Logje (2)

[henkver1905]

ComboFix 11-04-17.01 - Henk 18-04-2011 14:30:23.2.2 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.4095.2678 [GMT 2:00]

Gestart vanuit: c:\users\Henk\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Henk\Desktop\CFScript.txt..txt

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\users\Henk\AppData\Local\GLF7726.tmp"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\Hitman Pro

c:\programdata\Hitman Pro\Banner.bin

c:\programdata\Hitman Pro\HitmanPro.key

c:\programdata\Hitman Pro\HitmanPro.lic

c:\users\Henk\AppData\Local\{0A378FF2-83B4-471D-B1F3-D2BD0DA02648}

c:\users\Henk\AppData\Local\{0A61F791-9340-49EB-9241-59344C5EDA51}

c:\users\Henk\AppData\Local\{1DD4F919-438D-47DA-BBF1-DF12F6197723}

c:\users\Henk\AppData\Local\{20706712-E0AF-44DA-BDC2-64CA565944D7}

c:\users\Henk\AppData\Local\{2194F173-0AE8-40C0-9DF5-B680C129B542}

c:\users\Henk\AppData\Local\{22969C1E-F79E-44C3-BBE5-CBC131F38041}

c:\users\Henk\AppData\Local\{29ECDB9E-DE2B-4CEE-AA18-A951A356024F}

c:\users\Henk\AppData\Local\{2A2CA6CC-1AA0-45FD-A1A3-474D74C39347}

c:\users\Henk\AppData\Local\{41180D81-7DC5-40AD-B586-DB2309372034}

c:\users\Henk\AppData\Local\{4834F69C-59DE-4886-B739-B2E72847E3C3}

c:\users\Henk\AppData\Local\{5379A433-914B-4A28-8058-99E50019BA49}

c:\users\Henk\AppData\Local\{53F563C5-AB63-4C42-A0C1-E6A32E48E9F3}

c:\users\Henk\AppData\Local\{574CA78C-E64D-4462-85FC-5297C02A44C5}

c:\users\Henk\AppData\Local\{645F1EE2-1E25-4838-A505-BA48EC9D1004}

c:\users\Henk\AppData\Local\{64C5C7C1-AB94-4060-8B2C-35C835157CB3}

c:\users\Henk\AppData\Local\{732EB45C-4BA3-44B5-8CC7-BE9659844F88}

c:\users\Henk\AppData\Local\{75E63F3D-A448-4039-9AFF-7FB15C8E1133}

c:\users\Henk\AppData\Local\{78450156-1544-46E7-BB98-9DBC9CA08B6D}

c:\users\Henk\AppData\Local\{803D255C-EBF6-43ED-BF17-3A45164D8408}

c:\users\Henk\AppData\Local\{83506C72-5E9F-4357-864C-14B6DFEB4AE0}

c:\users\Henk\AppData\Local\{99803589-73DE-4206-820A-25075E1BA598}

c:\users\Henk\AppData\Local\{BD03C705-DE08-4928-A4E7-6C56BCA02963}

c:\users\Henk\AppData\Local\{DE67595E-CE71-4A9E-AD64-438F54F5BBA5}

c:\users\Henk\AppData\Local\{E1FB9E2B-9A24-4F16-92CC-006E34D8605E}

c:\users\Henk\AppData\Local\{F8E8B326-75A9-4421-BDA0-57C1557DEE64}

c:\users\Henk\AppData\Local\{FBDB819C-1AA9-4201-9B09-D7218F298570}

c:\users\Henk\AppData\Local\GLF7726.tmp

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-03-18 to 2011-04-18 ))))))))))))))))))))))))))))))

.

.

2011-04-18 12:39 . 2011-04-18 12:39 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-04-18 10:33 . 2011-04-18 10:33 -------- d-----w- c:\users\Henk\AppData\Roaming\AVG10

2011-04-18 10:32 . 2011-04-18 10:32 -------- d--h--w- c:\programdata\Common Files

2011-04-18 10:29 . 2011-04-18 12:25 -------- d-----w- c:\programdata\AVG10

2011-04-18 10:12 . 2011-04-18 10:24 -------- d-----w- c:\programdata\MFAData

2011-04-16 03:24 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2F0FD13-43B4-414C-9AE0-3E291A75D4BB}\mpengine.dll

2011-04-14 17:47 . 2011-04-14 17:47 -------- d-----w- c:\program files (x86)\AMS Photo Effects

2011-04-14 09:58 . 2011-04-14 09:58 12872 ----a-w- c:\windows\system32\bootdelete.exe

2011-04-14 09:36 . 2011-04-14 12:30 19528 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-04-14 09:36 . 2011-04-14 09:36 -------- d-----w- c:\program files\Hitman Pro 3.5

2011-04-14 09:27 . 2011-04-14 09:27 -------- d-----w- c:\users\Henk\AppData\Roaming\Malwarebytes

2011-04-14 09:27 . 2011-04-14 09:27 -------- d-----w- c:\programdata\Malwarebytes

2011-04-14 09:27 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-04-14 09:27 . 2011-04-14 13:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-04-14 09:27 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-04-14 08:50 . 2011-04-14 08:50 -------- d-----w- c:\windows\nl

2011-04-14 08:48 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys

2011-04-14 08:47 . 2011-04-14 16:48 -------- d-----w- c:\program files (x86)\Microsoft

2011-04-14 08:45 . 2010-08-11 05:13 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll

2011-04-14 08:45 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll

2011-04-14 08:45 . 2010-08-11 05:19 3860992 ----a-w- c:\windows\system32\UIRibbon.dll

2011-04-14 08:45 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll

2011-04-14 08:44 . 2011-04-14 08:44 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\33adb1f81cbfa8007\InstallManager_WLE_WLE.exe

2011-04-14 08:44 . 2011-04-14 08:44 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2db1ee2b1cbfa8006\MeshBetaRemover.exe

2011-04-14 07:28 . 2011-04-14 07:47 -------- d-----w- c:\users\Henk\AppData\Local\BearShare

2011-04-14 07:28 . 2011-04-14 07:51 -------- d-----w- c:\program files (x86)\BearShare Applications

2011-04-14 07:21 . 2011-04-14 10:07 -------- d-----w- c:\users\Henk\AppData\Roaming\LimeWirePlus

2011-04-14 07:20 . 2011-04-14 07:25 -------- d-----w- c:\program files (x86)\LimeWire Plus

2011-04-11 13:18 . 2011-04-11 13:18 -------- d-----w- c:\windows\SpotmeV2.0.7

2011-04-08 13:13 . 2011-04-08 13:16 -------- d-----w- c:\programdata\MyHeritage

2011-04-08 13:13 . 2011-04-08 13:14 -------- d-----w- c:\users\Henk\AppData\Roaming\MyHeritage

2011-04-08 13:13 . 2011-04-08 13:13 -------- d-----w- c:\users\Henk\AppData\Roaming\The Complete Genealogy Reporter - FTB

2011-04-08 13:13 . 2003-07-06 11:07 372736 ----a-w- c:\windows\SysWow64\ijl15.dll

2011-04-08 13:13 . 2002-03-06 22:19 454656 ----a-w- c:\windows\SysWow64\PaintX.dll

2011-04-08 13:13 . 1998-06-23 22:00 137000 ----a-w- c:\windows\SysWow64\msmapi32.ocx

2011-04-08 13:13 . 2011-04-08 13:13 -------- d-----w- c:\program files (x86)\MyHeritage

2011-03-28 19:53 . 2011-03-28 19:53 -------- d-----w- c:\users\Henk\AppData\Local\VanDale

2011-03-28 19:51 . 2011-03-30 10:46 -------- d-----w- c:\users\Henk\AppData\Roaming\Van Dale

2011-03-28 19:51 . 2011-03-30 10:46 -------- d-----w- c:\program files (x86)\Van Dale

2011-03-28 19:50 . 2011-03-28 19:50 -------- d-----w- c:\program files (x86)\Esdnow

2011-03-25 11:58 . 2011-03-25 11:58 -------- d-----w- c:\programdata\Nokia

2011-03-23 18:17 . 2010-09-06 09:26 189520 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-03-11 05:14 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-03-03 16:13 . 2011-03-03 16:13 385552 ----a-w- c:\windows\SysWow64\FTBSaver.scr

2011-02-24 10:38 . 2010-05-17 12:11 2516 --sha-w- c:\programdata\KGyGaAvL.sys

2011-02-19 06:43 . 2011-03-09 05:16 1139200 ----a-w- c:\windows\system32\FntCache.dll

2011-02-19 06:42 . 2011-03-09 05:16 1544192 ----a-w- c:\windows\system32\DWrite.dll

2011-02-19 06:42 . 2011-03-09 05:16 902656 ----a-w- c:\windows\system32\d2d1.dll

2011-02-19 05:56 . 2011-03-09 05:16 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll

2011-02-19 05:56 . 2011-03-09 05:16 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2011-02-02 20:40 . 2010-05-09 05:16 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2011-02-02 17:11 . 2010-05-08 09:35 270720 ------w- c:\windows\system32\MpSigStub.exe

2011-01-26 06:53 . 2011-02-09 07:04 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2011-01-26 06:53 . 2011-02-09 07:04 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2011-01-26 06:31 . 2011-02-09 07:04 144384 ----a-w- c:\windows\system32\cdd.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2011-04-18_10.08.49 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-01-04 23:10 . 2011-04-18 12:28 63912 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2011-04-18 12:28 41576 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2010-05-08 09:05 . 2011-04-18 12:28 14818 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2375226043-92542396-448410196-1001_UserData.bin

+ 2009-07-14 05:30 . 2011-04-18 10:31 86016 c:\windows\system32\DriverStore\infpub.dat

- 2009-07-14 05:30 . 2011-04-18 09:43 86016 c:\windows\system32\DriverStore\infpub.dat

+ 2010-07-12 02:34 . 2010-07-12 02:34 57696 c:\windows\system32\DriverStore\FileRepository\avgfwfd6.inf_amd64_neutral_af63b8978046ec26\avgfwd6a.sys

+ 2010-07-12 02:34 . 2010-07-12 02:34 57696 c:\windows\system32\drivers\avgfwd6a.sys

- 2010-05-08 11:00 . 2011-04-18 08:05 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-05-08 11:00 . 2011-04-18 10:45 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-05-08 11:00 . 2011-04-18 08:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2010-05-08 11:00 . 2011-04-18 10:45 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2011-04-18 08:05 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2011-04-18 10:45 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2011-04-18 07:59 . 2011-04-18 07:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-04-18 12:26 . 2011-04-18 12:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-04-18 12:26 . 2011-04-18 12:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2011-04-18 07:59 . 2011-04-18 07:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-07-14 05:30 . 2011-04-18 10:31 143360 c:\windows\system32\DriverStore\infstrng.dat

- 2009-07-14 05:30 . 2011-04-18 09:43 143360 c:\windows\system32\DriverStore\infstrng.dat

+ 2009-07-14 05:30 . 2011-04-18 10:31 143360 c:\windows\system32\DriverStore\infstor.dat

- 2009-07-14 05:30 . 2011-04-18 09:43 143360 c:\windows\system32\DriverStore\infstor.dat

+ 2011-03-21 08:24 . 2011-04-18 12:25 106736 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

- 2009-07-14 05:01 . 2011-04-18 07:59 525340 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2011-04-18 12:25 525340 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2010-12-19 22:37 . 2011-04-18 12:17 1337812 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2375226043-92542396-448410196-1001-12288.dat

- 2010-12-19 22:37 . 2011-04-14 12:25 1337812 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2375226043-92542396-448410196-1001-12288.dat

+ 2010-07-23 12:08 . 2010-07-23 12:08 8544256 c:\windows\Installer\84d898.msi

+ 2011-04-18 10:39 . 2011-04-18 10:39 1956864 c:\windows\Installer\49218.msi

+ 2011-01-10 07:54 . 2011-01-10 07:54 4920832 c:\windows\Installer\2ecb1.msi

- 2009-07-14 02:34 . 2011-04-18 08:09 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat

+ 2009-07-14 02:34 . 2011-04-18 10:48 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat

+ 2010-05-08 09:16 . 2011-04-18 12:25 11557980 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2375226043-92542396-448410196-1001-8192.dat

- 2010-05-08 09:16 . 2011-04-15 20:40 11557980 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2375226043-92542396-448410196-1001-8192.dat

+ 2010-12-19 22:37 . 2011-04-18 10:26 13370884 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2375226043-92542396-448410196-1001-4096.dat

- 2010-12-19 22:37 . 2011-04-14 12:25 13370884 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2375226043-92542396-448410196-1001-4096.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]

2010-06-23 00:26 194912 ------w- c:\program files (x86)\Yontoo Layers Client\YontooIEClient.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]

"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]

"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2010-04-29 5248312]

"IncrediMail"="c:\program files (x86)\IncrediMail\bin\IncMail.exe" [2010-05-17 353736]

"WebcamMaxAutoRun"="c:\program files (x86)\WebcamMax\WebcamMax.exe" [2009-12-30 1561232]

"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2010-06-24 247144]

"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 427328]

"NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-09-02 672632]

"Corel Photo Downloader"="c:\program files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2009-12-30 523408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-08 98304]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]

"Standby"="c:\program files (x86)\Common Files\Corel\Standby\Standby.exe" [2010-01-07 105632]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2008-09-06 413696]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]

"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2010-08-20 136488]

"YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2010-09-13 162912]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]

.

c:\users\Henk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

MailWasherPro.lnk - c:\program files (x86)\Firetrust\MailWasher\MailWasherPro.exe [N/A]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]

R2 TeamViewer6;TeamViewer 6;c:\users\Henk\AppData\Local\Temp\TeamViewer\Version6\TeamViewer_Service.exe [x]

R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]

R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [x]

R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]

R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]

R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]

R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]

S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-06-24 92008]

S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

.

.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

.

Inhoud van de 'Gedeelde Taken' map

.

2011-04-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2375226043-92542396-448410196-1001Core.job

- c:\users\Henk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-29 17:04]

.

2011-04-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2375226043-92542396-448410196-1001UA.job

- c:\users\Henk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-29 17:04]

.

2011-03-31 c:\windows\Tasks\PCDRScheduledMaintenance.job

- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18 07:11]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-09-14 610360]

"PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [2009-09-17 95728]

"VX1000"="c:\windows\vVX1000.exe" [2010-05-20 762736]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://nl.woofi.info

uLocal Page = c:\windows\system32\blank.htm

uDefault_Search_URL = hxxp://www.google.com/ie

mStart Page = hxxp://nl.woofi.info

mLocal Page = c:\windows\SysWOW64\blank.htm

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Doel van koppeling converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: Toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm

IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm

FF - ProfilePath - c:\users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\oden2rca.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: keyword.URL - hxxp://www.slaago.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=JkNU7dey&q=

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

FF - user.js: keyword.URL - hxxp://www.slaago.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=JkNU7dey&q=

.

- - - - ORPHANS VERWIJDERD - - - -

.

URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

Toolbar-10 - (no file)

WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.032"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.abr"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.ani"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.apd"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.arw"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.bay"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.bw"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.cr2"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.crw"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.cs1"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.cur"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.dcr"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.dcx"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.dib"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.djv"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.djvu"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.dng"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.emf"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.eps"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.erf"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.fff"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.fpx"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.hdr"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.icl"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.icn"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.iff"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.ilbm"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.int"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.inta"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.iw4"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.j2c"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.j2k"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.jbr"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.jfif"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.jif"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.jp2"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.jpc"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]

@Denied: (2) (S-1-5-21-2375226043-92542396-448410196-1001)

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.jpe"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]

@Denied: (2) (S-1-5-21-2375226043-92542396-448410196-1001)

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.jpeg"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.jpk"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.jpx"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.kdc"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.lbm"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.mef"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.mos"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.mrw"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.nef"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.nrw"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.orf"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.pbm"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.pbr"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.pcd"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.pct"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.pcx"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.pef"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.pgm"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.pic"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.pict"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.pix"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.ppm"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.psp"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.pspbrush"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.pspimage"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.raf"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.ras"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.raw"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.rgb"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.rgba"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.rle"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.rsb"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.rw2"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.rwl"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.sgi"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.sr2"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.srf"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.tga"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.thm"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]

@Denied: (2) (S-1-5-21-2375226043-92542396-448410196-1001)

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.tiff"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.ttc"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.ttf"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.v30po"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.v30pp"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.v30ppf"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.wbm"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.wbmp"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.wmf"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.xbm"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.xif"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.xmp"

.

[HKEY_USERS\S-1-5-21-2375226043-92542396-448410196-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Photo Manager 12.xpm"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2011-04-18 14:41:15

ComboFix-quarantined-files.txt 2011-04-18 12:41

ComboFix2.txt 2011-04-18 10:10

.

Pre-Run: 221.668.036.608 bytes beschikbaar

Post-Run: 221.005.131.776 bytes beschikbaar

.

- - End Of File - - 50F537B76F4655FFED44D799282B9B23

[kape]

En hoe staat het nu met het probleem ?

[henkver1905]

mijn broer is online maar daar heb ik geen probleem mee wacht nu of er iemand online komt

[henkver1905]

Zo te zien werkt het nu mijn dank is groot voor alle hulp

[kape]

Problemen van de baan, dan is het tijd voor de “grote schoonmaak” : verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten.

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit

• via Start -> Configuratiescherm -> Systeem -> Systeembeveiliging -> schakel nu systeemherstel uit door de gewenste schijf te selecteren en op "configureren" te klikken.
  
• Klik nu op "verwijderen" om alle herstelpunten te verwijderen.
  
• Klik op "Toepassen" en "OK".
  
• Herstart nu de PC.
  

That's it !