Ga naar inhoud

henkver1905

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    8

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door henkver1905

  1. henkver1905
    Zo te zien werkt het nu mijn dank is groot voor alle hulp
  2. henkver1905
    mijn broer is online maar daar heb ik geen probleem mee wacht nu of er iemand online komt
  3. henkver1905
    ComboFix 11-04-17.01 - Henk 18-04-2011 14:30:23.2.2 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.4095.2678 [GMT 2:00] Gestart vanuit: c:\users\Henk\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\users\Henk\Desktop\CFScript.txt..txt SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\users\Henk\AppData\Local\GLF7726.tmp" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Hitman Pro c:\programdata\Hitman Pro\Banner.bin c:\programdata\Hitman Pro\HitmanPro.key c:\programdata\Hitman Pro\HitmanPro.lic c:\users\Henk\AppData\Local\{0A378FF2-83B4-471D-B1F3-D2BD0DA02648} c:\users\Henk\AppData\Local\{0A61F791-9340-49EB-9241-59344C5EDA51} c:\users\Henk\AppData\Local\{1DD4F919-438D-47DA-BBF1-DF12F6197723} c:\users\Henk\AppData\Local\{20706712-E0AF-44DA-BDC2-64CA565944D7} c:\users\Henk\AppData\Local\{2194F173-0AE8-40C0-9DF5-B680C129B542} c:\users\Henk\AppData\Local\{22969C1E-F79E-44C3-BBE5-CBC131F38041} c:\users\Henk\AppData\Local\{29ECDB9E-DE2B-4CEE-AA18-A951A356024F} c:\users\Henk\AppData\Local\{2A2CA6CC-1AA0-45FD-A1A3-474D74C39347} c:\users\Henk\AppData\Local\{41180D81-7DC5-40AD-B586-DB2309372034} c:\users\Henk\AppData\Local\{4834F69C-59DE-4886-B739-B2E72847E3C3} c:\users\Henk\AppData\Local\{5379A433-914B-4A28-8058-99E50019BA49} c:\users\Henk\AppData\Local\{53F563C5-AB63-4C42-A0C1-E6A32E48E9F3} c:\users\Henk\AppData\Local\{574CA78C-E64D-4462-85FC-5297C02A44C5} c:\users\Henk\AppData\Local\{645F1EE2-1E25-4838-A505-BA48EC9D1004} c:\users\Henk\AppData\Local\{64C5C7C1-AB94-4060-8B2C-35C835157CB3} c:\users\Henk\AppData\Local\{732EB45C-4BA3-44B5-8CC7-BE9659844F88} c:\users\Henk\AppData\Local\{75E63F3D-A448-4039-9AFF-7FB15C8E1133} c:\users\Henk\AppData\Local\{78450156-1544-46E7-BB98-9DBC9CA08B6D} c:\users\Henk\AppData\Local\{803D255C-EBF6-43ED-BF17-3A45164D8408} c:\users\Henk\AppData\Local\{83506C72-5E9F-4357-864C-14B6DFEB4AE0} c:\users\Henk\AppData\Local\{99803589-73DE-4206-820A-25075E1BA598} c:\users\Henk\AppData\Local\{BD03C705-DE08-4928-A4E7-6C56BCA02963} c:\users\Henk\AppData\Local\{DE67595E-CE71-4A9E-AD64-438F54F5BBA5} c:\users\Henk\AppData\Local\{E1FB9E2B-9A24-4F16-92CC-006E34D8605E} c:\users\Henk\AppData\Local\{F8E8B326-75A9-4421-BDA0-57C1557DEE64} c:\users\Henk\AppData\Local\{FBDB819C-1AA9-4201-9B09-D7218F298570} c:\users\Henk\AppData\Local\GLF7726.tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2011-03-18 to 2011-04-18 )))))))))))))))))))))))))))))) . . 2011-04-18 12:39 . 2011-04-18 12:39 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-04-18 10:33 . 2011-04-18 10:33 -------- d-----w- c:\users\Henk\AppData\Roaming\AVG10 2011-04-18 10:32 . 2011-04-18 10:32 -------- d--h--w- c:\programdata\Common Files 2011-04-18 10:29 . 2011-04-18 12:25 -------- d-----w- c:\programdata\AVG10 2011-04-18 10:12 . 2011-04-18 10:24 -------- d-----w- c:\programdata\MFAData 2011-04-16 03:24 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2F0FD13-43B4-414C-9AE0-3E291A75D4BB}\mpengine.dll 2011-04-14 17:47 . 2011-04-14 17:47 -------- d-----w- c:\program files (x86)\AMS Photo Effects 2011-04-14 09:58 . 2011-04-14 09:58 12872 ----a-w- c:\windows\system32\bootdelete.exe 2011-04-14 09:36 . 2011-04-14 12:30 19528 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2011-04-14 09:36 . 2011-04-14 09:36 -------- d-----w- c:\program files\Hitman Pro 3.5 2011-04-14 09:27 . 2011-04-14 09:27 -------- d-----w- c:\users\Henk\AppData\Roaming\Malwarebytes 2011-04-14 09:27 . 2011-04-14 09:27 -------- d-----w- c:\programdata\Malwarebytes 2011-04-14 09:27 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-04-14 09:27 . 2011-04-14 13:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-04-14 09:27 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-04-14 08:50 . 2011-04-14 08:50 -------- d-----w- c:\windows\nl 2011-04-14 08:48 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2011-04-14 08:47 . 2011-04-14 16:48 -------- d-----w- c:\program files (x86)\Microsoft 2011-04-14 08:45 . 2010-08-11 05:13 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2011-04-14 08:45 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll 2011-04-14 08:45 . 2010-08-11 05:19 3860992 ----a-w- c:\windows\system32\UIRibbon.dll 2011-04-14 08:45 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll 2011-04-14 08:44 . 2011-04-14 08:44 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\33adb1f81cbfa8007\InstallManager_WLE_WLE.exe 2011-04-14 08:44 . 2011-04-14 08:44 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2db1ee2b1cbfa8006\MeshBetaRemover.exe 2011-04-14 07:28 . 2011-04-14 07:47 -------- d-----w- c:\users\Henk\AppData\Local\BearShare 2011-04-14 07:28 . 2011-04-14 07:51 -------- d-----w- c:\program files (x86)\BearShare Applications 2011-04-14 07:21 . 2011-04-14 10:07 -------- d-----w- c:\users\Henk\AppData\Roaming\LimeWirePlus 2011-04-14 07:20 . 2011-04-14 07:25 -------- d-----w- c:\program files (x86)\LimeWire Plus 2011-04-11 13:18 . 2011-04-11 13:18 -------- d-----w- c:\windows\SpotmeV2.0.7 2011-04-08 13:13 . 2011-04-08 13:16 -------- d-----w- c:\programdata\MyHeritage 2011-04-08 13:13 . 2011-04-08 13:14 -------- d-----w- c:\users\Henk\AppData\Roaming\MyHeritage 2011-04-08 13:13 . 2011-04-08 13:13 -------- d-----w- c:\users\Henk\AppData\Roaming\The Complete Genealogy Reporter - FTB 2011-04-08 13:13 . 2003-07-06 11:07 372736 ----a-w- c:\windows\SysWow64\ijl15.dll 2011-04-08 13:13 . 2002-03-06 22:19 454656 ----a-w- c:\windows\SysWow64\PaintX.dll 2011-04-08 13:13 . 1998-06-23 22:00 137000 ----a-w- c:\windows\SysWow64\msmapi32.ocx 2011-04-08 13:13 . 2011-04-08 13:13 -------- d-----w- c:\program files (x86)\MyHeritage 2011-03-28 19:53 . 2011-03-28 19:53 -------- d-----w- c:\users\Henk\AppData\Local\VanDale 2011-03-28 19:51 . 2011-03-30 10:46 -------- d-----w- c:\users\Henk\AppData\Roaming\Van Dale 2011-03-28 19:51 . 2011-03-30 10:46 -------- d-----w- c:\program files (x86)\Van Dale 2011-03-28 19:50 . 2011-03-28 19:50 -------- d-----w- c:\program files (x86)\Esdnow 2011-03-25 11:58 . 2011-03-25 11:58 -------- d-----w- c:\programdata\Nokia 2011-03-23 18:17 . 2010-09-06 09:26 189520 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-03-11 05:14 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-03-03 16:13 . 2011-03-03 16:13 385552 ----a-w- c:\windows\SysWow64\FTBSaver.scr 2011-02-24 10:38 . 2010-05-17 12:11 2516 --sha-w- c:\programdata\KGyGaAvL.sys 2011-02-19 06:43 . 2011-03-09 05:16 1139200 ----a-w- c:\windows\system32\FntCache.dll 2011-02-19 06:42 . 2011-03-09 05:16 1544192 ----a-w- c:\windows\system32\DWrite.dll 2011-02-19 06:42 . 2011-03-09 05:16 902656 ----a-w- c:\windows\system32\d2d1.dll 2011-02-19 05:56 . 2011-03-09 05:16 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll 2011-02-19 05:56 . 2011-03-09 05:16 739840 ----a-w- c:\windows\SysWow64\d2d1.dll 2011-02-02 20:40 . 2010-05-09 05:16 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-02-02 17:11 . 2010-05-08 09:35 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-01-26 06:53 . 2011-02-09 07:04 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2011-01-26 06:53 . 2011-02-09 07:04 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2011-01-26 06:31 . 2011-02-09 07:04 144384 ----a-w- c:\windows\system32\cdd.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-04-18_10.08.49 ))))))))))))))))))))))))))))))))))))))))) . + 2010-01-04 23:10 . 2011-04-18 12:28 63912 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-04-18 12:28 41576 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-05-08 09:05 . 2011-04-18 12:28 14818 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2375226043-92542396-448410196-1001_UserData.bin + 2009-07-14 05:30 . 2011-04-18 10:31 86016 c:\windows\system32\DriverStore\infpub.dat - 2009-07-14 05:30 . 2011-04-18 09:43 86016 c:\windows\system32\DriverStore\infpub.dat + 2010-07-12 02:34 . 2010-07-12 02:34 57696 c:\windows\system32\DriverStore\FileRepository\avgfwfd6.inf_amd64_neutral_af63b8978046ec26\avgfwd6a.sys + 2010-07-12 02:34 . 2010-07-12 02:34 57696 c:\windows\system32\drivers\avgfwd6a.sys - 2010-05-08 11:00 . 2011-04-18 08:05 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-05-08 11:00 . 2011-04-18 10:45 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-05-08 11:00 . 2011-04-18 08:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2010-05-08 11:00 . 2011-04-18 10:45 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-04-18 08:05 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-04-18 10:45 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-04-18 07:59 . 2011-04-18 07:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-04-18 12:26 . 2011-04-18 12:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-04-18 12:26 . 2011-04-18 12:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-04-18 07:59 . 2011-04-18 07:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-07-14 05:30 . 2011-04-18 10:31 143360 c:\windows\system32\DriverStore\infstrng.dat - 2009-07-14 05:30 . 2011-04-18 09:43 143360 c:\windows\system32\DriverStore\infstrng.dat + 2009-07-14 05:30 . 2011-04-18 10:31 143360 c:\windows\system32\DriverStore\infstor.dat - 2009-07-14 05:30 . 2011-04-18 09:43 143360 c:\windows\system32\DriverStore\infstor.dat + 2011-03-21 08:24 . 2011-04-18 12:25 106736 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2009-07-14 05:01 . 2011-04-18 07:59 525340 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2011-04-18 12:25 525340 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2010-12-19 22:37 . 2011-04-18 12:17 1337812 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2375226043-92542396-448410196-1001-12288.dat - 2010-12-19 22:37 . 2011-04-14 12:25 1337812 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2375226043-92542396-448410196-1001-12288.dat + 2010-07-23 12:08 . 2010-07-23 12:08 8544256 c:\windows\Installer\84d898.msi + 2011-04-18 10:39 . 2011-04-18 10:39 1956864 c:\windows\Installer\49218.msi + 2011-01-10 07:54 . 2011-01-10 07:54 4920832 c:\windows\Installer\2ecb1.msi - 2009-07-14 02:34 . 2011-04-18 08:09 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat + 2009-07-14 02:34 . 2011-04-18 10:48 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat + 2010-05-08 09:16 . 2011-04-18 12:25 11557980 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2375226043-92542396-448410196-1001-8192.dat - 2010-05-08 09:16 . 2011-04-15 20:40 11557980 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2375226043-92542396-448410196-1001-8192.dat + 2010-12-19 22:37 . 2011-04-18 10:26 13370884 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2375226043-92542396-448410196-1001-4096.dat - 2010-12-19 22:37 . 2011-04-14 12:25 13370884 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2375226043-92542396-448410196-1001-4096.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] 2010-06-23 00:26 194912 ------w- c:\program files (x86)\Yontoo Layers Client\YontooIEClient.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760] "Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2010-04-29 5248312] "IncrediMail"="c:\program files (x86)\IncrediMail\bin\IncMail.exe" [2010-05-17 353736] "WebcamMaxAutoRun"="c:\program files (x86)\WebcamMax\WebcamMax.exe" [2009-12-30 1561232] "TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2010-06-24 247144] "DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 427328] "NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-09-02 672632] "Corel Photo Downloader"="c:\program files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2009-12-30 523408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-08 98304] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216] "Standby"="c:\program files (x86)\Common Files\Corel\Standby\Standby.exe" [2010-01-07 105632] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2008-09-06 413696] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224] "YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2010-08-20 136488] "YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2010-09-13 162912] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064] . c:\users\Henk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MailWasherPro.lnk - c:\program files (x86)\Firetrust\MailWasher\MailWasherPro.exe [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136] R2 TeamViewer6;TeamViewer 6;c:\users\Henk\AppData\Local\Temp\TeamViewer\Version6\TeamViewer_Service.exe [x] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900] R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [x] R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x] R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x] R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x] R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280] S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-06-24 92008] S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . Inhoud van de 'Gedeelde Taken' map . 2011-04-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2375226043-92542396-448410196-1001Core.job - c:\users\Henk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-29 17:04] . 2011-04-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2375226043-92542396-448410196-1001UA.job - c:\users\Henk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-29 17:04] . 2011-03-31 c:\windows\Tasks\PCDRScheduledMaintenance.job - c:\program files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18 07:11] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-09-14 610360] "PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [2009-09-17 95728] "VX1000"="c:\windows\vVX1000.exe" [2010-05-20 762736] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360] . ------- Bijkomende Scan ------- . uStart Page = hxxp://nl.woofi.info uLocal Page = c:\windows\system32\blank.htm uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://nl.woofi.info mLocal Page = c:\windows\SysWOW64\blank.htm uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Doel van koppeling converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm FF - ProfilePath - c:\users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\oden2rca.default\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: keyword.URL - hxxp://www.slaago.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=JkNU7dey&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - user.js: keyword.URL - hxxp://www.slaago.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=JkNU7dey&q= . - - - - ORPHANS VERWIJDERD - - - - . URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file) Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) Toolbar-10 - (no file) WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.032" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.abr" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ani" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.apd" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.arw" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bay" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bw" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cr2" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.crw" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cs1" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cur" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dcr" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dcx" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dib" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.djv" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.djvu" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dng" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.emf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.eps" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.erf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.fff" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.fpx" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.hdr" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.icl" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.icn" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.iff" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ilbm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.int" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.inta" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.iw4" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.j2c" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.j2k" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jbr" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jfif" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jif" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jp2" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpc" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2) (S-1-5-21-2375226043-92542396-448410196-1001) @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpe" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2) (S-1-5-21-2375226043-92542396-448410196-1001) @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpeg" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpk" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpx" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.kdc" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.lbm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mef" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mos" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mrw" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.nef" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.nrw" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.orf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pbm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pbr" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pcd" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pct" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pcx" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pef" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pgm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pic" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pict" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pix" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ppm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.psp" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pspbrush" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pspimage" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.raf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ras" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.raw" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rgb" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rgba" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rle" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rsb" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rw2" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rwl" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.sgi" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.sr2" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.srf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tga" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.thm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (S-1-5-21-2375226043-92542396-448410196-1001) @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tiff" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ttc" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ttf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.v30po" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.v30pp" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.v30ppf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wbm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wbmp" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wmf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xbm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xif" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xmp" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xpm" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-04-18 14:41:15 ComboFix-quarantined-files.txt 2011-04-18 12:41 ComboFix2.txt 2011-04-18 10:10 . Pre-Run: 221.668.036.608 bytes beschikbaar Post-Run: 221.005.131.776 bytes beschikbaar . - - End Of File - - 50F537B76F4655FFED44D799282B9B23
  4. henkver1905
    ComboFix 11-04-17.01 - Henk 18-04-2011 11:47:47.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.4095.2475 [GMT 2:00] Gestart vanuit: c:\users\Henk\Downloads\ComboFix.exe AV: AVG Internet Security *Disabled/Updated* {0C939084-9E57-CBDB-EA61-0B0C7F62AF82} FW: AVG Firewall *Disabled* {34A811A1-D438-CA83-C13E-A23981B1E8F9} SP: AVG Internet Security *Disabled/Updated* {B7F27160-B86D-C455-D0D1-307E04E5E53F} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ADS - Windows: deleted 48 bytes in 1 streams. . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\AutocompletePro c:\program files (x86)\AutocompletePro\FireFoxExtension.exe c:\program files (x86)\AutocompletePro\InstTracker.exe c:\program files (x86)\AutocompletePro\support@predictad.com\chrome.manifest c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\browserOverlay.xul c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\options.js c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\options.xul c:\program files (x86)\AutocompletePro\support@predictad.com\chrome\content\utils.js c:\program files (x86)\AutocompletePro\support@predictad.com\defaults\preferences\predictad.js c:\program files (x86)\AutocompletePro\support@predictad.com\install.rdf c:\program files (x86)\AutocompletePro\unins000.dat c:\program files (x86)\AutocompletePro\unins000.exe c:\program files (x86)\Mozilla Firefox\searchplugins\SearchquWebSearch.xml c:\programdata\Tarma Installer c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico c:\users\Henk\AppData\Roaming\EurekaLog c:\users\Henk\AppData\Roaming\EurekaLog\logivert\logivert_HENK-PC.elf c:\users\Henk\AppData\Roaming\Henk3SQLite3.dll c:\users\Henk\AppData\Roaming\Henklog.dat c:\users\Henk\AppData\Roaming\inst.exe c:\users\Henk\AppData\Roaming\Microsoft\Windows\Recent\PinkBlossom.jpg c:\users\Henk\AppData\Roaming\Microsoft\Windows\Recent\Yvaine.jpg c:\users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\oden2rca.default\searchplugins\SearchquWebSearch.xml c:\users\Henk\AppData\Roaming\pcouffin.sys c:\windows\SysWow64\detoured.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2011-03-18 to 2011-04-18 )))))))))))))))))))))))))))))) . . 2011-04-18 10:08 . 2011-04-18 10:08 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-04-18 05:27 . 2011-04-18 05:27 -------- d-----w- c:\users\Henk\AppData\Local\{574CA78C-E64D-4462-85FC-5297C02A44C5} 2011-04-17 03:27 . 2011-04-17 15:27 -------- d-----w- c:\users\Henk\AppData\Local\{22969C1E-F79E-44C3-BBE5-CBC131F38041} 2011-04-16 03:26 . 2011-04-16 15:27 -------- d-----w- c:\users\Henk\AppData\Local\{75E63F3D-A448-4039-9AFF-7FB15C8E1133} 2011-04-16 03:24 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2F0FD13-43B4-414C-9AE0-3E291A75D4BB}\mpengine.dll 2011-04-15 08:52 . 2011-04-15 08:53 -------- d-----w- c:\users\Henk\AppData\Local\{E1FB9E2B-9A24-4F16-92CC-006E34D8605E} 2011-04-14 20:52 . 2011-04-14 20:52 -------- d-----w- c:\users\Henk\AppData\Local\{645F1EE2-1E25-4838-A505-BA48EC9D1004} 2011-04-14 17:47 . 2011-04-14 17:47 -------- d-----w- c:\program files (x86)\AMS Photo Effects 2011-04-14 09:58 . 2011-04-14 09:58 12872 ----a-w- c:\windows\system32\bootdelete.exe 2011-04-14 09:36 . 2011-04-14 12:30 19528 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2011-04-14 09:36 . 2011-04-14 09:36 -------- d-----w- c:\program files\Hitman Pro 3.5 2011-04-14 09:35 . 2011-04-14 09:58 -------- d-----w- c:\programdata\Hitman Pro 2011-04-14 09:27 . 2011-04-14 09:27 -------- d-----w- c:\users\Henk\AppData\Roaming\Malwarebytes 2011-04-14 09:27 . 2011-04-14 09:27 -------- d-----w- c:\programdata\Malwarebytes 2011-04-14 09:27 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-04-14 09:27 . 2011-04-14 13:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-04-14 09:27 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-04-14 08:52 . 2011-04-14 08:52 -------- d-----w- c:\users\Henk\AppData\Local\{29ECDB9E-DE2B-4CEE-AA18-A951A356024F} 2011-04-14 08:50 . 2011-04-14 08:50 -------- d-----w- c:\windows\nl 2011-04-14 08:48 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2011-04-14 08:47 . 2011-04-14 16:48 -------- d-----w- c:\program files (x86)\Microsoft 2011-04-14 08:45 . 2010-08-11 05:13 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2011-04-14 08:45 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll 2011-04-14 08:45 . 2010-08-11 05:19 3860992 ----a-w- c:\windows\system32\UIRibbon.dll 2011-04-14 08:45 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll 2011-04-14 08:44 . 2011-04-14 08:44 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\33adb1f81cbfa8007\InstallManager_WLE_WLE.exe 2011-04-14 08:44 . 2011-04-14 08:44 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2db1ee2b1cbfa8006\MeshBetaRemover.exe 2011-04-14 07:28 . 2011-04-14 07:47 -------- d-----w- c:\users\Henk\AppData\Local\BearShare 2011-04-14 07:28 . 2011-04-14 07:51 -------- d-----w- c:\program files (x86)\BearShare Applications 2011-04-14 07:21 . 2011-04-14 10:07 -------- d-----w- c:\users\Henk\AppData\Roaming\LimeWirePlus 2011-04-14 07:20 . 2011-04-14 07:25 -------- d-----w- c:\program files (x86)\LimeWire Plus 2011-04-14 05:09 . 2011-04-14 05:10 -------- d-----w- c:\users\Henk\AppData\Local\{0A378FF2-83B4-471D-B1F3-D2BD0DA02648} 2011-04-13 04:52 . 2011-04-13 16:53 -------- d-----w- c:\users\Henk\AppData\Local\{BD03C705-DE08-4928-A4E7-6C56BCA02963} 2011-04-12 04:51 . 2011-04-12 16:52 -------- d-----w- c:\users\Henk\AppData\Local\{F8E8B326-75A9-4421-BDA0-57C1557DEE64} 2011-04-11 16:43 . 2011-04-11 16:43 -------- d-----w- c:\users\Henk\AppData\Local\{732EB45C-4BA3-44B5-8CC7-BE9659844F88} 2011-04-11 13:18 . 2011-04-11 13:18 -------- d-----w- c:\windows\SpotmeV2.0.7 2011-04-11 04:42 . 2011-04-11 04:42 -------- d-----w- c:\users\Henk\AppData\Local\{2194F173-0AE8-40C0-9DF5-B680C129B542} 2011-04-10 04:41 . 2011-04-10 16:42 -------- d-----w- c:\users\Henk\AppData\Local\{53F563C5-AB63-4C42-A0C1-E6A32E48E9F3} 2011-04-09 04:40 . 2011-04-09 16:41 -------- d-----w- c:\users\Henk\AppData\Local\{DE67595E-CE71-4A9E-AD64-438F54F5BBA5} 2011-04-08 16:40 . 2011-04-08 16:40 -------- d-----w- c:\users\Henk\AppData\Local\{FBDB819C-1AA9-4201-9B09-D7218F298570} 2011-04-08 13:13 . 2011-04-08 13:16 -------- d-----w- c:\programdata\MyHeritage 2011-04-08 13:13 . 2011-04-08 13:14 -------- d-----w- c:\users\Henk\AppData\Roaming\MyHeritage 2011-04-08 13:13 . 2011-04-08 13:13 -------- d-----w- c:\users\Henk\AppData\Roaming\The Complete Genealogy Reporter - FTB 2011-04-08 13:13 . 2003-07-06 11:07 372736 ----a-w- c:\windows\SysWow64\ijl15.dll 2011-04-08 13:13 . 2002-03-06 22:19 454656 ----a-w- c:\windows\SysWow64\PaintX.dll 2011-04-08 13:13 . 1998-06-23 22:00 137000 ----a-w- c:\windows\SysWow64\msmapi32.ocx 2011-04-08 13:13 . 2011-04-08 13:13 -------- d-----w- c:\program files (x86)\MyHeritage 2011-04-08 04:39 . 2011-04-08 04:39 -------- d-----w- c:\users\Henk\AppData\Local\{5379A433-914B-4A28-8058-99E50019BA49} 2011-04-07 16:39 . 2011-04-07 16:39 -------- d-----w- c:\users\Henk\AppData\Local\{99803589-73DE-4206-820A-25075E1BA598} 2011-04-07 04:38 . 2011-04-07 04:38 -------- d-----w- c:\users\Henk\AppData\Local\{20706712-E0AF-44DA-BDC2-64CA565944D7} 2011-04-06 04:37 . 2011-04-06 16:38 -------- d-----w- c:\users\Henk\AppData\Local\{1DD4F919-438D-47DA-BBF1-DF12F6197723} 2011-04-05 16:36 . 2011-04-05 16:37 -------- d-----w- c:\users\Henk\AppData\Local\{4834F69C-59DE-4886-B739-B2E72847E3C3} 2011-04-05 04:36 . 2011-04-05 04:36 -------- d-----w- c:\users\Henk\AppData\Local\{0A61F791-9340-49EB-9241-59344C5EDA51} 2011-04-04 16:09 . 2011-04-04 16:10 -------- d-----w- c:\users\Henk\AppData\Local\{64C5C7C1-AB94-4060-8B2C-35C835157CB3} 2011-04-04 04:09 . 2011-04-04 04:09 -------- d-----w- c:\users\Henk\AppData\Local\{83506C72-5E9F-4357-864C-14B6DFEB4AE0} 2011-04-03 05:16 . 2011-04-03 05:16 -------- d-----w- c:\users\Henk\AppData\Local\{41180D81-7DC5-40AD-B586-DB2309372034} 2011-04-02 05:15 . 2011-04-02 17:15 -------- d-----w- c:\users\Henk\AppData\Local\{2A2CA6CC-1AA0-45FD-A1A3-474D74C39347} 2011-04-01 05:14 . 2011-04-01 17:14 -------- d-----w- c:\users\Henk\AppData\Local\{78450156-1544-46E7-BB98-9DBC9CA08B6D} 2011-03-31 05:12 . 2011-03-31 17:13 -------- d-----w- c:\users\Henk\AppData\Local\{803D255C-EBF6-43ED-BF17-3A45164D8408} 2011-03-28 19:53 . 2011-03-28 19:53 -------- d-----w- c:\users\Henk\AppData\Local\VanDale 2011-03-28 19:51 . 2011-03-30 10:46 -------- d-----w- c:\users\Henk\AppData\Roaming\Van Dale 2011-03-28 19:51 . 2011-03-30 10:46 -------- d-----w- c:\program files (x86)\Van Dale 2011-03-28 19:50 . 2011-03-28 19:50 -------- d-----w- c:\program files (x86)\Esdnow 2011-03-25 11:58 . 2011-03-25 11:58 -------- d-----w- c:\programdata\Nokia 2011-03-23 18:17 . 2010-09-06 09:26 189520 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-03-14 15:38 . 2011-03-14 15:38 357 ----a-w- c:\users\Henk\AppData\Local\GLF7726.tmp 2011-03-11 05:14 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-03-03 16:13 . 2011-03-03 16:13 385552 ----a-w- c:\windows\SysWow64\FTBSaver.scr 2011-02-24 10:38 . 2010-05-17 12:11 2516 --sha-w- c:\programdata\KGyGaAvL.sys 2011-02-19 06:43 . 2011-03-09 05:16 1139200 ----a-w- c:\windows\system32\FntCache.dll 2011-02-19 06:42 . 2011-03-09 05:16 1544192 ----a-w- c:\windows\system32\DWrite.dll 2011-02-19 06:42 . 2011-03-09 05:16 902656 ----a-w- c:\windows\system32\d2d1.dll 2011-02-19 05:56 . 2011-03-09 05:16 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll 2011-02-19 05:56 . 2011-03-09 05:16 739840 ----a-w- c:\windows\SysWow64\d2d1.dll 2011-02-02 20:40 . 2010-05-09 05:16 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-02-02 17:11 . 2010-05-08 09:35 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-01-26 06:53 . 2011-02-09 07:04 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2011-01-26 06:53 . 2011-02-09 07:04 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2011-01-26 06:31 . 2011-02-09 07:04 144384 ----a-w- c:\windows\system32\cdd.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] 2010-06-23 00:26 194912 ------w- c:\program files (x86)\Yontoo Layers Client\YontooIEClient.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760] "Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2010-04-29 5248312] "IncrediMail"="c:\program files (x86)\IncrediMail\bin\IncMail.exe" [2010-05-17 353736] "WebcamMaxAutoRun"="c:\program files (x86)\WebcamMax\WebcamMax.exe" [2009-12-30 1561232] "TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2010-06-24 247144] "DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 427328] "NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-09-02 672632] "Corel Photo Downloader"="c:\program files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2009-12-30 523408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-08 98304] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216] "Standby"="c:\program files (x86)\Common Files\Corel\Standby\Standby.exe" [2010-01-07 105632] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2008-09-06 413696] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224] "YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2010-08-20 136488] "YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2010-09-13 162912] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064] . c:\users\Henk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MailWasherPro.lnk - c:\program files (x86)\Firetrust\MailWasher\MailWasherPro.exe [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - AvgLdx64 . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . Inhoud van de 'Gedeelde Taken' map . 2011-04-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2375226043-92542396-448410196-1001Core.job - c:\users\Henk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-29 17:04] . 2011-04-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2375226043-92542396-448410196-1001UA.job - c:\users\Henk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-29 17:04] . 2011-03-31 c:\windows\Tasks\PCDRScheduledMaintenance.job - c:\program files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18 07:11] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-09-14 610360] "PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [2009-09-17 95728] "VX1000"="c:\windows\vVX1000.exe" [2010-05-20 762736] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Bijkomende Scan ------- . uStart Page = hxxp://nl.woofi.info uLocal Page = c:\windows\system32\blank.htm uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://nl.woofi.info mLocal Page = c:\windows\SysWOW64\blank.htm uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Doel van koppeling converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm FF - ProfilePath - c:\users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\oden2rca.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776585&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://search.bearshare.com/ FF - prefs.js: keyword.URL - hxxp://www.slaago.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=JkNU7dey&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - user.js: keyword.URL - hxxp://www.slaago.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=JkNU7dey&q= . . ------- Bestandsassociaties ------- . .txt= . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) Toolbar-10 - (no file) Wow6432Node-HKCU-Run-NortonOnlineBackupReminder - c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe Wow6432Node-HKCU-Run-AutoStartNPSAgent - c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe Wow6432Node-HKCU-Run-WaitDialog - c:\users\Henk\AppData\Local\WaitDialog\WaitDialog.dll Wow6432Node-HKLM-Run-HP Remote Solution - %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe Wow6432Node-HKLM-Run-Corel File Shell Monitor - c:\program files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe Wow6432Node-HKLM-Run-NPSStartup - (no file) Toolbar-10 - (no file) WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) AddRemove-Adobe Flash Player ActiveX - c:\windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe AddRemove-AutocompletePro3_is1 - c:\program files (x86)\AutocompletePro\unins000.exe AddRemove-Collectorz.com Book Collector - c:\users\Henk\AppData\Local\Temp\UNWISE.EXE AddRemove-Mio Technology SpeedCam Tool - c:\progra~2\MIOTEC~1\SPEEDC~1\Setup.exe AddRemove-{B60DCA15-56A3-4D2D-8747-22CF7D7B588B} - c:\program files (x86)\InstallShield Installation Information\{B60DCA15-56A3-4D2D-8747-22CF7D7B588B}\setup.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.032" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.abr" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ani" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.apd" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.arw" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bay" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bw" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cr2" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.crw" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cs1" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cur" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dcr" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dcx" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dib" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.djv" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.djvu" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dng" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.emf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.eps" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.erf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.fff" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.fpx" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.hdr" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.icl" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.icn" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.iff" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ilbm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.int" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.inta" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.iw4" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.j2c" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.j2k" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jbr" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jfif" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jif" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jp2" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpc" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2) (S-1-5-21-2375226043-92542396-448410196-1001) @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpe" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2) (S-1-5-21-2375226043-92542396-448410196-1001) @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpeg" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpk" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpx" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.kdc" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.lbm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mef" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mos" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mrw" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.nef" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.nrw" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.orf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pbm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pbr" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pcd" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pct" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pcx" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pef" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pgm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pic" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pict" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pix" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ppm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.psp" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pspbrush" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pspimage" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.raf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ras" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.raw" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rgb" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rgba" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rle" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rsb" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rw2" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rwl" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.sgi" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.sr2" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.srf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tga" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.thm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (S-1-5-21-2375226043-92542396-448410196-1001) @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tiff" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ttc" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ttf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.v30po" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.v30pp" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.v30ppf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wbm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wbmp" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wmf" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xbm" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xif" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xmp" . [HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xpm" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2011-04-18 12:10:23 ComboFix-quarantined-files.txt 2011-04-18 10:10 . Pre-Run: 213.978.058.752 bytes beschikbaar Post-Run: 225.296.900.096 bytes beschikbaar . - - End Of File - - 269AFE6F764A3CDAE26F66F1178B09B2
  5. henkver1905
    ik krijg de melding uminstall avg als ik combofix start
  6. henkver1905
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:10:57, on 17-4-2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Users\Henk\AppData\Local\Temp\TeamViewer\Version6\TeamViewer.exe C:\Windows\vVX1000.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe C:\Program Files (x86)\AVG\AVG8\avgtray.exe C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files (x86)\Cyberlink\YouCam\YCMMirage.exe C:\Program Files (x86)\Cyberlink\YouCam\YouCamTray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\Users\Henk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Henk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Henk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Henk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Henk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Henk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Opera\opera.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\totalcmd\TOTALCMD.EXE C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe C:\Program Files (x86)\ACD Systems\ACDSee\12.0\ACDSee12.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\MONKEY_BUSINESS\alt.binaries.boneless\Anti virus Anti Spyware etc post met veel cleaning tools\Cleaning\Cleaning\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Woofi R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Woofi R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Woofi R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Woofi R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Corel File Shell Monitor] c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe O4 - HKLM\..\Run: [standby] "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [setup] C:\Users\Henk\Downloads\Webshop Shop Factory Gold v7.5.6\setup.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKCU\..\Run: [incrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\WebcamMax.exe" -a O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKCU\..\Run: [WaitDialog] regsvr32 /s /u "C:\Users\Henk\AppData\Local\WaitDialog\WaitDialog.dll" O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray O4 - HKCU\..\Run: [Google Update] "C:\Users\Henk\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Corel Photo Downloader] "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_Plugin.exe -update plugin O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: MailWasherPro.lnk = C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/html - {574940E0-1B7A-4881-8FA3-1E809714B156} - C:\Users\Henk\AppData\LocalLow\Microñoft\redir.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG8\Toolbar\ToolbarBroker.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgfws8.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MSCamSvc - Unknown owner - C:\Program Files\Microsoft LifeCam\MSCamS64.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Users\Henk\AppData\Local\Temp\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 16996 bytes en de malware bites file Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes Databaseversie: 6361 Windows 6.1.7600 Internet Explorer 9.0.8112.16421 17-4-2011 21:21:45 mbam-log-2011-04-17 (21-21-45).txt Scantype: Snelle scan Objecten gescand: 195640 Verstreken tijd: 9 minuut/minuten, 11 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd)
  7. henkver1905
    ik heb het geprobeerd maar kan een paar niet verwijderen
  8. henkver1905
    Kan iemand hier even naar kijken word iedere keer van Live messagner gegooid als iemand online komt Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:40:00, on 14-4-2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Users\Henk\AppData\Local\Temp\TeamViewer\Version6\TeamViewer.exe C:\Windows\vVX1000.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe C:\Program Files (x86)\AVG\AVG8\avgtray.exe C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files (x86)\Cyberlink\YouCam\YCMMirage.exe C:\Program Files (x86)\Cyberlink\YouCam\YouCamTray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE C:\totalcmd\TOTALCMD.EXE C:\Program Files (x86)\WebcamMax\WebcamMax.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Opera\opera.exe C:\Users\Henk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Henk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Henk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Henk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Henk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Henk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\MONKEY_BUSINESS\alt.binaries.boneless\Anti virus Anti Spyware etc post met veel cleaning tools\Cleaning\Cleaning\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Woofi R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Woofi R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Woofi R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Woofi R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: (no name) - *{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file) R3 - URLSearchHook: (no name) - *{9565115d-c7d6-46d3-bd63-b67b481a4368} - (no file) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\ToolBar\searchqudtx.dll (file missing) O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: GdfrDUEn - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Program Files (x86)\Get Styles\enlbrdr.dll O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\ToolBar\searchqudtx.dll (file missing) O3 - Toolbar: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Corel File Shell Monitor] c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe O4 - HKLM\..\Run: [standby] "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [setup] C:\Users\Henk\Downloads\Webshop Shop Factory Gold v7.5.6\setup.exe O4 - HKLM\..\Run: [Norton] c:\windows\system\Norton.exe O4 - HKLM\..\Run: [rundll] c:\windows\rundll.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKCU\..\Run: [incrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\WebcamMax.exe" -a O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKCU\..\Run: [WaitDialog] regsvr32 /s /u "C:\Users\Henk\AppData\Local\WaitDialog\WaitDialog.dll" O4 - HKCU\..\Run: [mnumsg.exe] C:\Program Files (x86)\MyShoppingGenie\mnumsg.exe O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray O4 - HKCU\..\Run: [HKCU] C:\Users\Henk\AppData\Roaming\winupd\winup.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Henk\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Corel Photo Downloader] "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup O4 - HKCU\..\RunOnce: [!BearShareCR] RUNDLL32.EXE C:\Users\Henk\AppData\Local\Temp\INSTAL~1.DLL,_SetChromeAssets http://search.bearshare.com/,http://search.bearshare.com/web?src=crb&systemid=2&q={searchTerms},Web Search,b, O4 - HKCU\..\RunOnce: [!BearShareFF] RUNDLL32.EXE C:\Users\Henk\AppData\Local\Temp\INSTAL~1.DLL,_SetFFAssets Search Web Search,WebSearch,Search-results Web Search, O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files (x86)\Get Styles\ct.htm O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files (x86)\Get Styles\ct.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/html - {574940E0-1B7A-4881-8FA3-1E809714B156} - C:\Users\Henk\AppData\LocalLow\Microñoft\redir.dll O20 - AppInit_DLLs: C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG8\Toolbar\ToolbarBroker.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgfws8.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MSCamSvc - Unknown owner - C:\Program Files\Microsoft LifeCam\MSCamS64.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Users\Henk\AppData\Local\Temp\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 19389 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.