\tmp
  21. c:\users\Sluysen\AppData\Roaming\7za.exe
  22. c:\users\Sluysen\AppData\Roaming\a.7z
  23. c:\users\Sluysen\AppData\Roaming\Google\Update\1
  24. c:\users\Sluysen\AppData\Roaming\Google\Update\1\SD\m.txt
  25. c:\users\Sluysen\AppData\Roaming\Google\Update\1\SD\s.txt
  26. .
  27. .
  28. (((((((((((((((((((( Bestanden Gemaakt van 2012-04-21 to 2012-05-21 ))))))))))))))))))))))))))))))
  29. .
  30. .
  31. 2012-05-21 13:15 . 2012-05-21 13:15 -------- d-----w- c:\users\Default\AppData\Local\temp
  32. 2012-05-21 13:15 . 2012-05-21 13:15 -------- d-----w- c:\users\Administrator\AppData\Local\temp
  33. 2012-05-21 10:51 . 2012-05-21 10:51 -------- d-----w- c:\users\Sluysen\AppData\Local\adaware
  34. 2012-05-21 10:51 . 2012-05-21 10:51 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
  35. 2012-05-21 10:51 . 2011-12-19 10:44 60536 ----a-w- c:\windows\system32\drivers\sbhips.sys
  36. 2012-05-21 10:50 . 2011-09-29 10:16 119416 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
  37. 2012-05-21 10:50 . 2011-12-19 10:44 256632 ----a-w- c:\windows\system32\drivers\SbFw.sys
  38. 2012-05-21 10:50 . 2011-12-19 11:21 45936 ----a-w- c:\windows\system32\sbbd.exe
  39. 2012-05-21 10:50 . 2011-10-26 12:23 57976 ----a-w- c:\windows\system32\drivers\sbredrv.sys
  40. 2012-05-21 10:50 . 2012-05-21 10:50 -------- d-----w- c:\programdata\Lavasoft
  41. 2012-05-21 10:50 . 2012-05-21 10:58 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
  42. 2012-05-21 10:49 . 2012-05-21 12:24 -------- d-----w- c:\users\Sluysen\AppData\Roaming\Ad-Aware Antivirus
  43. 2012-05-21 09:02 . 2012-05-21 09:02 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
  44. 2012-05-21 08:37 . 2012-05-21 08:37 -------- d-----w- c:\program files (x86)\Cyanide
  45. 2012-05-18 09:44 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EA5D368F-DB80-465B-8AC3-1664EADF5294}\mpengine.dll
  46. 2012-05-13 22:14 . 2012-05-13 22:14 -------- d-----w- c:\program files (x86)\EA GAMES
  47. 2012-05-13 22:12 . 2004-09-30 14:24 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
  48. 2012-05-13 22:12 . 2004-09-30 14:20 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
  49. 2012-05-13 22:12 . 2004-09-30 14:20 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
  50. 2012-05-13 22:12 . 2004-09-30 14:19 172032 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
  51. 2012-05-13 22:12 . 2004-09-30 14:39 733184 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
  52. 2012-05-13 22:12 . 2012-05-13 22:12 180356 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
  53. 2012-05-13 22:12 . 2012-05-13 22:12 303236 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
  54. 2012-05-12 13:48 . 2012-05-12 13:48 -------- d-----w- c:\users\Sluysen\AppData\Local\Facebook
  55. 2012-05-11 17:10 . 2012-05-11 17:10 -------- d-----w- c:\program files\Microsoft Silverlight
  56. 2012-05-11 17:10 . 2012-05-11 17:10 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
  57. 2012-05-10 09:26 . 2012-03-03 06:29 1541120 ----a-w- c:\windows\system32\DWrite.dll
  58. 2012-05-10 09:26 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
  59. 2012-05-10 09:26 . 2012-03-03 06:29 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
  60. 2012-05-10 09:26 . 2012-03-03 06:29 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
  61. 2012-05-10 09:26 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
  62. 2012-05-10 09:26 . 2012-03-03 05:40 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
  63. 2012-05-10 09:26 . 2012-03-03 06:29 197120 ----a-w- c:\windows\system32\d3d10_1.dll
  64. 2012-05-10 09:26 . 2012-03-03 06:29 902656 ----a-w- c:\windows\system32\d2d1.dll
  65. 2012-05-10 09:26 . 2012-03-03 05:40 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
  66. 2012-05-10 09:26 . 2012-03-03 05:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
  67. 2012-05-10 09:25 . 2012-04-02 05:34 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
  68. 2012-05-10 09:25 . 2012-04-02 03:01 3143680 ----a-w- c:\windows\system32\win32k.sys
  69. 2012-05-10 09:25 . 2012-04-02 04:46 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
  70. 2012-05-10 09:25 . 2012-04-02 04:46 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
  71. 2012-05-10 09:25 . 2012-03-17 07:55 75632 ----a-w- c:\windows\system32\drivers\partmgr.sys
  72. 2012-05-10 09:25 . 2012-03-30 11:09 1895280 ----a-w- c:\windows\system32\drivers\tcpip.sys
  73. 2012-05-10 09:25 . 2012-04-02 05:26 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
  74. 2012-05-10 09:25 . 2012-04-02 05:24 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
  75. 2012-05-10 09:25 . 2012-04-02 04:40 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
  76. 2012-05-10 09:25 . 2012-04-02 05:24 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
  77. 2012-05-10 09:25 . 2012-04-02 05:24 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
  78. 2012-05-09 14:25 . 2012-05-09 14:25 -------- d-----w- c:\program files (x86)\Maxis
  79. 2012-05-03 21:24 . 2012-04-30 19:05 31344 ----a-w- c:\windows\system32\drivers\VMparport.sys
  80. 2012-05-03 21:24 . 2012-04-30 19:05 63088 ----a-w- c:\windows\system32\drivers\vmx86.sys
  81. 2012-05-03 21:23 . 2012-04-30 19:04 354416 ----a-w- c:\windows\SysWow64\vmnetdhcp.exe
  82. 2012-05-03 21:23 . 2012-04-30 19:04 433264 ----a-w- c:\windows\SysWow64\vmnat.exe
  83. 2012-05-03 21:23 . 2012-04-30 19:03 30320 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
  84. 2012-05-03 21:23 . 2012-04-30 19:05 942192 ----a-w- c:\windows\system32\vnetlib64.dll
  85. 2012-05-03 21:23 . 2012-04-30 19:04 32880 ----a-w- c:\windows\system32\drivers\VMkbd.sys
  86. 2012-05-03 21:23 . 2011-08-29 21:11 39024 ----a-w- c:\windows\system32\drivers\hcmon.sys
  87. 2012-05-03 21:22 . 2012-05-03 21:22 -------- d-----w- c:\program files (x86)\Common Files\VMware
  88. 2012-05-03 21:21 . 2012-05-03 21:21 -------- d-----w- c:\program files\Common Files\VMware
  89. 2012-05-01 11:43 . 2012-05-01 11:43 -------- d-----w- c:\programdata\Media Center Programs
  90. 2012-05-01 11:14 . 2012-05-01 11:14 -------- d-----w- c:\program files (x86)\Sierra Entertainment
  91. 2012-04-30 16:26 . 2012-04-30 16:26 252016 ----a-w- c:\windows\SysWow64\vmnc.dll
  92. 2012-04-30 15:22 . 2012-04-30 15:22 62064 ----a-w- c:\windows\system32\vmnetbridge.dll
  93. 2012-04-30 15:22 . 2012-04-30 15:22 48752 ----a-w- c:\windows\system32\vnetinst.dll
  94. 2012-04-30 15:22 . 2012-04-30 15:22 45680 ----a-w- c:\windows\system32\drivers\vmnetbridge.sys
  95. 2012-04-30 15:22 . 2012-04-30 15:22 24176 ----a-w- c:\windows\system32\drivers\vmnet.sys
  96. 2012-04-30 15:22 . 2012-04-30 15:22 20080 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys
  97. 2012-04-24 10:06 . 2012-04-24 10:06 -------- d-----w- c:\windows\SysWow64\BestPractices
  98. 2012-04-24 10:06 . 2012-04-24 10:06 -------- d-----w- c:\windows\system32\BestPractices
  99. 2012-04-24 10:06 . 2012-04-24 10:06 -------- d-----w- C:\inetpub
  100. 2012-04-24 09:52 . 2012-04-26 07:09 -------- d-----w- c:\program files (x86)\PHP
  101. 2012-04-23 09:52 . 2012-04-23 09:52 -------- d-----w- c:\users\Sluysen\AppData\Local\Tukui
  102. 2012-04-23 09:49 . 2012-04-23 09:49 -------- d-----w- c:\program files (x86)\Tukui Update Utility
  103. .
  104. .
  105. .
  106. ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
  107. .
  108. 2012-05-05 16:20 . 2012-04-03 09:50 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
  109. 2012-05-05 16:20 . 2011-07-25 21:58 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
  110. 2012-05-05 16:20 . 2012-04-03 10:20 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
  111. 2012-03-16 22:45 . 2012-02-29 10:46 214816 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
  112. 2012-03-16 22:45 . 2012-02-29 10:44 214816 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
  113. 2012-03-14 21:11 . 2011-09-26 16:44 2255840 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
  114. 2012-03-07 19:01 . 2012-02-29 10:43 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
  115. 2012-03-06 23:15 . 2011-07-23 12:38 41184 ----a-w- c:\windows\avastSS.scr
  116. 2012-03-06 23:15 . 2011-07-23 12:38 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
  117. 2012-03-06 23:15 . 2011-07-23 12:39 258520 ----a-w- c:\windows\system32\aswBoot.exe
  118. 2012-03-06 23:04 . 2011-07-23 12:39 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
  119. 2012-03-06 23:04 . 2011-07-23 12:39 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
  120. 2012-03-06 23:02 . 2012-04-07 08:48 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
  121. 2012-03-06 23:01 . 2011-07-23 12:39 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
  122. 2012-03-06 23:01 . 2011-07-23 12:39 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
  123. 2012-03-06 23:01 . 2011-07-23 12:39 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
  124. 2012-03-01 06:54 . 2012-04-11 19:33 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
  125. 2012-03-01 06:45 . 2012-04-11 19:33 220672 ----a-w- c:\windows\system32\wintrust.dll
  126. 2012-03-01 06:40 . 2012-04-11 19:33 80896 ----a-w- c:\windows\system32\imagehlp.dll
  127. 2012-03-01 06:35 . 2012-04-11 19:33 5120 ----a-w- c:\windows\system32\wmi.dll
  128. 2012-03-01 05:49 . 2012-04-11 19:33 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
  129. 2012-03-01 05:45 . 2012-04-11 19:33 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
  130. 2012-03-01 05:40 . 2012-04-11 19:33 5120 ----a-w- c:\windows\SysWow64\wmi.dll
  131. 2012-02-28 06:56 . 2012-04-11 19:37 2311168 ----a-w- c:\windows\system32\jscript9.dll
  132. 2012-02-28 06:49 . 2012-04-11 19:37 1390080 ----a-w- c:\windows\system32\wininet.dll
  133. 2012-02-28 06:48 . 2012-04-11 19:37 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
  134. 2012-02-28 06:42 . 2012-04-11 19:37 2382848 ----a-w- c:\windows\system32\mshtml.tlb
  135. 2012-02-28 01:18 . 2012-04-11 19:37 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
  136. 2012-02-28 01:11 . 2012-04-11 19:37 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
  137. 2012-02-28 01:11 . 2012-04-11 19:37 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
  138. 2012-02-28 01:03 . 2012-04-11 19:37 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
  139. 2012-02-23 08:18 . 2011-07-23 11:46 279656 ------w- c:\windows\system32\MpSigStub.exe
  140. 2010-08-03 10:11 819200 --sha-w- c:\windows\SysWOW64\xvidcore.dll
  141. 2010-08-03 10:11 180224 --sha-w- c:\windows\SysWOW64\xvidvfw.dll
  142. .
  143. .
  144. ------- Sigcheck -------
  145. Note: Unsigned files aren't necessarily malware.
  146. .
  147. [7] 2009-07-14 . 24ACB7E5BE595468E3B9AA488B9B4FCB . 328704 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
  148. [-] 2009-07-14 . 50BEA589F7D7958BDD2528A8F69D05CC . 329216 . . [6.1.7600.16385] .. c:\windows\system32\services.exe
  149. .
  150. ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
  151. .
  152. .
  153. *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
  154. REGEDIT4
  155. .
  156. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
  157. @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
  158. [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
  159. 2011-02-18 05:12 94208 ----a-w- c:\users\Sluysen\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  160. .
  161. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
  162. @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
  163. [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
  164. 2011-02-18 05:12 94208 ----a-w- c:\users\Sluysen\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  165. .
  166. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
  167. @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
  168. [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
  169. 2011-02-18 05:12 94208 ----a-w- c:\users\Sluysen\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
  170. .
  171. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  172. "Facebook Update"="c:\users\Sluysen\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-05-12 137536]
  173. "Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-02-27 1242448]
  174. "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
  175. .
  176. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  177. "Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
  178. "NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-21 106496]
  179. "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
  180. "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
  181. "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
  182. "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
  183. "Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
  184. .
  185. c:\users\Sluysen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
  186. CurseClientStartup.ccip [2012-4-3 0]
  187. Dropbox.lnk - c:\users\Sluysen\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-4 27087944]
  188. .
  189. c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
  190. Monitor Apache Servers.lnk - c:\program files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe [2010-10-18 41051]
  191. .
  192. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  193. "ConsentPromptBehaviorAdmin"= 0 (0x0)
  194. "ConsentPromptBehaviorUser"= 3 (0x3)
  195. "EnableLUA"= 0 (0x0)
  196. "EnableUIADesktopToggle"= 0 (0x0)
  197. "PromptOnSecureDesktop"= 0 (0x0)
  198. .
  199. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  200. Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  201. .
  202. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
  203. @="Ad-Aware Service"
  204. .
  205. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
  206. @="Service"
  207. .
  208. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
  209. @="Driver"
  210. .
  211. R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2011-10-26 57976]
  212. R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  213. R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
  214. R2 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
  215. R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
  216. R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x]
  217. R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
  218. R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [x]
  219. R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
  220. R3 MicrosoftDynamicsNavWS;Microsoft Dynamics NAV Business Web Services;c:\program files (x86)\Microsoft Dynamics NAV\60\Service\Microsoft.Dynamics.Nav.Server.exe [2010-12-11 141184]
  221. R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-17 129976]
  222. R3 netr28ux;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr28ux.sys [x]
  223. R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x]
  224. R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x]
  225. R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
  226. R3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [x]
  227. R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [x]
  228. R3 sbwtis;sbwtis;c:\windows\system32\DRIVERS\sbwtis.sys [x]
  229. R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
  230. R3 tizekdrv;tizekdrv;c:\users\Sluysen\AppData\Roaming\TZAC\tizek64.sys [2012-02-29 241848]
  231. R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-03-17 68440]
  232. R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
  233. R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
  234. R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
  235. R3 xhc200w;xhc200w;c:\swsetup\SP48109\32\xhc200w.sys [2010-02-02 25232]
  236. R3 zghsdiag;ZTE General Handset Diagnostic Port;c:\windows\system32\DRIVERS\zghsdiag.sys [x]
  237. R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [x]
  238. R3 zghsnmea;ZTE General Handset NMEA Port;c:\windows\system32\DRIVERS\zghsnmea.sys [x]
  239. R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
  240. R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]
  241. R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
  242. S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
  243. S1 aswSnx;aswSnx; [x]
  244. S1 aswSP;aswSP; [x]
  245. S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
  246. S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [x]
  247. S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
  248. S2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-05-03 1226096]
  249. S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-01 89600]
  250. S2 Apache2.2;Apache2.2;c:\program files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [2010-10-18 20549]
  251. S2 aswFsBlk;aswFsBlk; [x]
  252. S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
  253. S2 ET Master Server Proxy;ET Master Server Proxy Service;c:\program files (x86)\Rudi Visser\ET Master Server Proxy Service\ETMSProxy.exe [2012-01-21 9728]
  254. S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
  255. S2 MicrosoftDynamicsNavServer;Microsoft Dynamics NAV Server;c:\program files (x86)\Microsoft Dynamics NAV\60\Service\Microsoft.Dynamics.Nav.Server.exe [2010-12-11 141184]
  256. S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
  257. S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [x]
  258. S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-08-29 846448]
  259. S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
  260. S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [x]
  261. S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
  262. S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
  263. S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
  264. S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
  265. S3 rismcx64;RICOH Smart Card Reader;c:\windows\system32\DRIVERS\rismcx64.sys [x]
  266. S3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [x]
  267. .
  268. .
  269. --- Andere Services/Drivers In Geheugen ---
  270. .
  271. *NewlyCreated* - SBWTIS
  272. .
  273. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
  274. iissvcs REG_MULTI_SZ w3svc was
  275. apphost REG_MULTI_SZ apphostsvc
  276. .
  277. Inhoud van de 'Gedeelde Taken' map
  278. .
  279. 2012-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job
  280. - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 16:20]
  281. .
  282. 2012-05-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3201013571-1090400088-3516429029-1000Core.job
  283. - c:\users\Sluysen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-12 13:48]
  284. .
  285. 2012-05-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3201013571-1090400088-3516429029-1000UA.job
  286. - c:\users\Sluysen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-12 13:48]
  287. .
  288. 2012-05-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201013571-1090400088-3516429029-1000Core.job
  289. - c:\users\Sluysen\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-23 11:32]
  290. .
  291. 2012-05-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3201013571-1090400088-3516429029-1000UA.job
  292. - c:\users\Sluysen\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-23 11:32]
  293. .
  294. .
  295. --------- x86-64 -----------
  296. .
  297. .
  298. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
  299. @="{472083B0-C522-11CF-8763-00608CC02F24}"
  300. [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
  301. 2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
  302. .
  303. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
  304. @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
  305. [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
  306. 2011-02-18 05:12 97792 ----a-w- c:\users\Sluysen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  307. .
  308. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
  309. @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
  310. [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
  311. 2011-02-18 05:12 97792 ----a-w- c:\users\Sluysen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  312. .
  313. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
  314. @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
  315. [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
  316. 2011-02-18 05:12 97792 ----a-w- c:\users\Sluysen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  317. .
  318. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
  319. @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
  320. [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
  321. 2011-02-18 05:12 97792 ----a-w- c:\users\Sluysen\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
  322. .
  323. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  324. "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-24 16405608]
  325. "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-09-07 489472]
  326. "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
  327. "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-10-10 1861416]
  328. .
  329. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  330. "LoadAppInit_DLLs"=0x0
  331. .
  332. ------- Bijkomende Scan -------
  333. .
  334. uLocal Page = c:\windows\system32\blank.htm
  335. mLocal Page = c:\windows\SysWOW64\blank.htm
  336. IE: &Verzenden naar OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
  337. IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
  338. IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
  339. LSP: mswsock.dll
  340. LSP: %SystemRoot%\system32\vsocklib.dll
  341. Trusted Zone: clonewarsadventures.com
  342. Trusted Zone: freerealms.com
  343. Trusted Zone: soe.com
  344. Trusted Zone: sony.com
  345. TCP: DhcpNameServer = 195.130.131.5 192.168.0.1
  346. FF - ProfilePath - c:\users\Sluysen\AppData\Roaming\Mozilla\Firefox\Profiles\m58wssa1.default\
  347. FF - prefs.js: browser.startup.homepage - hxxp://localhost/
  348. .
  349. .
  350. ------- Bestandsassociaties -------
  351. .
  352. txtfile="c:\program files (x86)\Notepad++\notepad++.exe" %1
  353. .txt=Word.Document.12
  354. .
  355. - - - - ORPHANS VERWIJDERD - - - -
  356. .
  357. Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
  358. Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
  359. SafeBoot-SolutoService
  360. BHO-{3706EE7C-3CAD-445D-8A43-03EBC3B75908} - (no file)
  361. AddRemove-{33A22B2D-55BA-4508-B767-BF2E9C21A73F} - c:\program files (x86)\InstallShield Installation Information\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}\setup.exe
  362. AddRemove-UnityWebPlayer - c:\users\Sluysen\AppData\Local\Unity\WebPlayer\Uninstall.exe
  363. .
  364. .
  365. .
  366. --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
  367. .
  368. [HKEY_USERS\S-1-5-21-3201013571-1090400088-3516429029-1000\Software\SecuROM\License information*]
  369. "datasecu"=hex:14,f1,a1,57,33,ff,2e,3a,1d,ca,dd,64,c3,ba,26,38,6f,c5,d0,bb,4d,
  370. 85,5b,d2,dd,f6,44,0c,27,bb,40,e7,fa,dc,e9,6e,e3,95,6c,c0,e0,f2,81,67,10,fc,\
  371. "rkeysecu"=hex:19,6c,3d,24,4e,5e,f2,99,71,b2,fd,a1,1b,af,59,dd
  372. .
  373. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  374. @Denied: (A 2) (Everyone)
  375. @="FlashBroker"
  376. "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
  377. .
  378. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  379. "Enabled"=dword:00000001
  380. .
  381. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  382. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
  383. .
  384. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  385. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  386. .
  387. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  388. @Denied: (A 2) (Everyone)
  389. @="Shockwave Flash Object"
  390. .
  391. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  392. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
  393. "ThreadingModel"="Apartment"
  394. .
  395. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  396. @="0"
  397. .
  398. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  399. @="ShockwaveFlash.ShockwaveFlash.11"
  400. .
  401. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  402. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
  403. .
  404. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  405. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  406. .
  407. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  408. @="1.0"
  409. .
  410. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  411. @="ShockwaveFlash.ShockwaveFlash"
  412. .
  413. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  414. @Denied: (A 2) (Everyone)
  415. @="Macromedia Flash Factory Object"
  416. .
  417. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  418. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
  419. "ThreadingModel"="Apartment"
  420. .
  421. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  422. @="FlashFactory.FlashFactory.1"
  423. .
  424. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  425. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
  426. .
  427. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  428. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  429. .
  430. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  431. @="1.0"
  432. .
  433. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  434. @="FlashFactory.FlashFactory"
  435. .
  436. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  437. @Denied: (A 2) (Everyone)
  438. @="IFlashBroker4"
  439. .
  440. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  441. @="{00020424-0000-0000-C000-000000000046}"
  442. .
  443. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  444. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  445. "Version"="1.0"
  446. .
  447. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
  448. @Denied: (A) (Everyone)
  449. "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
  450. .
  451. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
  452. @Denied: (A) (Everyone)
  453. .
  454. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
  455. "Key"="ActionsPane3"
  456. "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
  457. .
  458. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  459. @Denied: (A) (Users)
  460. @Denied: (A) (Everyone)
  461. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  462. "BlindDial"=dword:00000000
  463. "MSCurrentCountry"=dword:000000b5
  464. .
  465. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
  466. @Denied: (A) (Users)
  467. @Denied: (A) (Everyone)
  468. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  469. "BlindDial"=dword:00000000
  470. .
  471. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
  472. @Denied: (A) (Users)
  473. @Denied: (A) (Everyone)
  474. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  475. "BlindDial"=dword:00000000
  476. .
  477. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  478. @Denied: (Full) (Everyone)
  479. .
  480. ------------------------ Andere Aktieve Processen ------------------------
  481. .
  482. c:\program files\AVAST Software\Avast\AvastSvc.exe
  483. c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
  484. c:\windows\SysWOW64\PnkBstrB.exe
  485. c:\windows\SysWOW64\vmnat.exe
  486. c:\program files (x86)\VMware\VMware Player\vmware-authd.exe
  487. c:\windows\SysWOW64\vmnetdhcp.exe
  488. c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
  489. c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
  490. .
  491. **************************************************************************
  492. .
  493. Voltooingstijd: 2012-05-21 15:27:13 - machine werd herstart
  494. ComboFix-quarantined-files.txt 2012-05-21 13:27
  495. .
  496. Pre-Run: 8.278.675.456 bytes beschikbaar
  497. Post-Run: 7.831.359.488 bytes beschikbaar
  498. .
  499. - - End Of File - - 0FA3264BAB33DB1D6567DC56EE07AD45
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!